Rapport de ZHPDiag v1.28.22 par Nicolas Coolman, Update du 04/11/2011 Run by Sarah at 04/11/2011 23:06:24 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html State : Version à jour. ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.19154 MFIE: Mozilla Firefox 7.0.1 v7.0.1 (Defaut) ---\\ Windows Product Information Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK ~ Vista, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : RPFFV Windows License : OK Windows Automatic Updates : OK ---\\ System Information ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2046 MB (44% free) System Restore: Activé (Enable) System drive C: has 27 GB (31%) free of 85 GB ---\\ Logged in mode ~ Computer Name: PCSARAH ~ User Name: Sarah ~ All Users Names: Sarah, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Sarah\AppData\Roaming\ ~ %Desktop% : C:\Users\Sarah\Desktop\ ~ %Favorites% : C:\Users\Sarah\Favorites\ ~ %LocalAppData% : C:\Users\Sarah\AppData\Local\ ~ %StartMenu% : C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 27 Go of 85 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 41 Go of 57 Go) E:\ CD-ROM drive (Not Inserted) F:\ Floppy drive, Flash card reader, USB Key (Not Inserted) G:\ Hard drive, Flash drive, Thumb drive (Free 130 Go of 297 Go) H:\ CD-ROM drive (Free 0 Go of 1 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.18/01/2011 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.18/01/2011 - 08:33:37.) -- C:\Windows\system32\Wininit.exe [96768] [MD5.18F17E90657528C232B1944DEB4EC160] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/10/2011 - 00:06:24.) -- C:\Windows\system32\wininet.dll [916480] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.18/01/2011 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368] [MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.18/01/2011 - 08:34:10.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] [MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.15/06/2011 - 14:58:27.) -- C:\Windows\system32\drivers\AFD.sys [273408] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.18/01/2011 - 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.18/01/2011 - 06:28:02.) -- C:\Windows\system32\drivers\Cdfs.sys [70144] [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.18/01/2011 - 05:39:17.) -- C:\Windows\system32\drivers\Cdrom.sys [67072] [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.15/06/2011 - 15:59:03.) -- C:\Windows\system32\drivers\DfsC.sys [75264] [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.18/01/2011 - 05:42:42.) -- C:\Windows\system32\drivers\HDAudBus.sys [561152] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.18/01/2011 - 06:49:18.) -- C:\Windows\system32\drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.18/01/2011 - 06:56:28.) -- C:\Windows\system32\drivers\IpNat.sys [100864] [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/06/2011 - 14:24:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [106496] [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.18/01/2011 - 05:45:37.) -- C:\Windows\system32\drivers\netBT.sys [185856] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.18/01/2011 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880] [MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.18/01/2011 - 06:56:34.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288] [MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\drivers\rdpdr.sys [242688] [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.18/01/2011 - 05:45:22.) -- C:\Windows\system32\drivers\smb.sys [66560] [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.18/01/2011 - 05:45:56.) -- C:\Windows\system32\drivers\tdx.sys [72192] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 10/5292 ~ Mes musiques (My Musics) : 831/3655 ~ Mes Videos (My Videos) : 1/2 ~ Mes Favoris (My Favorites) : 1/2 ~ Mes Documents (My Documents) : 58/1496 ~ Mon Bureau (My Desktop) : 4/660 ~ Menu demarrer (Programs) : 6/29 ~ Scan Hidden Files in 00mn 09s ---\\ Processus lancés [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3520] [MD5.24B588F915B45310229D5C3F3674D356] - (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe [801792] [PID.3936] [MD5.5300552AC15F1A877C4B6BB6512AD1FD] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe [1387288] [PID.4044] [MD5.EC690A15477CD5FBC14C8189693CD940] - (.TOSHIBA CORPORATION. - TosBtMng.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2752512] [PID.1456] [MD5.A7B50F4EE28D7AA1F8AC981C2F2980B1] - (.TOSHIBA CORPORATION. - TosA2dp.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe [278528] [PID.3992] [MD5.2C92B17E820094F37037B6CE114BEB69] - (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe [69632] [PID.2364] [MD5.8C35DB52F07A78E8DF230D76F141FD29] - (.TOSHIBA CORPORATION. - TosBtHSP.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe [270336] [PID.4056] [MD5.E82ADC820CF15386E2FE24806B20A248] - (.TOSHIBA CORPORATION. - TosAVRC.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe [278528] [PID.2240] [MD5.C5524B62EDEB1B5AED7431B5387D10C1] - (.TOSHIBA CORPORATION. - tosOBEX.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe [311296] [PID.2688] [MD5.61F5A23510D46FE7C02931604AFC8407] - (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE [149784] [PID.2656] [MD5.A427777B8571A9B5B4F4BE1C02854353] - (.TOSHIBA CORPORATION. - TosBtProc.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe [2170880] [PID.4612] [MD5.4E5585800B561FBEF64B27425365A36F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [PID.904] [MD5.83F4BA8B8CDA4F063AA2002955A508A9] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.2660] [MD5.6EE99B6BC3F93C4F68A780781F2A638D] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [697344] [PID.5532] [MD5.CFCE43B70CA0CC4DCC8ADB62B792B173] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736] [PID.] [MD5.E4ED5D392AA1135981B41A0826AE1379] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [733184] [PID.] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.] [MD5.66597AD6098352D11239C0C42100B176] - (.Pas de propriétaire - ASLDR Service.) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208] [PID.] [MD5.D1E30EEA74ED4C65A72AFDE5B6FA36EE] - (.Pas de propriétaire - spmgr Module.) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [123248] [PID.] [MD5.76148C3159718B701252F87B067904A6] - (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [77824] [PID.] [MD5.A5CB074F34BBD89948E34A630D459C0C] - (.Microsoft Corporation - Microsoft Network Inspection System.) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944] [PID.] [MD5.6C480FD77C86F752F5E83C918B0EDCBB] - (.ATK0100 - HControl.) -- C:\Program Files\ATK Hotkey\Hcontrol.exe [225280] [PID.] [MD5.C1F251686AEDBEF3D173A804B7CF7314] - (.Pas de propriétaire - ATKOSD2.) -- C:\Program Files\ATKOSD2\ATKOSD2.exe [7708672] [PID.] [MD5.59B24A9DAF3B716C7425520CA25EDCA0] - (.Pas de propriétaire - Wireless Console 2.) -- C:\Program Files\Wireless Console 2\wcourier.exe [1036288] [PID.] [MD5.5F7F0D90DEA26E5BE2E03E71FA13D2A4] - (.ATK - Power4Gear eXtreme.) -- C:\Program Files\P4G\BatteryLife.exe [176128] [PID.] [MD5.E6472D823467F9CBB17225D4C72306C5] - (.ATK - ACMON.) -- C:\Program Files\ASUS\Splendid\ACMON.exe [843776] [PID.] [MD5.16DEF7EBCB7BB73A55F7486C6D42E288] - (.Pas de propriétaire - ATKOSD.) -- C:\Program Files\ATK Hotkey\ATKOSD.exe [2420736] [PID.] [MD5.A391896CD406E6377F5CEF31FDC12019] - (.ASUSTeK - ACEngSvr Module.) -- C:\Windows\System32\ACEngSvr.exe [155648] [PID.] [MD5.A30E7036045BCC35D90DED2FE7642758] - (.Pas de propriétaire - KBFiltr Application.) -- C:\Program Files\ATK Hotkey\KBFiltr.exe [77824] [PID.] [MD5.94E920BE59B9AB65D95E582DBAA136AC] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [366152] [PID.] ~ Scan Processes Running in 00mn 03s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\vxxjpfvl.default\prefs.js M3 - MFPP: Plugins - [Sarah] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Sarah] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [Sarah] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Sarah] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Sarah] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Sarah] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Sarah] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M0 - MFSP: prefs.js [Sarah - vxxjpfvl.default] www.google.fr P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation - Next Generation Java Plug-in 10.1.0 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll ~ Scan BHO in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - HKLM\..