Http://lo.st/??

Résolu

sousou -
nour_darbi Messages postés 53 Date d'inscription Statut Membre Dernière intervention - 10 avril 2011 à 19:24

Bonjour,

j'ai un problème, à chaque fois que je démarre internet j'ai la page http://lo.st/ qui apparaît.
même si je change la page d'accueil elle revient ! je ne sais pas comment l'enlever

j'ai besoin de votre aide s'il vous plaît

Merci d'avance

Afficher la suite

A voir également:

Http://lo.st/??
Http - Guide
Http //192.168.l.l - Guide
Http //tv.hotelbb.com ✓ - Forum Virus
Http //192.168.l.254 bbox - Forum Bbox Bouygues
Http //zh.ui.vmall.com/emotiondownload.php mod=restore - Forum Huawei

47 réponses

Réponse 21 / 47

nour_darbi Messages postés 53 Date d'inscription Statut Membre Dernière intervention

Rapport de ZHPFix 1.12.3269 par Nicolas Coolman, Update du 30/03/2011
Fichier d'export Registre : C:\ZHPExportRegistry-04-04-2011-22-53-10.txt
Run by PC-DE-BFZ at 04/04/2011 22:53:10
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Registry Key ==========
O2 - BHO: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} Orphean Key => Registry Key removed successfully
HKCU\Software\SweetIM => Registry key not found
HKLM\Software\SweetIM => Registry key not found
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe => Registry Key removed successfully
HKLM\Software\BrowserChoice => Registry key not found

========== Registry Value ==========
R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} Orphean Key => Registry key value not found
O3 - Toolbar: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} . (.Unknown owner - No comment.) -- (.not file.) => Registry key value not found
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe => Registry key value not found
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe => Registry key value not found
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe => Registry key value not found
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe => Registry key value not found
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe => Registry key value not found
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll => Registry key value not found
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll => Registry key value not found
{A722DCD8-0592-4108-AD69-15BEE5C5D6B8} => Registry key value not found
{2EECA264-2CE8-49AE-A0BC-9722BE0F4F04} => Registry key value not found

========== File ==========
c:\users\pc-de-bfz\appdata\roaming\mozilla\firefox\profiles\plo2nbru.default\searchplugins\sweetim.xml => File not found
c:\users\pc-de-bfz\appdata\roaming\microsoft\windows\start menu\programs\startup\openoffice.org 3.1.lnk => File not found

========== Summary ==========
5 : Registry Key
11 : Registry Value
2 : File

End of the scan

Réponse 22 / 47

Utilisateur anonyme

Très bien, j'attends le rapport

Réponse 23 / 47

nour_darbi Messages postés 53 Date d'inscription Statut Membre Dernière intervention

c'est bon je l'ai posté juste avant

Réponse 24 / 47

Utilisateur anonyme

C'est très bien je l'ai vu, mais je voudrai un nouveau rapport ZHPDiag pour que
je vérifie si le PC est clean

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 25 / 47

nour_darbi Messages postés 53 Date d'inscription Statut Membre Dernière intervention

[url=https://www.luanagames.com/index.fr.html]ZHPDiag2.Txt[/url]

Réponse 26 / 47

Utilisateur anonyme

C'est quelle version de Norton tu avais ?

Réponse 27 / 47

nour_darbi Messages postés 53 Date d'inscription Statut Membre Dernière intervention

je ne sais pas exactement mais le PC je l'ai depuis 2008

Réponse 28 / 47

nour_darbi Messages postés 53 Date d'inscription Statut Membre Dernière intervention

ah oui je l'avais désinstallé à la fin de période d'essai et je l'avais réinstallé un jour quand j'avais des problèmes sur le PC

Réponse 29 / 47

Utilisateur anonyme

Bonjour
Comme tu as Antivir, on va désinstaller les restes de Norton, si tu souhaites
garder Norton, ne faits pas cette procédure, mais il ne faut pas garder
Antivir. Norton 360 est un logiciel lourd, Antivir est un bon anti-virus, et
plus léger que Norton, c'est à toi de faire le choix

Copie les lignes suivantes en gras ci dessous, c'est à dire
que tu sélectionnes les lignes indiquées en gras avec ta souris, tu fait
clic droit dessus>copier

O42 - Logiciel: LiveUpdate 3.2 (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- LiveUpdate
O42 - Logiciel: LiveUpdate Notice (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- {DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM] -- {63A6E9A9-A190-46D4-9430-2DB28654AFD8}

* Lance ZHPFix, soit à partir d'un raccourci sur le bureau, soit à partir de
ZHPDiag (avec Vista/Seven, clic droit dessus, et sur exécuter en
tant qu'administrateur)
Clique sur l'icône représentant la lettre H (« coller les lignes Helper »)
- Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
- Clique sur le bouton « GO » pour lancer le nettoyage,
- Copie/colle la totalité du rapport dans ta prochaine réponse

Redémarre ton PC

Ensuite, poste moi un nouveau rapport ZHPDiag

Réponse 30 / 47

nour_darbi Messages postés 53 Date d'inscription Statut Membre Dernière intervention

Bonjour,

oui je voudrai bien désinstallé Norton. Quand je met GO il me demande si je veux supprimer LiveUpdate

je met oui ou non ?