\Run: [PlusService] . (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-957835615-1212435832-4123057073-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk . (.FileHippo.com.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe O4 - Global Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\Sarah\Desktop\COMPTE 2011 - Raccourci.lnk . (...) -- C:\Users\Sarah\Documents\COMPTE 2011.xlsx O4 - Global Startup: C:\Users\Sarah\Desktop\Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe O4 - Global Startup: C:\Users\Sarah\Desktop\PDF-Viewer.lnk . (.Tracker Software Products Ltd..) -- C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe O4 - Global Startup: C:\Users\Sarah\Desktop\WhoCrashed.lnk . (...) -- C:\Program Files\WhoCrashed\whocrashed.exe O4 - Global Startup: C:\Users\Sarah\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - Global Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\SnippingTool.exe ~ Scan Global Startup in 00mn 01s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Add to Google Photos Screensa&ver - (.not file.) - C:\Windows\system32\GPhotos.scr\ O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\PROGRA~1\MICROS~4\Office12\EXCEL.exe\ ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll, (.not file.) O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~4\Office12\REFBARH.ICO ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{3D7A557A-1627-4388-A212-908083261931}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{B19E9451-388D-46CF-B98C-DFCAEFD8306A}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{3D7A557A-1627-4388-A212-908083261931}: DhcpDomain = lan O17 - HKLM\System\CS1\Services\Tcpip\..\{B19E9451-388D-46CF-B98C-DFCAEFD8306A}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{3D7A557A-1627-4388-A212-908083261931}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{B19E9451-388D-46CF-B98C-DFCAEFD8306A}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{3D7A557A-1627-4388-A212-908083261931}: DhcpDomain = lan ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: ASLDR Service (ASLDRService) . (.Pas de propriétaire - ASLDR Service.) - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe O23 - Service: (gpsvc) - Clé orpheline O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: spmgr (spmgr) . (.Pas de propriétaire - spmgr Module.) - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe ~ Scan Desktop Component in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ Scan Keys in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] [APT] [Launch HTC Sync Loader] (...) -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- c:\program files\iwin games\iWinGames.exe (.not file.) [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe ~ Scan Scheduled Task in 00mn 03s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (...) -- C:\Windows\system32\ie4uinit.exe, O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: (no name) - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: .NET Framework - {3C3901C5-3455-3E0A-A214-0B093A5070A6} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: (no name) - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: Address Book 7 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: .NET Framework - {7C028AF8-F614-47B3-82DA-BA94E41B1089} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (...) -- C:\Windows\system32\iedkcs32.dll, O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (...) -- C:\Windows\system32\ie4uinit.exe, O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (...) -- C:\Windows\system32\ie4uinit.exe, O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} . (...) -- C:\Windows\system32\ie4uinit.exe, O40 - ASIC: .NET Framework - {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} . (...) -- C:\Windows\system32\ie4uinit.exe, O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} . (...) -- C:\Windows\system32\ie4uinit.exe, O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} . (...) -- C:\Windows\system32\ie4uinit.exe, O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (...) -- C:\Windows\system32\ie4uinit.exe, O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} . (...) -- C:\Windows\system32\ie4uinit.exe, O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} . (...) -- C:\Windows\system32\ie4uinit.exe, ~ Scan Active Setup in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys, (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\system32\DRIVERS\MpFilter.sys O41 - Driver: (MpKsl82035938) . (. - .) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{681FAD82-AE1B-4D9C-BAC7-BC7794E09BFF}\MpKsl82035938.sys (.not file.) O41 - Driver: (MpKslef4f3a15) . (.Microsoft Corporation - KSLDriver.) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{893A5C0A-B7C3-4A31-A436-9E2AE708D1BE}\MpKslef4f3a15.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys, (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll, (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll, (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys O41 - Driver: (Tosrfcom) . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) - C:\Windows\system32\Drivers\tosrfcom.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: ASUS InstantFun - (.ASUS.) [HKLM] -- {57B15AD4-8C9D-4164-82BB-E33D8644E757} O42 - Logiciel: ASUS Splendid Video Enhancement Technology - (.ASUSTeK.) [HKLM] -- {C0FC1C14-4824-4A73-87A6-9E888C9C3102} O42 - Logiciel: ASUS Touch Pad Extra - (.Pas de propriétaire.) [HKLM] -- {DB891739-2EB3-45A8-9CBD-941C255CECD4} O42 - Logiciel: ATI Uninstaller - (.ATI Technologies, Inc..) [HKLM] -- ATI Uninstaller O42 - Logiciel: ATK Hotkey - (.ATK.) [HKLM] -- {3912D529-02BC-4CA8-B5ED-0D0C20EB6003} O42 - Logiciel: ATK Media - (.Pas de propriétaire.) [HKLM] -- {139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C} O42 - Logiciel: ATKOSD2 - (.ATK.) [HKLM] -- {5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6} O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {ACEB2BAF-96DF-48FD-ADD5-43842D4C443D} O42 - Logiciel: Adobe Digital Editions - (.Pas de propriétaire.) [HKLM] -- Digital Editions O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader X (10.1.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {A83279FD-CA4B-4206-9535-90974DE76654} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C6579A65-9CAE-4B31-8B6B-3306E0630A66} O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7} O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} O42 - Logiciel: Bluetooth Stack for Windows by Toshiba - (.Pas de propriétaire.) [HKLM] -- {CEBB6BFB-D708-4F99-A633-BC2600E01EF6} O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM] -- {15634701-BACE-4449-8B25-1567DA8C9FD3} O42 - Logiciel: FileHippo.com Update Checker - (.Pas de propriétaire.) [HKLM] -- FileHippo.com O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {B3FED300-806C-11E0-A0D0-B8AC6F97B88E} O42 - Logiciel: HTC BMP USB Driver - (.HTC.) [HKLM] -- {31A559C1-9E4D-423B-9DD3-34A6C5398752} O42 - Logiciel: Harry Potter TM - (.Pas de propriétaire.) [HKLM] -- {3F50AF3B-8997-4916-0095-99D63DDB785A} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8} O42 - Logiciel: Java(TM) 7 Update 1 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217001FF} O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM] -- {FF167195-9EE4-46C0-8CD7-FBA3457E88AB} O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM] -- {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD} O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM] -- {1651216E-E7AD-4250-92A1-FB8ED61391C9} O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM] -- {83C8FA3C-F4EA-46C4-8392-D3CE353738D6} O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM] -- {71E66D3F-A009-44AB-8784-75E2819BA4BA} O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM] -- {08610298-29AE-445B-B37D-EFBE05802967} O42 - Logiciel: LWS Twitter - (.Logitech.) [HKLM] -- {174A3B31-4C43-43DD-866F-73C9DB887B48} O42 - Logiciel: LWS Video Mask Maker - (.Logitech.) [HKLM] -- {EED027B7-0DB6-404B-8F45-6DFEE34A0441} O42 - Logiciel: LWS VideoEffects - (.Logitech.) [HKLM] -- {138A4072-9E64-46BD-B5F9-DB2BB395391F} O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM] -- {9DAEA76B-E50F-4272-A595-0124E826553D} O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM] -- {8937D274-C281-42E4-8CDB-A0B2DF979189} O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM] -- {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E} O42 - Logiciel: Logitech SetPoint 6.32 - (.Logitech.) [HKLM] -- sp6 O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {D40EB009-0499-459c-A8AF-C9C110766215} O42 - Logiciel: MATLAB R2009a - (.The MathWorks, Inc..) [HKLM] -- MatlabR2009a O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB973685) - (.Microsoft Corporation.) [HKLM] -- {859DFA95-E4A6-48CD-B88E-A3E483E89B44} O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM] -- {196467F1-C11F-4F76-858B-5812ADC83B94} O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Messenger Plus! 5 - (.Yuna Software.) [HKLM] -- Messenger Plus! O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E} O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {05BFB060-4F22-4710-B0A2-2801A1B606C5} O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8} O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B} O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825} O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Motorola SM56 Speakerphone Modem - (.Motorola Inc.) [HKLM] -- SMSERIAL O42 - Logiciel: MozBackup 1.5.1 - (.Pavel Cvrcek.) [HKLM] -- MozBackup O42 - Logiciel: Mozilla Firefox 7.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 7.0.1 (x86 fr) O42 - Logiciel: NB Probe - (.Pas de propriétaire.) [HKLM] -- {6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD} O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {AC599724-5755-48C1-ABE7-ABB857652930} O42 - Logiciel: PDF-Viewer - (.Tracker Software Products Ltd.) [HKLM] -- {A278382D-4F1B-4D47-9885-8523F7261E8D}_is1 O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) - (.Nokia.) [HKLM] -- 3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F O42 - Logiciel: Package de pilotes Windows - OEM (cxbu1wdm) SmartCardReader (08/28/2009 1.2.1.2) - (.OEM.) [HKLM] -- 1B697B96C1AC143F0E9A6E7F8FA418FC93DD3C53 O42 - Logiciel: Package de pilotes Windows - SCM Microsystems Inc. (SCR3XX2K) SmartCardReader (05/21/2009 4.45) - (.SCM Microsystems Inc..) [HKLM] -- 990509C362074425260204710EF5CB0F38A30308 O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3 O42 - Logiciel: Power4Gear eXtreme - (.ATK.) [HKLM] -- {8CFEBE9C-F29F-4C49-80E0-7106970F8734} O42 - Logiciel: PowerForPhone - (.PowerForPhone.) [HKLM] -- {FC3D290D-79BE-44B7-ABF9-FDD110925930} O42 - Logiciel: Python 2.7 pycrypto-2.3 - (.Dwayne C. Litzenberger.) [HKLM] -- {422EB670-90F6-4332-AEAE-5128AFF84FDD} O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {7BE15435-2D3E-4B58-867F-9C75BED0208C} O42 - Logiciel: RETC - (.UCR.) [HKLM] -- {E0B05462-5754-4964-BD9B-5C501D0CA960} O42 - Logiciel: Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista - (.Realtek.) [HKLM] -- {AE46ABD3-D625-467F-B5A7-8D3FFF077F0D} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek.) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D} O42 - Logiciel: Revo Uninstaller 1.92 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Composite Device O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0 O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem O42 - Logiciel: SAMSUNG USB Mobile Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG USB Mobile Device O42 - Logiciel: Samsung Mobile Modem Device Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile Modem Device O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870 O42 - Logiciel: SpeedFan (remove only) - (.Pas de propriétaire.) [HKLM] -- SpeedFan O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523 O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: VLC media player 1.1.10 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: WhoCrashed 3.02 - (.Resplendence Software Projects Sp..) [HKLM] -- WhoCrashed_is1 O42 - Logiciel: WinFlash - (.Pas de propriétaire.) [HKLM] -- {DE10AB76-4756-4913-BE25-55D1C1051F9A} O42 - Logiciel: WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B} O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} O42 - Logiciel: Wireless Console 2 - (.ATK.) [HKLM] -- {83F73CB1-7705-49D1-9852-84D839CA2A45} O42 - Logiciel: ccc-Branding - (.ATI.) [HKLM] -- {6E32B134-CA8D-49DD-B94C-0DB155CE70B5} O42 - Logiciel: eReg - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {29ED20C9-5E15-4969-9279-25BF3727A3DA} ---\\ HKCU & HKLM Software Keys [HKCU\Software\ASUS] [HKCU\Software\ATI Technologies Inc.] [HKCU\Software\ATK Media] [HKCU\Software\AVAST Software] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Aureal] [HKCU\Software\Boolat Games] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CocoonSoftware] [HKCU\Software\DVDVideoSoft] [HKCU\Software\FileHippo.com] [HKCU\Software\Google] [HKCU\Software\HookNetwork] [HKCU\Software\IM Providers] [HKCU\Software\Innovative Solutions] [HKCU\Software\InstallCore] [HKCU\Software\JavaSoft] [HKCU\Software\Leadertech] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\LogiShrd] [HKCU\Software\Logitech] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MathWorks] [HKCU\Software\Motorola] [HKCU\Software\Mozilla Backup] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Opendisc] [HKCU\Software\PC SOFT] [HKCU\Software\Patchou] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\Resplendence Sp] [HKCU\Software\SearchCore for Browsers] [HKCU\Software\Skype] [HKCU\Software\Softonic] [HKCU\Software\SpeedFan] [HKCU\Software\Synaptics] [HKCU\Software\SysInternals] [HKCU\Software\TAdvCheckList] [HKCU\Software\Toshiba] [HKCU\Software\Tracker Software] [HKCU\Software\Trolltech] [HKCU\Software\USSL] [HKCU\Software\VSRevoGroup] [HKCU\Software\Western Digital] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yuna Software] [HKCU\Software\digital publishing] [HKLM\Software\AMD] [HKLM\Software\ASUSTeK] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\ATK0100] [HKLM\Software\ATK] [HKLM\Software\AVAST Software] [HKLM\Software\Adobe] [HKLM\Software\AdwCleaner] [HKLM\Software\Alienware] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\AsLdr] [HKLM\Software\Atheros] [HKLM\Software\Big Fish Games] [HKLM\Software\C07ft5Y] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\DVDVideoSoft] [HKLM\Software\DivXNetworks] [HKLM\Software\Dolby] [HKLM\Software\EA Games] [HKLM\Software\Electronic Arts] [HKLM\Software\GEAR Software] [HKLM\Software\GODSP] [HKLM\Software\Google] [HKLM\Software\Infineon] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Licenses] [HKLM\Software\Logitech] [HKLM\Software\MAGIX] [HKLM\Software\MCCI] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MarkAny] [HKLM\Software\MathWorks] [HKLM\Software\MimarSinan] [HKLM\Software\Mindscape] [HKLM\Software\Motorola] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\PowerForPhone] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek USB 2.0 Card Reader] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Samsung] [HKLM\Software\Sensible Vision] [HKLM\Software\Sonic] [HKLM\Software\Symantec] [HKLM\Software\Synaptics] [HKLM\Software\Toshiba] [HKLM\Software\Tracker Software] [HKLM\Software\UCR] [HKLM\Software\USSL] [HKLM\Software\Uniblue] [HKLM\Software\VideoLAN] [HKLM\Software\Volatile] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\WiseCleaner] [HKLM\Software\Yuna Software] [HKLM\Software\digital publishing] [HKLM\Software\logishrd] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 08/10/2011 - 14:52:44 - [130989537] ----D- C:\Program Files\Adobe O43 - CFD: 21/06/2011 - 21:47:50 - [2307582] ----D- C:\Program Files\Apple Software Update O43 - CFD: 17/09/2011 - 12:08:38 - [36126318] ----D- C:\Program Files\ASUS O43 - CFD: 17/09/2011 - 13:40:00 - [1078] ----D- C:\Program Files\Atheros O43 - CFD: 18/01/2011 - 06:53:42 - [14420285] ----D- C:\Program Files\ATI O43 - CFD: 18/01/2011 - 06:55:32 - [235231776] ----D- C:\Program Files\ATI Technologies O43 - CFD: 18/01/2011 - 06:58:40 - [5294477] ----D- C:\Program Files\ATK Hotkey O43 - CFD: 18/01/2011 - 07:00:36 - [7708672] ----D- C:\Program Files\ATKOSD2 O43 - CFD: 12/10/2011 - 20:23:04 - [630965] ----D- C:\Program Files\Bonjour O43 - CFD: 25/10/2011 - 11:23:46 - [4233624] ----D- C:\Program Files\CCleaner O43 - CFD: 29/10/2011 - 16:20:56 - [849944626] ----D- C:\Program Files\Common Files O43 - CFD: 10/10/2011 - 17:31:02 - [811366] ----D- C:\Program Files\DIFX O43 - CFD: 14/07/2011 - 16:22:20 - [454893486] ----D- C:\Program Files\EA Games O43 - CFD: 09/10/2011 - 15:19:34 - [381086] ----D- C:\Program Files\FileHippo.com O43 - CFD: 19/06/2011 - 12:35:22 - [167847822] ----D- C:\Program Files\Google O43 - CFD: 16/04/2011 - 23:33:36 - [16671851] ----D- C:\Program Files\Help O43 - CFD: 17/09/2011 - 12:08:32 - [54238281] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 26/10/2011 - 23:16:18 - [5880136] ----D- C:\Program Files\Internet Explorer O43 - CFD: 12/10/2011 - 20:26:30 - [2018955] ----D- C:\Program Files\iPod O43 - CFD: 25/10/2011 - 18:11:58 - [148198291] ----D- C:\Program Files\iTunes O43 - CFD: 09/10/2011 - 13:17:12 - [98628683] ----D- C:\Program Files\Java O43 - CFD: 17/09/2011 - 13:06:44 - [6139129] ----D- C:\Program Files\Lavalys O43 - CFD: 22/10/2011 - 14:19:34 - [108232908] ----D- C:\Program Files\Logitech O43 - CFD: 18/09/2011 - 14:59:46 - [6609124] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 25/01/2011 - 11:32:28 - [221184] ----D- C:\Program Files\MarkAnyContentSAFER O43 - CFD: 28/04/2011 - 23:52:50 - [3812787400] ----D- C:\Program Files\MATLAB O43 - CFD: 18/01/2011 - 00:43:40 - [12760330] ----D- C:\Program Files\Messenger Plus! Live O43 - CFD: 09/10/2011 - 14:59:24 - [226432] ----D- C:\Program Files\Microsoft O43 - CFD: 18/01/2011 - 05:15:50 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 02/11/2006 - 13:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games O43 - CFD: 30/10/2011 - 10:26:20 - [377039531] ----D- C:\Program Files\Microsoft Office O43 - CFD: 23/09/2011 - 20:32:08 - [18701221] ----D- C:\Program Files\Microsoft Security Client O43 - CFD: 12/10/2011 - 20:58:04 - [38412395] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 29/10/2011 - 19:44:02 - [3726168] ----D- C:\Program Files\Microsoft Works O43 - CFD: 29/10/2011 - 16:20:26 - [8167779] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 18/01/2011 - 07:02:42 - [3041343] ----D- C:\Program Files\Motorola O43 - CFD: 20/01/2011 - 12:52:12 - [99342446] ----D- C:\Program Files\Movie Maker O43 - CFD: 23/09/2011 - 21:57:02 - [1743452] ----D- C:\Program Files\MozBackup O43 - CFD: 09/10/2011 - 14:59:24 - [35803126] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 02/11/2006 - 13:37:36 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 04/06/2011 - 13:39:34 - [154033] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 18/01/2011 - 07:13:38 - [4955364] ----D- C:\Program Files\P4G O43 - CFD: 18/01/2011 - 12:48:12 - [3699441] ----D- C:\Program Files\PhotoFiltre O43 - CFD: 18/01/2011 - 07:14:04 - [786980] ----D- C:\Program Files\PowerForPhone O43 - CFD: 28/10/2011 - 14:58:56 - [75949146] ----D- C:\Program Files\QuickTime O43 - CFD: 21/01/2011 - 17:43:48 - [40241598] ----D- C:\Program Files\Realtek O43 - CFD: 02/11/2006 - 13:37:36 - [42699521] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 06/08/2011 - 11:12:54 - [5688496] ----D- C:\Program Files\SpeedFan O43 - CFD: 18/01/2011 - 07:11:08 - [13411666] ----D- C:\Program Files\Synaptics O43 - CFD: 24/09/2011 - 16:39:28 - [47534303] ----D- C:\Program Files\Toshiba O43 - CFD: 11/05/2011 - 21:00:52 - [14517792] ----D- C:\Program Files\Tracker Software O43 - CFD: 03/03/2011 - 21:56:32 - [11875117] ----D- C:\Program Files\UCR O43 - CFD: 02/11/2006 - 14:01:56 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 18/01/2011 - 00:14:40 - [84801987] ----D- C:\Program Files\VideoLAN O43 - CFD: 20/06/2011 - 11:14:00 - [6812742] ----D- C:\Program Files\VS Revo Group O43 - CFD: 25/10/2011 - 15:20:12 - [5624686] ----D- C:\Program Files\WhoCrashed O43 - CFD: 20/01/2011 - 12:52:12 - [1016832] ----D- C:\Program Files\Windows Calendar O43 - CFD: 20/01/2011 - 12:52:12 - [2737152] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 20/01/2011 - 12:52:12 - [4490624] ----D- C:\Program Files\Windows Defender O43 - CFD: 20/01/2011 - 12:52:12 - [7084664] ----D- C:\Program Files\Windows Journal O43 - CFD: 09/10/2011 - 13:27:10 - [46921502] ----D- C:\Program Files\Windows Live O43 - CFD: 09/10/2011 - 14:59:24 - [245112] ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD: 12/10/2011 - 20:56:50 - [9116344] ----D- C:\Program Files\Windows Mail O43 - CFD: 20/01/2011 - 12:52:12 - [4498121] ----D- C:\Program Files\Windows Media Player O43 - CFD: 02/11/2006 - 13:37:36 - [7957544] ----D- C:\Program Files\Windows NT O43 - CFD: 20/01/2011 - 12:52:12 - [13528738] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 19/01/2011 - 02:27:54 - [134144] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 24/04/2011 - 15:07:46 - [6527558] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 20/03/2011 - 00:48:14 - [3872606] ----D- C:\Program Files\WinRAR O43 - CFD: 18/01/2011 - 07:05:56 - [1662976] ----D- C:\Program Files\Wireless Console 2 O43 - CFD: 05/04/2011 - 17:22:14 - [23167954] ----D- C:\Program Files\Yuna Software O43 - CFD: 04/11/2011 - 23:06:56 - [4253333] ----D- C:\Program Files\ZHPDiag O43 - CFD: 20/06/2011 - 10:28:22 - [3678197] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 09/10/2011 - 15:25:00 - [39363570] ----D- C:\Program Files\Common Files\Adobe AIR O43 - CFD: 12/10/2011 - 20:26:28 - [109743196] ----D- C:\Program Files\Common Files\Apple O43 - CFD: 29/10/2011 - 16:20:56 - [92976] ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD: 16/04/2011 - 15:14:06 - [0] ----D- C:\Program Files\Common Files\DVDVideoSoft O43 - CFD: 18/01/2011 - 07:07:20 - [3396698] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 09/10/2011 - 15:31:26 - [1239723] ----D- C:\Program Files\Common Files\Java O43 - CFD: 09/10/2011 - 13:18:26 - [2827] ----D- C:\Program Files\Common Files\Java(83) O43 - CFD: 22/10/2011 - 14:20:22 - [97232659] ----D- C:\Program Files\Common Files\LogiShrd O43 - CFD: 02/04/2011 - 17:47:08 - [5241923] ----D- C:\Program Files\Common Files\LWS O43 - CFD: 29/10/2011 - 20:28:52 - [413114240] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 02/11/2006 - 12:18:34 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 02/11/2006 - 12:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 18/01/2011 - 01:08:36 - [458988] ----D- C:\Program Files\Common Files\Symantec Shared O43 - CFD: 20/01/2011 - 12:52:12 - [42752438] ----D- C:\Program Files\Common Files\System O43 - CFD: 18/01/2011 - 00:03:00 - [92522754] ----D- C:\Program Files\Common Files\Windows Live O43 - CFD: 20/06/2011 - 10:28:12 - [141096958] ----D- C:\ProgramData\Adobe O43 - CFD: 18/01/2011 - 00:02:32 - [8045062] ----D- C:\ProgramData\Alwil Software O43 - CFD: 12/10/2011 - 20:24:34 - [165280256] ----D- C:\ProgramData\Apple O43 - CFD: 21/06/2011 - 21:48:30 - [71558956] ----D- C:\ProgramData\Apple Computer O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 21/01/2011 - 12:36:22 - [98672] ----D- C:\ProgramData\ASUS O43 - CFD: 18/01/2011 - 07:02:58 - [9756] ----D- C:\ProgramData\Atheros O43 - CFD: 23/09/2011 - 13:33:04 - [299487] ----D- C:\ProgramData\Avira O43 - CFD: 11/06/2011 - 17:47:12 - [0] ----D- C:\ProgramData\Big Fish Games O43 - CFD: 04/11/2011 - 21:35:22 - [12] ----D- C:\ProgramData\boost_interprocess O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 20/01/2011 - 13:24:42 - [0] ----D- C:\ProgramData\Driver Whiz O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 14/06/2011 - 16:57:42 - [0] ----D- C:\ProgramData\Fugazo O43 - CFD: 19/01/2011 - 14:56:10 - [0] ----D- C:\ProgramData\Innovative Solutions O43 - CFD: 05/08/2011 - 16:06:26 - [63969] ----D- C:\ProgramData\iWin Games O43 - CFD: 22/10/2011 - 14:19:34 - [7075669] ----D- C:\ProgramData\Logishrd O43 - CFD: 02/04/2011 - 17:47:26 - [21140950] ----D- C:\ProgramData\Logitech O43 - CFD: 16/07/2011 - 18:00:44 - [17173332] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 19/01/2011 - 02:09:20 - [0] ----D- C:\ProgramData\McAfee O43 - CFD: 23/05/2011 - 20:44:54 - [291547] ----D- C:\ProgramData\Messenger Plus! O43 - CFD: 12/10/2011 - 20:37:04 - [517899425] -S--D- C:\ProgramData\Microsoft O43 - CFD: 29/10/2011 - 20:30:46 - [57040] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 13/06/2011 - 11:03:20 - [0] ----D- C:\ProgramData\Oberon Games O43 - CFD: 18/01/2011 - 07:13:38 - [2037] ----D- C:\ProgramData\P4G O43 - CFD: 20/01/2011 - 13:23:36 - [144] ----D- C:\ProgramData\PC Drivers HeadQuarters O43 - CFD: 25/01/2011 - 11:33:18 - [0] ----D- C:\ProgramData\PC Suite O43 - CFD: 08/07/2011 - 14:54:40 - [0] ----D- C:\ProgramData\PlayFirst O43 - CFD: 02/11/2006 - 14:02:04 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 02/07/2011 - 15:40:16 - [152] ----D- C:\ProgramData\Sun O43 - CFD: 25/06/2011 - 17:14:00 - [0] ----D- C:\ProgramData\Symantec O43 - CFD: 05/08/2011 - 14:33:18 - [0] ---AD- C:\ProgramData\TEMP O43 - CFD: 02/11/2006 - 14:02:06 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 21/06/2011 - 21:52:14 - [541235] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} O43 - CFD: 18/03/2011 - 19:08:06 - [167714] ----D- C:\Users\Sarah\AppData\Roaming\.BitTornado O43 - CFD: 08/10/2011 - 14:56:06 - [4689231] ----D- C:\Users\Sarah\AppData\Roaming\Adobe O43 - CFD: 18/01/2011 - 11:01:42 - [90874750] ----D- C:\Users\Sarah\AppData\Roaming\Apple Computer O43 - CFD: 23/09/2011 - 13:46:32 - [0] ----D- C:\Users\Sarah\AppData\Roaming\Avira O43 - CFD: 16/04/2011 - 14:37:08 - [267] ----D- C:\Users\Sarah\AppData\Roaming\DVDVideoSoftIEHelpers O43 - CFD: 04/11/2011 - 20:49:32 - [692] ----D- C:\Users\Sarah\AppData\Roaming\FreeVideoConverter O43 - CFD: 20/07/2011 - 15:49:24 - [4448] ----D- C:\Users\Sarah\AppData\Roaming\Gamelab O43 - CFD: 04/11/2011 - 20:41:30 - [0] ----D- C:\Users\Sarah\AppData\Roaming\Hitivi O43 - CFD: 04/06/2011 - 14:17:48 - [64163] ----D- C:\Users\Sarah\AppData\Roaming\HTC O43 - CFD: 04/06/2011 - 14:18:02 - [0] ----D- C:\Users\Sarah\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 O43 - CFD: 22/10/2011 - 16:23:36 - [45] ----D- C:\Users\Sarah\AppData\Roaming\Identities O43 - CFD: 11/05/2011 - 20:20:48 - [22906] ----D- C:\Users\Sarah\AppData\Roaming\inkscape O43 - CFD: 19/01/2011 - 21:22:18 - [353] ----D- C:\Users\Sarah\AppData\Roaming\Leadertech O43 - CFD: 19/01/2011 - 21:19:28 - [877468] ----D- C:\Users\Sarah\AppData\Roaming\Logishrd O43 - CFD: 19/01/2011 - 21:22:30 - [5614] ----D- C:\Users\Sarah\AppData\Roaming\Logitech O43 - CFD: 17/01/2011 - 22:51:28 - [181318] ----D- C:\Users\Sarah\AppData\Roaming\Macromedia O43 - CFD: 16/07/2011 - 18:00:50 - [154454] ----D- C:\Users\Sarah\AppData\Roaming\Malwarebytes O43 - CFD: 29/04/2011 - 10:47:18 - [3135461] ----D- C:\Users\Sarah\AppData\Roaming\MathWorks O43 - CFD: 02/11/2006 - 13:37:36 - [0] ----D- C:\Users\Sarah\AppData\Roaming\Media Center Programs O43 - CFD: 24/05/2011 - 13:30:34 - [1390262] -S--D- C:\Users\Sarah\AppData\Roaming\Microsoft O43 - CFD: 24/09/2011 - 14:27:52 - [24737688] ----D- C:\Users\Sarah\AppData\Roaming\Mozilla O43 - CFD: 25/01/2011 - 11:33:16 - [446] ----D- C:\Users\Sarah\AppData\Roaming\PC Suite O43 - CFD: 08/10/2011 - 14:57:10 - [0] ----D- C:\Users\Sarah\AppData\Roaming\Pdfsvg O43 - CFD: 20/01/2011 - 12:52:18 - [757] ----D- C:\Users\Sarah\AppData\Roaming\PhotoFiltre O43 - CFD: 20/03/2011 - 01:52:22 - [0] ----D- C:\Users\Sarah\AppData\Roaming\Samsung O43 - CFD: 18/01/2011 - 01:09:30 - [0] ----D- C:\Users\Sarah\AppData\Roaming\Toshiba O43 - CFD: 11/05/2011 - 21:02:30 - [0] ----D- C:\Users\Sarah\AppData\Roaming\Tracker Software O43 - CFD: 22/06/2011 - 11:39:20 - [83157] ----D- C:\Users\Sarah\AppData\Roaming\vlc O43 - CFD: 17/07/2011 - 15:56:10 - [0] ----D- C:\Users\Sarah\AppData\Roaming\WinBatch O43 - CFD: 20/03/2011 - 00:48:32 - [12] ----D- C:\Users\Sarah\AppData\Roaming\WinRAR O43 - CFD: 08/10/2011 - 17:18:46 - [693] ----D- C:\Users\Sarah\AppData\Roaming\Wise Registry Cleaner O43 - CFD: 22/10/2011 - 16:15:42 - [40797] ----D- C:\Users\Sarah\AppData\Roaming\XnView O43 - CFD: 09/10/2011 - 13:15:34 - [15192729] ----D- C:\Users\Sarah\AppData\Local\Adobe O43 - CFD: 05/08/2011 - 14:49:52 - [0] ----D- C:\Users\Sarah\AppData\Local\Apple O43 - CFD: 31/07/2011 - 10:46:38 - [10362941] ----D- C:\Users\Sarah\AppData\Local\Apple Computer O43 - CFD: 17/01/2011 - 22:49:24 - [0] -SH-D- C:\Users\Sarah\AppData\Local\Application Data O43 - CFD: 04/06/2011 - 13:44:54 - [24684996] ----D- C:\Users\Sarah\AppData\Local\Downloaded Installations O43 - CFD: 02/06/2011 - 09:50:18 - [190986747] ----D- C:\Users\Sarah\AppData\Local\Google O43 - CFD: 17/01/2011 - 22:49:24 - [0] -SH-D- C:\Users\Sarah\AppData\Local\Historique O43 - CFD: 19/01/2011 - 14:56:10 - [0] ----D- C:\Users\Sarah\AppData\Local\Innovative Solutions O43 - CFD: 09/10/2011 - 13:21:22 - [0] ----D- C:\Users\Sarah\AppData\Local\Logishrd O43 - CFD: 24/05/2011 - 13:30:26 - [557961365] ----D- C:\Users\Sarah\AppData\Local\Microsoft O43 - CFD: 21/04/2011 - 15:58:18 - [757017] ----D- C:\Users\Sarah\AppData\Local\Microsoft Games O43 - CFD: 21/04/2011 - 15:07:12 - [406960] ----D- C:\Users\Sarah\AppData\Local\Microsoft Help O43 - CFD: 17/01/2011 - 23:58:50 - [38871291] ----D- C:\Users\Sarah\AppData\Local\Mozilla O43 - CFD: 11/06/2011 - 14:48:58 - [0] ----D- C:\Users\Sarah\AppData\Local\PackageAware O43 - CFD: 04/11/2011 - 23:06:22 - [0] ----D- C:\Users\Sarah\AppData\Local\Temp O43 - CFD: 20/06/2011 - 11:21:04 - [53080931] ----D- C:\Users\Sarah\AppData\Local\Temp(71) O43 - CFD: 17/01/2011 - 22:49:24 - [0] -SH-D- C:\Users\Sarah\AppData\Local\Temporary Internet Files O43 - CFD: 17/01/2011 - 22:52:22 - [4264] ----D- C:\Users\Sarah\AppData\Local\Toshiba O43 - CFD: 21/01/2011 - 13:21:32 - [311547] ----D- C:\Users\Sarah\AppData\Local\VirtualStore O43 - CFD: 16/04/2011 - 14:11:32 - [0] ----D- C:\Users\Sarah\AppData\Local\WDSetup O43 - CFD: 16/04/2011 - 15:43:16 - [1613] ----D- C:\Users\Sarah\AppData\Local\Western Digital O43 - CFD: 09/10/2011 - 13:45:48 - [49152] ----D- C:\Users\Sarah\AppData\Local\Windows Live ~ Scan Program Folder in 01mn 27s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.C5279C67CA6068DB55C6F7D46A6586AD] - 04/11/2011 - 23:04:20 ---A- . (...) -- C:\AdwCleaner[S1].txt [3464] O44 - LFC:[MD5.887B853EEE42FB3BB8DC8C93A93CDCAE] - 04/11/2011 - 23:01:51 ---A- . (...) -- C:\AdwCleaner[R1].txt [3183] O44 - LFC:[MD5.5B4AC1846D7F9111F96564CBE3CA70F8] - 04/11/2011 - 22:49:48 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1171280] O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 04/11/2011 - 22:44:35 ---A- . (...) -- C:\Windows\system32\acovcnt.exe [45056] O44 - LFC:[MD5.4306A2C7C84DABE0067B97D6E8141830] - 04/11/2011 - 22:44:02 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.FFCB3508045A3812C59765D0D7DF0BB0] - 04/11/2011 - 22:43:54 ---A- . (...) -- C:\Windows\PFRO.log [558] O44 - LFC:[MD5.2CC70D824167D9B7EAFADDB75009834C] - 04/11/2011 - 22:31:31 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.DB2B51A9D025A564E2DD3C211D62B87D] - 04/11/2011 - 20:49:04 ---A- . (...) -- C:\Windows\win.ini [302] O44 - LFC:[MD5.9999DE9E1B3FE7EEE100D5EE3A4E5B58] - 04/11/2011 - 20:43:11 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1502476] O44 - LFC:[MD5.013808CB6597C78C48CD8B53086B722C] - 04/11/2011 - 20:43:11 ---A- . (...) -- C:\Windows\system32\perfc009.dat [105070] O44 - LFC:[MD5.19C89732C8134535E66B4FCE5F0CD2D8] - 04/11/2011 - 20:43:11 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [127626] O44 - LFC:[MD5.60389B0852CB535E708D2F3BF11C7F23] - 04/11/2011 - 20:43:11 ---A- . (...) -- C:\Windows\system32\perfh009.dat [598096] O44 - LFC:[MD5.8293353F2FCD3D518B3C4FDBBBB78D9C] - 04/11/2011 - 20:43:11 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [681142] O44 - LFC:[MD5.C0382C12B784394BF16C2D8F0F1F17DC] - 30/10/2011 - 10:00:14 ---A- . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- C:\Windows\system32\drivers\LNonPnP.sys [16400] O44 - LFC:[MD5.8A27334F84A021048F69A55902732D8B] - 29/10/2011 - 19:20:54 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [270768] O44 - LFC:[MD5.584F1C20E840CB7E00B2FF40FA6F7544] - 24/10/2011 - 13:29:02 ---A- . (.Apple Inc. - QuickTime Client DLL.) -- C:\Windows\system32\QuickTime.qts [69632] O44 - LFC:[MD5.97A90E7845335C6AB21F9FAD72595563] - 24/10/2011 - 13:29:02 ---A- . (.Apple Inc. - QuickTimeVR DLL.) -- C:\Windows\system32\QuickTimeVR.qtx [94208] O44 - LFC:[MD5.2C536D41DCE213E1D449F18B3D41EA55] - 22/10/2011 - 14:22:04 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\system32\FlashPlayerCPLApp.cpl [414368] O44 - LFC:[MD5.5938C760D06989E55A814EE88FE20E83] - 22/10/2011 - 14:16:35 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\system32\java.exe [173960] O44 - LFC:[MD5.7F5FE240DBF4B9132AC492E94DC65CCF] - 22/10/2011 - 14:16:35 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\system32\javaw.exe [173960] O44 - LFC:[MD5.A17B354254FCE7FBC045948533737166] - 22/10/2011 - 14:16:35 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\system32\javaws.exe [214408] O44 - LFC:[MD5.EA0824063E8031B01F7850079689B22F] - 22/10/2011 - 14:16:34 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\system32\deployJava1.dll [544656] O44 - LFC:[MD5.775DF49540D0D0DAF00EDB086A0ABD67] - 21/08/2007 - 12:32:44 ---A- . (...) -- C:\Windows\system32\redmonnt.dll [98304] ~ Scan Files in 00mn 10s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\system32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\system32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\system32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\system32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\system32\tspkg.dll ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"vidc.i420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\system32\lvcodec2.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.VP60"="C:\Windows\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll O52 - TDSD: \Drivers32\"vidc.VP61"="C:\Windows\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"vp6vfw.dll"="EA VP6 Codec" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\ASUS Camera ScreenSaver [Key] . (...) -- C:\Windows\ASScrProlog.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\ASUS Screen Saver Protector [Key] . (...) -- C:\Windows\ASScrPro.exe O53 - SMSR:HKLM\...\startupreg\ASUSTPE [Key] . (.ASUS - TouchPad Extra.) -- C:\Windows\system32\ASUSTPE.exe O53 - SMSR:HKLM\...\startupreg\ATKMEDIA [Key] . (.ASUSTeK Computer INC. - DMedia.) -- C:\Program Files\ASUS\ATK Media\DMEDIA.exe O53 - SMSR:HKLM\...\startupreg\AutoStartNPSAgent [Key] . (...) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\DriverMax [Key] . (...) -- C:\Program Files\Innovative Solutions\DriverMax\devices.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\DriverMax_RESTART [Key] . (...) -- C:\Program Files\Innovative Solutions\DriverMax\devices.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\EvtMgr6 [Key] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe O53 - SMSR:HKLM\...\startupreg\HTC Sync Loader [Key] . (...) -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\LWS [Key] . (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe O53 - SMSR:HKLM\...\startupreg\Malwarebytes' Anti-Malware [Key] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe O53 - SMSR:HKLM\...\startupreg\PlusService [Key] . (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O53 - SMSR:HKLM\...\startupreg\PowerForPhone [Key] . (.Pas de propriétaire - PowerForPhone.) -- C:\Program Files\PowerForPhone\PowerForPhone.exe O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O53 - SMSR:HKLM\...\startupreg\SMSERIAL [Key] . (.Motorola Inc. - SM56 Modem Helper.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O53 - SMSR:HKLM\...\startupreg\SynTPEnh [Key] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O53 - SMSR:HKLM\...\startupreg\WMPNSCFG [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe ~ Scan SMSR Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=255 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [420968] O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297576] O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [98408] O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [147048] O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14952] O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [67688] O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [67688] O58 - SDL:[MD5.C910B8EBE20289565A55D9B8904E1563] - 21/01/2011 - 18:00:26 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [2101760] O58 - SDL:[MD5.A73C41CA69709AAEA2060A6B6FAC806E] - 22/01/2011 - 00:59:52 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [4385792] O58 - SDL:[MD5.97AFFA9D95FFE20EEE6229BC6BE166CF] - 18/01/2011 - 08:11:58 ---A- . (.ATK0100 - ATK0100 ACPI Utility.) -- C:\Windows\system32\drivers\ATKACPI.sys [7680] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [16488] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys [117760] O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [316520] O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 21/06/2011 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600] O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [37480] O58 - SDL:[MD5.52395A94C127C0266D1C0F3CCE8A4345] - 04/06/2011 - 09:23:44 ---A- . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\Windows\system32\drivers\htcnprot.sys [23040] O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [232040] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.CC2A86D7BBF14977340DCA61BBCBA771] - 18/01/2011 - 11:08:40 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\system32\drivers\kbfiltr.sys [5632] O58 - SDL:[MD5.956E6D0D0994491BCF62C3BCD4D05CE4] - 20/01/2011 - 10:50:00 ---A- . (.Logitech - Logitech PS/2 Mouse Filter.) -- C:\Windows\system32\drivers\L8042Pr2.sys [52166] O58 - SDL:[MD5.01CC7FB6E790EF044B411377F3A1FF41] - 22/10/2011 - 07:31:20 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\system32\drivers\LHidFilt.Sys [41240] O58 - SDL:[MD5.27BBEA62DFAFC495E956D3911EBC3045] - 20/01/2011 - 10:50:00 ---A- . (.Logitech - Logitech HID Filter Driver.) -- C:\Windows\system32\drivers\LHidFlt2.sys [23270] O58 - SDL:[MD5.BBC297EA4FC97FC7B85F70915345C80A] - 20/01/2011 - 10:50:00 ---A- . (.Logitech - Logitech Keyboard Filter Driver.) -- C:\Windows\system32\drivers\LKbdFlt2.sys [5846] O58 - SDL:[MD5.A2E7EAE8898D7B4B8C302B8F4E836BB5] - 22/10/2011 - 07:31:28 ---A- . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\Windows\system32\drivers\LMouFilt.Sys [39192] O58 - SDL:[MD5.45DF10F44F6A140A4F3DD377676603F2] - 20/01/2011 - 10:50:00 ---A- . (.Logitech - Logitech Mouse Filter Driver.) -- C:\Windows\system32\drivers\LMouFlt2.sys [68886] O58 - SDL:[MD5.C0382C12B784394BF16C2D8F0F1F17DC] - 22/01/2011 - 10:00:14 ---A- . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- C:\Windows\system32\drivers\LNonPnP.sys [16400] O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [65640] O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [65640] O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [65640] O58 - SDL:[MD5.DDFA88E36D5F8DB5FBDBDDDC4969DB0A] - 22/10/2011 - 07:31:28 ---A- . (.Logitech, Inc. - Logitech USB Filter Driver..) -- C:\Windows\system32\drivers\LUsbFilt.sys [30360] O58 - SDL:[MD5.8BE71D7EDB8C7494913722059F760DD0] - 02/04/2011 - 17:43:30 ---A- . (...) -- C:\Windows\system32\drivers\LVPr2Mon.sys [25824] O58 - SDL:[MD5.A1857FBB9B4930EEB2FD92386C45C529] - 02/04/2011 - 03:48:12 ---A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\Windows\system32\drivers\lvrs.sys [283744] O58 - SDL:[MD5.3703406AF0726BADD24C5E552493E5B1] - 02/04/2011 - 03:49:50 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\Windows\system32\drivers\lvuvc.sys [4323040] O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 05/08/2011 - 16:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22216] O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [28776] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.A15F219208843A5A210C8CB391384453] - 02/11/2006 - 08:30:54 ---A- . (.Intel® Corporation - Intel® Wireless LAN Driver.) -- C:\Windows\system32\drivers\NETw3v32.sys [1781760] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.CFDDEDC1151839DD71F78472645214A5] - 