Réponse 31 / 47

Utilisateur anonyme

tu mets oui, car c'est pour mettre à jour Norton, donc cela va avec, tu peux
supprimer

Réponse 32 / 47

nour_darbi Messages postés 53 Date d'inscription Statut Membre Dernière intervention

d'accord

voici le rapport

Rapport de ZHPFix 1.12.3269 par Nicolas Coolman, Update du 30/03/2011
Fichier d'export Registre : C:\ZHPExportRegistry-05-04-2011-22-48-20.txt
Run by PC-DE-BFZ at 05/04/2011 22:48:20
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Registry Key ==========
O42 - Logiciel: LiveUpdate Notice (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- {DBA4DB9D-EE51-4944-A419-98AB1F1249C8} => Registry Key removed successfully
O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM] -- {63A6E9A9-A190-46D4-9430-2DB28654AFD8} => Registry Key removed successfully

========== Software ==========
O42 - Logiciel: LiveUpdate 3.2 (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- LiveUpdate => Software removed successfully

========== Summary ==========
2 : Registry Key
1 : Software

End of the scan

je vais redémarrer le PC

Réponse 33 / 47

nour_darbi Messages postés 53 Date d'inscription Statut Membre Dernière intervention

[url=https://www.luanagames.com/index.fr.html]ZHPDiag3.Txt[/url]

Rapport de ZHPDiag v1.27.1849 par Nicolas Coolman, Update du 31/03/2011
Run by PC-DE-BFZ at 05/04/2011 22:56:11
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 4.0 v4.0 (Defaut)
GCIE: Google Chrome v10.0.648.204

---\\ System Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1918 MB (52% free)
System Restore: Activé (Enable)
System drive C: has 146 GB (64%) free of 225 GB

---\\ Logged in mode
Computer Name: PC-DE-PC-DE-BFZ
User Name: PC-DE-BFZ
All Users Names: PC-DE-BFZ, ASPNET, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\PC-DE-BFZ\AppData\Roaming
%LocalAppData%=C:\Users\PC-DE-BFZ\AppData\Local
%StartMenu%=C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 146 Go of 225 Go)
D:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

---\\ Search Generic System Files
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17/03/2011 21:18:53.) -- C:\Windows\System32\wininet.dll [1126912]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 07:32:26.) -- C:\Windows\System32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 07:32:49.) -- C:\Windows\System32\drivers\ntfs.sys [1083880]

---\\ Running Processes
[MD5.5EBED4145F8CE0AE9BF859F7F33CC729] - (.Silicon Integrated Systems Corporation - SiSTray.) -- C:\Program Files\SiS VGA Utilities\SiSTray.exe [552960]
[MD5.675253563B449B0B37E97BD09150B1ED] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [857648]
[MD5.66CF7713FE5BD782943975AF9427A4A8] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4702208]
[MD5.BF38C273C3EC524880AF0AEB2E7CE160] - (.Sonic Solutions - RoxMMTrayApp Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [232184]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192]
[MD5.2D1389E05A807D956829F44BD4B60389] - (.Symantec Corporation - LiveUpdate Notice Service.) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768]
[MD5.E26642C193B81F2AA06D6013D4E07D03] - (...) -- C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe [102400]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952]
[MD5.CAFE5B48E48E6CD8FB7D05A82CD56248] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3366200]
[MD5.BC9C9BE7BB74D629362608ACE470E7DA] - (.Microsoft Corporation - Notification de cadeaux MSN.) -- C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [135680]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [97680]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376]
[MD5.2D4040F03702E79F6FA98D2E76BA831F] - (.Sonic Solutions - ROXHelpRunner Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe [17656]
[MD5.7AAF26E5CEC48A364FAB61A3505668FB] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632]
[MD5.42A8D7674CC494E73930C69D4987C49F] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [642048]

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Users\PC-DE-BFZ\AppData\Roaming\Mozilla\Firefox\Profiles\plo2nbru.default\searchplugins\bing.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\googledesktop.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\WebSearch.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.0.1.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.732.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Unknown owner - No comment.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.615.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Unknown owner - No comment.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60129.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.732] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.732] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=1.0.0.0] - (.RealNetworks, Inc. - RealPlayer(tm) HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.732] - (.RealNetworks, Inc. - 6.0.12.732.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Users\PC-DE-BFZ\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
M0 - MFSP: prefs.js [PC-DE-BFZ - plo2nbru.default] https://www.google.fr/?gws_rd=ssl
M2 - MFEP: prefs.js [PC-DE-BFZ - plo2nbru.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
M2 - MFEP: prefs.js [PC-DE-BFZ - plo2nbru.default\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] [] DVDVideoSoft Menu v1.2.1 (.Copyright (C) 2010 DVDVideoSoft.)

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-1276515037-3699232844-3715797077-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ ---\\ Changed inifile Value, Mapped to Registry (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Browser Helper Objects (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} . (.Packard Bell - BAE.dll.) -- C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (...) -- "C:\Program Files\Microsoft\BingBar\BingExt.dll" (.not file.)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- "C:\Program Files\Microsoft\BingBar\BingExt.dll"

---\\ ---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [SiSTray] . (.Silicon Integrated Systems Corporation - SiSTray.) -- C:\Program Files\SiS VGA Utilities\SiSTray.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe
O4 - HKLM\..\Run: [RoxWatchTray] . (.Sonic Solutions - RoxMMTrayApp Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exetEng.dll (.not file.)
O4 - HKLM\..\Run: [snp2std] . (.Sonix - CameraMonitor Application.) -- C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] . (...) -- C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [MSPService] . (...) -- C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\PC-DE-BFZ\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-1276515037-3699232844-3715797077-1002\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1276515037-3699232844-3715797077-1002\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-1276515037-3699232844-3715797077-1002\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1276515037-3699232844-3715797077-1002\..\Run: [EPSON Stylus DX4400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.exe
O4 - HKUS\S-1-5-21-1276515037-3699232844-3715797077-1002\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\PC-DE-BFZ\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-1276515037-3699232844-3715797077-1002\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk . (.Microsoft Corporation.) -- C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