02/11/2006 - 04:04:33 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 96.86.) -- C:\Windows\system32\drivers\nvlddmkm.sys [4422560] O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 10:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [88680] O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [40040] O58 - SDL:[MD5.175CC28DCF819F78CAA3FBD44AD9E52A] - 25/01/2011 - 15:53:26 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\system32\drivers\pccsmcfd.sys [21632] O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [900712] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.B44C0357D1FC7C9E4C0B0983A9E96FF9] - 21/01/2011 - 11:59:18 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [3351208] O58 - SDL:[MD5.283392AF1860ECDB5E0F8EBD7F3D72DF] - 02/11/2006 - 08:30:56 ---A- . (.Realtek Corporation - Realtek 8101/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [44544] O58 - SDL:[MD5.F06C97ECA3FDB287A2AFFBFDB0277335] - 18/01/2011 - 22:44:22 ---A- . (.Windows (R) Codename Longhorn DDK provider - NDIS User mode I/O Driver.) -- C:\Windows\system32\drivers\RtNdPt60.sys [28160] O58 - SDL:[MD5.5E01AB8AB1ACF8850B2D64A6FD068E46] - 19/01/2011 - 16:29:54 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100 NDIS 5.1 Driver.) -- C:\Windows\system32\drivers\Rtnicxp.sys [43520] O58 - SDL:[MD5.43BFCAD27999B694652512521851888B] - 18/01/2011 - 03:18:34 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for Vista.) -- C:\Windows\system32\drivers\RTSTOR.sys [35328] O58 - SDL:[MD5.247B0A8164069CD4FE6F3094C581B13B] - 02/04/2011 - 15:11:08 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\system32\drivers\RtsUStor.sys [197224] O58 - SDL:[MD5.624795DF1993B955B0C0A03A4612F2EC] - 07/09/2011 - 09:18:26 ---A- . (.SCM Microsystems Inc. - PC-SC CCID Driver for SCR3xx USB Smart Card Reader.) -- C:\Windows\system32\drivers\SCR3XX2K.sys [59776] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [38504] O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [71784] O58 - SDL:[MD5.859E3ADC59D1C89A66AA6492C14D379E] - 26/10/2009 - 15:09:06 ---A- . (.Motorola Inc. - Motorola SM56 Modem WDM Driver.) -- C:\Windows\system32\drivers\smserial.sys [1095936] O58 - SDL:[MD5.EAA66218CD39F5BB1B4853A78C67C787] - 25/01/2011 - 10:01:26 ---A- . (.MCCI - SAMSUNG USB Mobile Device.) -- C:\Windows\system32\drivers\ss_bbus.sys [90112] O58 - SDL:[MD5.F8A771C5A63DC641772B7A3B05AF173F] - 25/01/2011 - 10:01:26 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_bcm.sys [12160] O58 - SDL:[MD5.F8A771C5A63DC641772B7A3B05AF173F] - 25/01/2011 - 10:01:26 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_bcmnt.sys [12160] O58 - SDL:[MD5.91765F99914ED8693D8BC76524F21581] - 25/01/2011 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem Filter.) -- C:\Windows\system32\drivers\ss_bmdfl.sys [14976] O58 - SDL:[MD5.840E7B738B03C10EE91D9B7D3D6EFF15] - 25/01/2011 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem.) -- C:\Windows\system32\drivers\ss_bmdm.sys [121856] O58 - SDL:[MD5.29B73D03AE6EDABB88E50364B066A6CA] - 25/01/2011 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\Windows\system32\drivers\ss_bwh.sys [12160] O58 - SDL:[MD5.29B73D03AE6EDABB88E50364B066A6CA] - 25/01/2011 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\Windows\system32\drivers\ss_bwhnt.sys [12160] O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 25/01/2011 - 11:30:48 ---A- . (...) -- C:\Windows\system32\drivers\StarOpen.sys [5632] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.24B43E9A3E6CACF9AFC69F48E9DEB690] - 18/01/2011 - 22:48:54 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [181304] O58 - SDL:[MD5.8D624D3BD1F2D78BD1C01A2D4E954B4E] - 18/01/2011 - 04:33:00 ---A- . (.TOSHIBA Corporation - TOSHIBA Bluetooth Port Emulation Driver.) -- C:\Windows\system32\drivers\tosporte.sys [41600] O58 - SDL:[MD5.A594DBD80CA5426E2E558BF79195A110] - 18/01/2011 - 04:55:00 ---A- . (.TOSHIBA CORPORATION - Bluetooth RF Bus Driver.) -- C:\Windows\system32\drivers\tosrfbd.sys [113792] O58 - SDL:[MD5.90C8525BC578AAFFE87C2D0ED4379E9E] - 18/01/2011 - 02:55:16 ---A- . (.TOSHIBA Corporation - Bluetooth RFBNEP Driver.) -- C:\Windows\system32\drivers\tosrfbnp.sys [36480] O58 - SDL:[MD5.5BA1CA3B3CDDB1DDC67DF473F05D1EC2] - 18/01/2011 - 01:45:00 ---A- . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) -- C:\Windows\system32\drivers\tosrfcom.sys [64896] O58 - SDL:[MD5.28099A4E52148319AFA685D93A2244D0] - 18/01/2011 - 01:07:46 ---A- . (.TOSHIBA Corporation. - Bluetooth HID Driver from TOSHIBA.) -- C:\Windows\system32\drivers\Tosrfhid.sys [73600] O58 - SDL:[MD5.C52FD27B9ADF3A1F22CB90E6BCF9B0CB] - 18/01/2011 - 22:42:00 ---A- . (.TOSHIBA Corporation. - Bluetooth BNEP Driver.) -- C:\Windows\system32\drivers\tosrfnds.sys [18612] O58 - SDL:[MD5.20CC46C5D3326122E1A0A8C9DAD00E0D] - 18/01/2011 - 09:29:10 ---A- . (.TOSHIBA CORPORATION - Bluetooth USB Miniport Driver.) -- C:\Windows\system32\drivers\tosrfusb.sys [40960] O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [235112] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.83CAFCB53201BBAC04D822F32438E244] - 16/06/2011 - 07:06:08 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys [42496] O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17512] O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys [112232] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0C8DFA21B1D9D2EF14B692104AE68A69] - 18/01/2011 - 03:04:58 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\athr.sys [694784] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.790A4CA68F44BE35967B3DF61F3E4675] - 25/01/2011 - 09:39:36 ---A- . (...) -- C:\Windows\system32\FsUsbExDisk.Sys [36608] O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 30/07/2011 - 20:33:26 ---A- . (...) -- C:\Windows\system32\giveio.sys [5248] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FE2410C14228149466B11EAC3E8C200B] - 03/03/2011 - 19:33:26 ---A- . (...) -- C:\Windows\system32\Machnm32.sys [7432] O58 - SDL:[MD5.3BF7E00BDEC5059945C483743A1B8218] - 03/03/2011 - 19:33:26 ---A- . (...) -- C:\Windows\system32\Machnm64.sys [10760] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] O58 - SDL:[MD5.3FA2E254BFBCE52B3C6F1BF23AAB6911] - 30/07/2011 - 17:08:54 ---A- . (.Almico Software - SpeedFan x32 Driver.) -- C:\Windows\system32\speedfan.sys [25240] ~ Scan Drivers in 00mn 05s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 28/12/2006 - C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys - ghaio (ghaio) .(...) - LEGACY_GHAIO O64 - Services: CurCS - 03/04/1996 - C:\Windows\system32\giveio.sys - giveio (giveio) .(...) - LEGACY_GIVEIO O64 - Services: CurCS - 07/05/2010 - C:\Windows\system32\DRIVERS\LVPr2Mon.sys - Logitech LVPr2Mon Driver (LVPr2Mon) .(...) - LEGACY_LVPR2MON O64 - Services: CurCS - 31/08/2011 - C:\Windows\system32\drivers\mbam.sys - MBAMProtector(MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 18/04/2011 - C:\Windows\system32\FirewallAPI.dll, (mpsdrv) .(...) - LEGACY_MPSDRV O64 - Services: CurCS - 02/11/2006 - C:\Windows\system32\drivers\pacer.sys, (PSched) .(...) - LEGACY_PSCHED O64 - Services: CurCS - ??/??/???? - C:\Windows\system32\tcpipcfg.dll, (Smb) .(...) - LEGACY_SMB O64 - Services: CurCS - 18/03/2011 - C:\Windows\system32\speedfan.sys - speedfan(speedfan) .(.Almico Software - SpeedFan x32 Driver.) - LEGACY_SPEEDFAN O64 - Services: CurCS - 29/04/2011 - C:\Windows\system32\tcpipcfg.dll, (Tcpip) .(...) - LEGACY_TCPIP O64 - Services: CurCS - 17/06/2011 - C:\Windows\system32\tcpipcfg.dll, (tdx) .