---\\ ---\\ Other User Links (O4)
O4 - Global Startup: C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\AD-R.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\DVDVideoSoft Free Studio.lnk . (.DVD Video Soft Limited..) -- C:\Program Files\Common Files\DVDVideoSoft\FreeStudioManager.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\PC-DE-BFZ\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\OpenOffice.org 3.1.lnk . (.OpenOffice.org.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\Windows Live Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Unknown owner - No comment.) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A96940F3-F228-4081-88ED-D46398CE9F2C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A96940F3-F228-4081-88ED-D46398CE9F2C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Extra protocols and protocol Hijackers (O18)
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (ASLDRService) . (.Unknown owner - ASLDR Service.) - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (CLTNetCnService) - Orphean Key
O23 - Service: (dgdersvc) . (.Devguru Co., Ltd. - Device Error Recovery SDK(x86).) - C:\Windows\system32\dgdersvc.exe
O23 - Service: (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\Windows\system32\FsUsbExService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google - Google Desktop.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: (gupdate1c9d64de00c6588) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (LiveUpdate Notice Ex) - Orphean Key
O23 - Service: (LiveUpdate Notice Service) . (.Symantec Corporation - LiveUpdate Notice Service.) - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: (RichVideo) . (.Unknown owner - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: (RoxMediaDB9) . (.Sonic Solutions - RoxMediaDB9 Module.) - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: (RoxWatch9) . (.Sonic Solutions - RoxSniffer9 Module.) - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: (stllssvr) . (.MicroVision Development, Inc. - SureThing Labelflash Disc Printer Service M.) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe

---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe

---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1276515037-3699232844-3715797077-1002Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1276515037-3699232844-3715797077-1002UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HDReg.job
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineCore] (.Unknown owner.) -- C:\Program âiles\Google\Update\GoogleUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineUA] (.Unknown owner.) -- C:\Program âiles\Google\Update\GoogleUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-1276515037-3699232844-3715797077-1002Core] (.Unknown owner.) -- C:\Users\PC-DE-BâZ\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-1276515037-3699232844-3715797077-1002UA] (.Unknown owner.) -- C:\Users\PC-DE-BâZ\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [HDReg] (.Unknown owner.) -- C:\Program âiles\HDReg\HDRegRem.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-1276515037-3699232844-3715797077-1002] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\RealUpgrade.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-1276515037-3699232844-3715797077-1002] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\RealUpgrade.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (.Unknown owner.) -- C:\Program âiles\Apple Soâtware Update\SoâtwareUpdate.exe (.not file.)

---\\ Drivers launched at startup (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

---\\ Software installed (O42)
O42 - Logiciel: ADSL Neuf - (.Unknown owner.) [HKLM] -- NEUF_FR
O42 - Logiciel: ATK Hotkey - (.ATK.) [HKLM] -- {3912D529-02BC-4CA8-B5ED-0D0C20EB6003}
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- {1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Archiveur WinRAR - (.Unknown owner.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM] -- {77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8}
O42 - Logiciel: Browser Address Error Redirector - (.Unknown owner.) [HKLM] -- {3EE33958-7381-4E7B-A4F3-6E43098E9E9C}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CX4300_5500_DX4400 Manuel - (.Unknown owner.) [HKLM] -- CX4300_5500_DX4400 Manuel
O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.Unknown owner.) [HKLM] -- {8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}
O42 - Logiciel: Creator 9 - (.Unknown owner.) [HKLM] -- CREATOR9
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DVDVideoSoftTB Toolbar - (.Unknown owner.) [HKLM] -- DVDVideoSoftTB Toolbar
O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}
O42 - Logiciel: EPSON Copy Utility 3 - (.Unknown owner.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857}
O42 - Logiciel: EPSON Easy Photo Print - (.Unknown owner.) [HKLM] -- {B66E665A-DF96-4C38-9422-C7F74BC1B4E5}
O42 - Logiciel: EPSON File Manager - (.Unknown owner.) [HKLM] -- {2EB81825-E9EE-44F4-8F51-1240C3898DC6}
O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EPSON Scan - (.Unknown owner.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Scan Assistant - (.Unknown owner.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}
O42 - Logiciel: Feedback Tool - (.Microsoft Corporation.) [HKLM] -- {90024193-9F13-4877-89D5-A1CDF0CBBF28}
O42 - Logiciel: Firefox - (.Unknown owner.) [HKLM] -- FirefoxFR
O42 - Logiciel: Free YouTube to Mp3 Converter version 2.5 - (.DVD Video Soft Limited..) [HKLM] -- Free YouTube to Mp3 Converter_is1
O42 - Logiciel: Free YouTube to iPhone Converter version 2.9.25 - (.DVDVideoSoft Limited..) [HKLM] -- Free YouTube to iPhone Converter_is1
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: GearDrvs - (.GEAR Software.) [HKLM] -- {CB84F0F2-927B-458D-9DC5-87832E3DC653}
O42 - Logiciel: GearDrvs - (.Symantec Corporation.) [HKLM] -- {206FD69B-F9FE-4164-81BD-D52552BC9C23}
O42 - Logiciel: Google BAE - (.Unknown owner.) [HKLM] -- GoogleBAE
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: GoogleDesktop - (.Unknown owner.) [HKLM] -- GoogleDesktop
O42 - Logiciel: GoogleToolbar - (.Unknown owner.) [HKLM] -- GoogleToolbar
O42 - Logiciel: HDReg France - (.Acxiom.) [HKLM] -- {0ED40D2A-7131-4FE7-941E-5C329336F712}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Infocentre Rev. 2.0 - (.Unknown owner.) [HKLM] -- Infocentre
O42 - Logiciel: Java(TM) 6 Update 24 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216015FF}
O42 - Logiciel: Java(TM) 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Kies - (.??? ?????.) [HKLM] -- InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}
O42 - Logiciel: Kies - (.??? ?????.) [HKLM] -- {D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}
O42 - Logiciel: MP Manager - (.MPMAN.) [HKLM] -- {7D0D36BF-4799-4701-9A77-74EB325FE7B0}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MagicSports 3.5 - (.Unknown owner.) [HKLM] -- {5927AF0D-335C-41D6-937B-54587EBD6D2C}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Metaboli - (.Unknown owner.) [HKLM] -- METABOLI
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Unknown owner.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Unknown owner.) [HKLM] -- M2416447
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Unknown owner.) [HKLM] -- M979906
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Microsoft Works 9 - (.Unknown owner.) [HKLM] -- WKS9
O42 - Logiciel: Microsoft Works 9 SE - (.Unknown owner.) [HKLM] -- works9se
O42 - Logiciel: Microsoft® Office Trial 2007 - (.Unknown owner.) [HKLM] -- OFF2k7_FR
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 4.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0 (x86 fr)
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] -- {B2E581DB-C4DD-432C-AC84-ED761AC056BC}
O42 - Logiciel: OutlookAddInNet3Setup - (.Samsung.) [HKLM] -- {5B4383F2-37EE-4E97-AD81-F5FF76F286DA}
O42 - Logiciel: Packard Bell Demo - (.Unknown owner.) [HKLM] -- PB_DEMO
O42 - Logiciel: Packard Bell ImageWriter - (.Unknown owner.) [HKLM] -- ImageWriter
O42 - Logiciel: Packard Bell LCD Test - (.Unknown owner.) [HKLM] -- LCDTest
O42 - Logiciel: Packard Bell Updator - (.Unknown owner.) [HKLM] -- Updator
O42 - Logiciel: PhotoFiltre - (.Unknown owner.) [HKLM] -- PhotoFiltre
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0
O42 - Logiciel: RealUpgrade 1.0 - (.RealNetworks, Inc..) [HKLM] -- {F4F4F84E-804F-4E9A-84D7-C34283F0088F}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Roxio Creator 9 LE - (.Roxio.) [HKLM] -- {B7FB0C86-41A4-4402-9A33-912C462042A0}
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: Samsung Master - (.Samsung.) [HKLM] -- {AEC0CEBC-0FC7-4716-8222-1C4A742719B1}
O42 - Logiciel: SeaTools for Windows - (.Seagate Technology.) [HKLM] -- {98613C99-1399-416C-A07C-1EE1C585D872}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{210B16C0-CEBD-4DE9-B474-04A7E8735E16}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3DED0A62-44C8-4E00-A785-5212F297A9D9}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: SetUp My PC - (.Unknown owner.) [HKLM] -- SETUPMYPC_FR
O42 - Logiciel: Shockwave player 10 - (.Unknown owner.) [HKLM] -- Shockwave
O42 - Logiciel: SiS VGA Utilities - (.Silicon Integrated Systems Corporation.) [HKLM] -- SiS VGA Utilities
O42 - Logiciel: Skype(TM) 4.0 - (.Skype Technologies S.A..) [HKLM] -- {24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Uninstall 1.0.0.0 - (.Unknown owner.) [HKLM] -- Uninstall_is1
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {F53D678E-238F-4A71-9742-08BB6774E9DC}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {FCFBA290-CB48-4AF1-A241-2685AEDEDD66}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- Windows Live OneCare safety scanner
O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- {FE0646A7-19D0-41B4-A2BB-2C35D644270D}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AB93C51F-71F9-4A28-8134-FE1B5B9373E9}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {2A697B53-0DE3-42DA-B41D-C3F804B1C538}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\DVDVideoSoftTB]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avira]
[HKCU\Software\Caphyon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DVDVideoSoft]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EPSON]
[HKCU\Software\GNU]
[HKCU\Software\Google]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MPMAN]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Roxio]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\STOIK Imagic 30]
[HKCU\Software\Samsung]
[HKCU\Software\SiS]
[HKCU\Software\Skype]
[HKCU\Software\Sonic]
[HKCU\Software\Stoik]
[HKCU\Software\Sun Microsystems]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\pixeasy]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATK]
[HKLM\Software\Adobe]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\AsLdr]
[HKLM\Software\Avira]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DVDVideoSoftTB]
[HKLM\Software\DVDVideoSoft]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EPSON]
[HKLM\Software\FullCircle]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HK