(...) - LEGACY_TDX ~ Scan Services in 00mn 03s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} [DefaultScope] - (Web Search) - http://www.searchqu.com ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.F12FDB9B0A47F98140754C328F64DC0F] [SPRF][04/11/2011] (...) -- C:\Users\Sarah\Desktop\adwcleaner0.exe [522419] [MD5.FC32AE356A7E1D8C22228443E9FB0D3D] [SPRF][04/11/2011] (.Pas de propriétaire - Contrôle UAC Windows 7 et Vista.) -- C:\Users\Sarah\Desktop\GererControleCompteUtil.exe [316545] [MD5.C2E39DB32518953DE7CEA34C1EA83A9D] [SPRF][04/11/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Sarah\Desktop\ZHPDiag2.exe [2817200] [MD5.580B9F224764CF9B195E198381D7E86C] [SPRF][19/10/2007] (.Microsoft Corporation - Windows Live Photo Pick and Convert Control.) -- C:\Windows\Downloaded Program Files\PhtPkMSN.dll [193600] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "SNMPTRAP-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Windows\system32\snmptrap.exe| (.not file.) O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMPNSS-QWave-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMPNSS-QWave-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMPNSS-QWave-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMPNSS-QWave-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMPNSS-UPnP-Out-TCP" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "MCX-SSDPSrv-In-UDP" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "MCX-SSDPSrv-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "MCX-QWave-In-UDP" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "MCX-QWave-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "MCX-QWave-In-TCP" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "MCX-QWave-Out-TCP" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "MCX-MCX2SVC-Out-TCP" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WinCollab-DFSR-In-TCP" |In - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\dfsr.exe| (.not file.) O87 - FAEL: "WinCollab-DFSR-Out-TCP" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\dfsr.exe| (.not file.) O87 - FAEL: "WinCollab-P2P-In-TCP" |In - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WinCollab-P2P-Out-TCP" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteAdmin-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteAdmin-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "MsiScsi-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "MsiScsi-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "MsiScsi-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "MsiScsi-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "Collab-PNRP-In-UDP" |In - Domain - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "Collab-PNRP-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RVM-VDS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\vds.exe| (.not file.) O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RVM-VDS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\vds.exe| (.not file.) O87 - FAEL: "RVM-RPCSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMI-RPCSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMI-WINMGMT-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WMI-WINMGMT-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" |In - Domain - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteEventLogSvc-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteFwAdmin-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "BITSSVC-WSD-In-UDP" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "BITSSVC-WSD-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "BITSSVC-RPC-In-TCP" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "BITSSVC-RPCSS-In-TCP" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteTask-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteTask-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteTask-RPCSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "MSDTC-KTMRM-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "MSDTC-RPCSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" |In - Private - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" |Out - Private - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP-Active" |Out - Private - P6 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "WPDMTP-UPnP-Out-TCP" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "CoreNet-DHCP-In" |In - Domain - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "CoreNet-DHCP-Out" |Out - Domain - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "CoreNet-Teredo-In" |In - Domain - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "CoreNet-Teredo-Out" |Out - Domain - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "CoreNet-DNS-Out-UDP" |Out - Domain - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "TCP Query User{566510AA-FB9B-418E-A40C-5106CE24B260}C:\program files\google\google earth\client\googleearth.exe" | In - Public - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe O87 - FAEL: "UDP Query User{29547771-A95A-49E1-A43D-E2F819117993}C:\program files\google\google earth\client\googleearth.exe" | In - Public - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\snmptrap.exe| (.not file.) O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe| (.not file.) O87 - FAEL: "FPS-SpoolSvc-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe| (.not file.) O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" |In - Private - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" |Out - Private - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" |Out - Private - P6 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" |In - Private - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" |Out - Private - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" |In - Private - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" |Out - Private - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" |In - Private - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" |Out - Private - P17 - TRUE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-UPnP-Out-TCP" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-FDPHOST-In-UDP" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-LLMNR-In-UDP" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-LLMNR-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\svchost.exe| (.not file.) O87 - FAEL: "TCP Query User{69E6C2DD-9AD5-4BBA-ADC5-9B2683DE6A84}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe O87 - FAEL: "UDP Query User{E6592FF1-04B3-4A15-9C59-7239A1BF1620}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe O87 - FAEL: "{F771223E-EDB7-4DE8-BC09-EFDA82EB72BC}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe O87 - FAEL: "{7481BFD2-5850-4323-B4D9-38CC01B5D24F}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{A5AB7426-95B2-4654-A920-27A2467D10D0}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{D76908A5-3040-4EF9-8806-87CD6C640ADB}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe ~ Scan Firewall in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 20/06/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SS - | Demand 12/10/2011 55144 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 94208 | (ASLDRService) . (...) - C:\Program Files\ATK Hotkey\ASLDRSrv.exe SR - | Auto 22/01/2011 733184 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\system32\Ati2evxx.exe SS - | Demand 12/10/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SS - | Auto 18/01/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 18/01/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 02/06/2011 136120 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Demand 12/10/2011 821608 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Demand 22/10/2011 295192 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe SR - | Auto 18/09/2011 366152 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SR - | Auto 123248 | (spmgr) . (...) - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe SR - | Auto 18/01/2011 77824 | (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe SR - | Auto 18/01/2011 21504 | C:\Windows\system32\wuaueng.dll, (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ~ Scan Services in 00mn 10s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by Sarah at 04/11/2011 23:09:12 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys win32k.sys 1 ntkrnlpa!IofCallDriver[0x83653912] -> \Device\Harddisk0\DR0[0x86605418] 3 CLASSPNP[0x895AD8B3] -> ntkrnlpa!IofCallDriver[0x83653912] -> [0x86011918] 5 acpi[0x88E956BC] -> ntkrnlpa!IofCallDriver[0x83653912] -> \Device\Ide\IdeDeviceP1T0L0-1[0x8600BB98] kernel: MBR read successfully user & kernel MBR OK ~ Scan MBR in 00mn 13s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Sarah at 04/11/2011 23:09:14 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 15s End of the scan (1427 lines in 02mn 49s)(0)