Réponse 34 / 47

nour_darbi Messages postés 53 Date d'inscription Statut Membre Dernière intervention

la suite

[HKLM\Software\JreMetrics]
[HKLM\Software\Licenses]
[HKLM\Software\MSS Software]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MicroVision]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\PB_EBAY]
[HKLM\Software\PB_FIRSTCHOICE]
[HKLM\Software\PB_KODAK]
[HKLM\Software\PB_METABOLI]
[HKLM\Software\Policies]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\Roxio]
[HKLM\Software\SRS Labs]
[HKLM\Software\SamsungMaster]
[HKLM\Software\Samsung]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\SymDebug]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\Uniblue]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\X-AVCSD]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\illiminable]
[HKLM\Software\mozilla.org]

---\\ Contents of the Common Files folders (O43)
O43 - CFD: 13/03/2009 - 13:50:50 - [12683094] ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 02/04/2011 - 18:32:24 - [135718331] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 04/04/2011 - 17:24:44 - [166318478] ----D- C:\Program Files\Adobe
O43 - CFD: 01/11/2010 - 14:29:30 - [0] ----D- C:\Program Files\Alwil Software
O43 - CFD: 21/02/2011 - 16:58:20 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 13/03/2009 - 13:16:14 - [5335437] ----D- C:\Program Files\ATK Hotkey
O43 - CFD: 12/02/2011 - 17:09:10 - [112856298] ----D- C:\Program Files\Avira
O43 - CFD: 21/02/2011 - 16:55:10 - [617032] ----D- C:\Program Files\Bonjour
O43 - CFD: 03/04/2011 - 03:06:04 - [61926935] ----D- C:\Program Files\Business-in-a-Box
O43 - CFD: 12/07/2010 - 11:46:36 - [2902648] ----D- C:\Program Files\CCleaner
O43 - CFD: 26/03/2011 - 21:13:56 - [1181575727] ----D- C:\Program Files\Common Files
O43 - CFD: 13/03/2009 - 13:37:30 - [82427735] ----D- C:\Program Files\CyberLink
O43 - CFD: 07/11/2010 - 16:40:04 - [12465622] ----D- C:\Program Files\DVDVideoSoft
O43 - CFD: 07/11/2010 - 16:40:52 - [158562] ----D- C:\Program Files\DVDVideoSoftTB
O43 - CFD: 10/07/2010 - 21:49:16 - [0] ----D- C:\Program Files\Ela-Salaty
O43 - CFD: 16/11/2009 - 23:23:46 - [145163248] ----D- C:\Program Files\epson
O43 - CFD: 23/10/2010 - 14:50:18 - [2400024] ----D- C:\Program Files\Feedback Tool
O43 - CFD: 15/05/2009 - 16:40:48 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 07/01/2011 - 22:31:38 - [34408519] ----D- C:\Program Files\Google
O43 - CFD: 13/03/2009 - 13:25:34 - [1943721] ----D- C:\Program Files\HDReg
O43 - CFD: 26/03/2011 - 21:46:20 - [48706359] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 23/03/2011 - 15:07:20 - [7128404] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 12/03/2011 - 18:19:44 - [1856627] ----D- C:\Program Files\iPod
O43 - CFD: 12/03/2011 - 18:21:46 - [127660511] ----D- C:\Program Files\iTunes
O43 - CFD: 20/02/2011 - 14:02:54 - [169347787] ----D- C:\Program Files\Java
O43 - CFD: 31/10/2009 - 23:58:38 - [51216] ----D- C:\Program Files\Kaspersky Lab
O43 - CFD: 03/04/2011 - 00:53:12 - [4920393] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 26/03/2011 - 21:14:50 - [2530872] ----D- C:\Program Files\MarkAny
O43 - CFD: 15/03/2011 - 22:27:22 - [21237210] ----D- C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 14:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 13/03/2009 - 13:48:44 - [369713301] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 16/02/2011 - 15:39:20 - [38371963] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 20/02/2010 - 23:39:18 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 15/12/2010 - 17:27:52 - [145421942] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 25/06/2010 - 21:31:44 - [8167779] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 12/08/2010 - 16:30:16 - [99342446] ----D- C:\Program Files\Movie Maker
O43 - CFD: 23/03/2011 - 15:07:20 - [36399500] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 17/05/2009 - 12:24:52 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 15/01/2011 - 14:01:56 - [1005044] ----D- C:\Program Files\Norton 360
O43 - CFD: 30/10/2009 - 15:31:14 - [0] ----D- C:\Program Files\Norton Security Scan
O43 - CFD: 31/12/2009 - 00:04:20 - [376485973] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 12/07/2010 - 12:02:42 - [107896257] ----D- C:\Program Files\Packard Bell
O43 - CFD: 26/03/2011 - 21:18:02 - [31060] ----D- C:\Program Files\PC Connectivity Solution
O43 - CFD: 16/07/2009 - 16:52:22 - [3553191] ----D- C:\Program Files\PhotoFiltre
O43 - CFD: 20/02/2011 - 17:56:24 - [163531] ----D- C:\Program Files\PixEasy
O43 - CFD: 21/02/2011 - 16:59:52 - [76322555] ----D- C:\Program Files\QuickTime
O43 - CFD: 24/06/2010 - 21:19:12 - [83010104] ----D- C:\Program Files\Real
O43 - CFD: 13/03/2009 - 13:18:52 - [16217860] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 13/03/2009 - 13:34:56 - [74182375] ----D- C:\Program Files\Roxio
O43 - CFD: 26/03/2011 - 21:22:46 - [436959118] ----D- C:\Program Files\Samsung
O43 - CFD: 13/03/2009 - 13:26:44 - [9444415] ----D- C:\Program Files\Seagate
O43 - CFD: 13/03/2009 - 13:17:30 - [8175692] ----D- C:\Program Files\SiS VGA Utilities
O43 - CFD: 16/05/2009 - 19:51:40 - [28420953] R---D- C:\Program Files\Skype
O43 - CFD: 13/03/2009 - 13:18:04 - [13605382] ----D- C:\Program Files\Synaptics
O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 30/11/2009 - 23:51:38 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 30/11/2009 - 23:51:38 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 30/11/2009 - 23:51:36 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 30/11/2009 - 23:51:38 - [7084664] ----D- C:\Program Files\Windows Journal
O43 - CFD: 20/12/2010 - 23:08:56 - [190756655] ----D- C:\Program Files\Windows Live
O43 - CFD: 24/01/2010 - 04:44:54 - [46213918] ----D- C:\Program Files\Windows Live Safety Center
O43 - CFD: 09/02/2011 - 21:37:48 - [9116344] ----D- C:\Program Files\Windows Mail
O43 - CFD: 16/10/2010 - 01:58:24 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 15/05/2009 - 16:40:48 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 30/11/2009 - 23:51:36 - [13528738] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 04/12/2009 - 23:43:36 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 30/11/2009 - 23:51:38 - [7610938] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 17/01/2010 - 14:14:18 - [3525705] ----D- C:\Program Files\WinRAR
O43 - CFD: 05/04/2011 - 22:56:32 - [6517112] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 04/04/2011 - 17:25:38 - [3516357] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 12/03/2011 - 18:19:40 - [103706295] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 13/03/2009 - 13:48:42 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 07/11/2010 - 16:40:26 - [27465773] ----D- C:\Program Files\Common Files\DVDVideoSoft
O43 - CFD: 13/03/2009 - 13:37:06 - [13139244] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 20/02/2011 - 14:03:26 - [33233760] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 01/11/2010 - 14:30:06 - [436816974] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 24/06/2010 - 21:20:10 - [21490541] ----D- C:\Program Files\Common Files\Real
O43 - CFD: 13/03/2009 - 13:34:36 - [65562642] ----D- C:\Program Files\Common Files\Roxio Shared
O43 - CFD: 26/03/2011 - 21:15:06 - [49707036] ----D- C:\Program Files\Common Files\Samsung
O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 16/05/2009 - 19:51:40 - [1942824] ----D- C:\Program Files\Common Files\Skype
O43 - CFD: 13/03/2009 - 13:34:36 - [3925552] ----D- C:\Program Files\Common Files\Sonic Shared
O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 13/03/2009 - 13:34:56 - [595968] ----D- C:\Program Files\Common Files\SureThing Shared
O43 - CFD: 05/04/2011 - 22:48:14 - [14036049] ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 30/11/2009 - 23:51:36 - [42750094] ----D- C:\Program Files\Common Files\System
O43 - CFD: 16/05/2009 - 14:58:38 - [319142773] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 13/03/2009 - 13:26:24 - [2994176] ----D- C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 24/06/2010 - 21:19:00 - [352256] ----D- C:\Program Files\Common Files\xing shared
O43 - CFD: 04/04/2011 - 19:16:54 - [152033447] ----D- C:\ProgramData\Adobe
O43 - CFD: 01/11/2010 - 14:29:30 - [35509941] ----D- C:\ProgramData\Alwil Software
O43 - CFD: 05/06/2009 - 19:59:56 - [94671872] ----D- C:\ProgramData\Apple
O43 - CFD: 12/03/2011 - 18:19:28 - [65308456] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 12/02/2011 - 17:09:10 - [42369730] ----D- C:\ProgramData\Avira
O43 - CFD: 15/05/2009 - 16:40:48 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 13/03/2009 - 13:37:46 - [4197] ----D- C:\ProgramData\CyberLink
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 16/11/2009 - 23:16:42 - [415970] ----D- C:\ProgramData\EPSON
O43 - CFD: 15/05/2009 - 16:40:48 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 07/01/2011 - 22:16:10 - [539633] ----D- C:\ProgramData\Google
O43 - CFD: 13/03/2009 - 13:35:08 - [326] ----D- C:\ProgramData\InstallShield
O43 - CFD: 31/10/2009 - 02:37:06 - [30987336] ----D- C:\ProgramData\Kaspersky Lab Setup Files
O43 - CFD: 03/04/2011 - 00:53:08 - [6539603] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 19/10/2009 - 22:48:18 - [246826] ----D- C:\ProgramData\McAfee
O43 - CFD: 15/05/2009 - 16:40:48 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 15/03/2011 - 22:27:46 - [180333060] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 15/12/2010 - 17:22:54 - [57040] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 15/05/2009 - 16:40:48 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 15/01/2011 - 14:01:56 - [17738] ----D- C:\ProgramData\Norton
O43 - CFD: 10/07/2010 - 18:34:12 - [6411766] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 01/11/2009 - 00:10:32 - [144] ----D- C:\ProgramData\PC Drivers HeadQuarters
O43 - CFD: 21/03/2010 - 17:00:22 - [1052639] ----D- C:\ProgramData\Real
O43 - CFD: 13/03/2009 - 14:00:24 - [16029] ----D- C:\ProgramData\Roxio
O43 - CFD: 26/03/2011 - 21:21:40 - [7867481] ----D- C:\ProgramData\Samsung
O43 - CFD: 16/05/2009 - 19:51:40 - [41044696] ----D- C:\ProgramData\Skype
O43 - CFD: 16/05/2009 - 15:26:26 - [957] ----D- C:\ProgramData\Sonic
O43 - CFD: 16/01/2010 - 21:16:40 - [239224] ----D- C:\ProgramData\SpeakyChat
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 30/03/2010 - 20:39:56 - [294] ----D- C:\ProgramData\Sun
O43 - CFD: 17/10/2009 - 23:32:54 - [378383945] ----D- C:\ProgramData\Symantec
O43 - CFD: 20/02/2011 - 17:54:16 - [0] ---AD- C:\ProgramData\TEMP
O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 01/11/2009 - 00:10:34 - [0] ----D- C:\ProgramData\UAB
O43 - CFD: 16/11/2009 - 23:28:32 - [3184] ----D- C:\ProgramData\UDL
O43 - CFD: 10/07/2010 - 20:26:40 - [0] ----D- C:\ProgramData\WindowsSearch
O43 - CFD: 04/04/2011 - 17:42:58 - [4996621] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Adobe
O43 - CFD: 21/02/2011 - 17:17:56 - [222361] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Apple Computer
O43 - CFD: 12/02/2011 - 17:35:30 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Avira
O43 - CFD: 15/05/2009 - 16:42:54 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\CyberLink
O43 - CFD: 18/07/2010 - 14:33:14 - [604188] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\EPSON
O43 - CFD: 10/07/2010 - 22:16:38 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Google
O43 - CFD: 15/05/2009 - 16:41:50 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Identities
O43 - CFD: 17/10/2009 - 22:44:20 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\InstallShield
O43 - CFD: 16/07/2009 - 16:49:08 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Leadertech
O43 - CFD: 16/05/2009 - 13:47:46 - [2644] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Macromedia
O43 - CFD: 03/04/2011 - 00:53:20 - [1743] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Media Center Programs
O43 - CFD: 04/04/2011 - 17:42:58 - [11173068] -S--D- C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft
O43 - CFD: 27/10/2010 - 18:17:48 - [16690077] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Mozilla
O43 - CFD: 28/02/2010 - 01:35:38 - [2050] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\MP-Manager
O43 - CFD: 28/02/2010 - 00:15:44 - [102467792] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\MPMAN
O43 - CFD: 24/05/2009 - 16:55:14 - [2898816] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\OpenOffice.org
O43 - CFD: 17/10/2009 - 23:19:16 - [143267] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Packard Bell
O43 - CFD: 23/10/2010 - 14:48:06 - [207872] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Raccourcis applicatifs
O43 - CFD: 04/07/2010 - 20:37:52 - [3695307] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Real
O43 - CFD: 04/01/2011 - 21:31:22 - [150] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Registry Mechanic
O43 - CFD: 10/11/2010 - 19:53:44 - [10891438] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Roxio
O43 - CFD: 26/03/2011 - 21:14:50 - [4384663] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Samsung
O43 - CFD: 18/05/2009 - 02:27:08 - [1007114] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Skype
O43 - CFD: 18/05/2009 - 00:08:48 - [172816] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\skypePM
O43 - CFD: 16/05/2009 - 20:50:26 - [3089] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Symantec
O43 - CFD: 15/05/2009 - 16:55:32 - [4036] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Talkback
O43 - CFD: 11/06/2009 - 01:03:36 - [13824] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Template
O43 - CFD: 06/07/2010 - 16:25:38 - [43942488] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\U3
O43 - CFD: 28/08/2010 - 19:08:02 - [230206] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Uniblue
O43 - CFD: 05/06/2009 - 20:30:28 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\WinRAR

---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.24EF12005489D17500FCFD7FF8EF1200] - 05/04/2011 - 21:56:27 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1930485]
O44 - LFC:[MD5.5DB47187D424AD127989100B8BC38F72] - 05/04/2011 - 21:51:58 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.B3AD4936D9DDE100DDCB372FC377ED31] - 05/04/2011 - 21:51:47 ---A- . (...) -- C:\Windows\PFRO.log [2184]
O44 - LFC:[MD5.295737B9D48DDCBAE97F6D40B7E2D7DF] - 05/04/2011 - 21:48:20 ---A- . (...) -- C:\ZHPExportRegistry-05-04-2011-22-48-20.txt [6276]
O44 - LFC:[MD5.E7917072CECEFB14C4A15ED00FD1771E] - 04/04/2011 - 21:43:42 ---A- . (...) -- C:\ZHPExportRegistry-04-04-2011-22-43-42.txt [366872]
O44 - LFC:[MD5.E74DC2F3F9675A6025A4AA020EDD4341] - 02/04/2011 - 23:53:09 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.9B5CC6C481BDD00A963829B892623247] - 02/04/2011 - 23:53:02 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]
O44 - LFC:[MD5.A6F203934328AB8D7F6ABBD1E6F1501B] - 02/04/2011 - 22:17:16 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.971C65525EB6A72D067C8AE750B452A3] - 02/04/2011 - 20:51:47 ---A- . (...) -- C:\Ad-Report-SCAN[4].txt [5115]
O44 - LFC:[MD5.66ABB295EEAD00AA7BB06E6EB8516860] - 02/04/2011 - 20:40:35 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [15525]
O44 - LFC:[MD5.C228C63366F08AE46B69912863556C8D] - 02/04/2011 - 19:56:40 ---A- . (...) -- C:\Ad-Report-SCAN[3].txt [16633]
O44 - LFC:[MD5.005F3C78AB5076F9239FABDACB6215A7] - 02/04/2011 - 19:51:16 ---A- . (...) -- C:\Ad-Report-SCAN[2].txt [491]
O44 - LFC:[MD5.4D112D0247429063CE3C135EA84570E2] - 02/04/2011 - 17:34:19 ---A- . (...) -- C:\Ad-Report-SCAN[1].txt [16498]
O44 - LFC:[MD5.D5A0DDFBE53C099282C1AD11DEF708AE] - 31/03/2011 - 21:33:56 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [359880]
O44 - LFC:[MD5.C5C19E9266FF3044A5C11779272889EA] - 31/03/2011 - 15:39:21 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1522546]
O44 - LFC:[MD5.2BFFE9C21C50D06E3352D89F18D39632] - 31/03/2011 - 15:39:21 ---A- . (...) -- C:\Windows\System32\perfc009.dat [107760]
O44 - LFC:[MD5.D7142E6FD3AD9940F236E0F5CC2A11CB] - 31/03/2011 - 15:39:21 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [130494]
O44 - LFC:[MD5.5AF6E822050D040D5C675C4595541CEE] - 31/03/2011 - 15:39:21 ---A- . (...) -- C:\Windows\System32\perfh009.dat [604324]
O44 - LFC:[MD5.B6ED467ABF2E58CE550EB63F977E84C4] - 31/03/2011 - 15:39:21 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [678046]
O44 - LFC:[MD5.F9F4BC8A7EC80F39DE8323D0D1BC85FE] - 26/03/2011 - 20:34:37 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP.) -- C:\Windows\System32\drivers\ss_bwh.sys [12288]
O44 - LFC:[MD5.F9F4BC8A7EC80F39DE8323D0D1BC85FE] - 26/03/2011 - 20:34:37 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP.) -- C:\Windows\System32\drivers\ss_bwhnt.sys [12288]
O44 - LFC:[MD5.994D2E5378CC337EC7DD73C1E04FCAA4] - 26/03/2011 - 20:34:37 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Logging Device Driver.) -- C:\Windows\System32\drivers\ss_bserd.sys [100224]
O44 - LFC:[MD5.B89D62206034E5FE573C80A24DD55675] - 26/03/2011 - 20:34:36 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem Filter.) -- C:\Windows\System32\drivers\ss_bmdfl.sys [14848]
O44 - LFC:[MD5.1ED0FCEA586FE2A416EE15196E5631DD] - 26/03/2011 - 20:34:36 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem.) -- C:\Windows\System32\drivers\ss_bmdm.sys [123648]
O44 - LFC:[MD5.3F0164FBC0BD1ADBD02DF9759181451A] - 26/03/2011 - 20:34:35 ---A- . (.MCCI - SAMSUNG USB Mobile Device.) -- C:\Windows\System32\drivers\ss_bbus.sys [98432]
O44 - LFC:[MD5.2DD4E8844F8F094659DD695A80FED36E] - 26/03/2011 - 20:34:35 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_bcm.sys [12416]
O44 - LFC:[MD5.2DD4E8844F8F094659DD695A80FED36E] - 26/03/2011 - 20:34:35 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_bcmnt.sys [12416]
O44 - LFC:[MD5.15AB846886C225FFF0376F3CEF21188F] - 26/03/2011 - 20:19:57 ---A- . (.Teruten - FsUsbDevice.) -- C:\Windows\System32\FsUsbExService.Exe [233472]
O44 - LFC:[MD5.C83C84DAE3B901BF404D36F304B00FA0] - 26/03/2011 - 20:19:57 ---A- . (.Unknown owner - EjectDisk DLL.) -- C:\Windows\System32\FsUsbExDevice.Dll [110592]
O44 - LFC:[MD5.1667A0F0E7161176DB6AB4ECACF4E307] - 26/03/2011 - 20:14:45 ---A- . (...) -- C:\aqua_bitmap.cpp [2006]
O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 17/03/2011 - 21:19:46 ---A- . (...) -- C:\Windows\System32\icrav03.rat [8798]
O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 17/03/2011 - 21:19:46 ---A- . (...) -- C:\Windows\System32\ticrf.rat [1988]
O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 17/03/2011 - 21:18:44 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822]
O44 - LFC:[MD5.8627F01C7E0C25E7CDFCAED985E10264] - 12/03/2011 - 16:13:54 ---A- . (...) -- C:\Windows\System32\mapisvc.inf [629]
O44 - LFC:[MD5.CBE5F69A5E5B918225F420BA748F3742] - 24/06/2010 - 14:00:14 ---A- . (...) -- C:\Windows\System32\FsUsbExDisk.Sys [36608]

---\\ MountPoints2 Shell Key (MPKS) (O51)
O51 - MPSK:{cf437550-56d4-11df-b972-001fc62eebab}\AutoRun\command. (.Unknown owner - No comment.) -- F:\LaunchU3.exe (.not file.)
O51 - MPSK:{f25789ff-7789-11df-a340-001fc62eebab}\AutoRun\command. (.Unknown owner - No comment.) -- F:\LaunchU3.exe (.not file.)

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"msacm.mkdmp3enc"="C:\PROGRA~1\CYBERL~1\MAGICS~1\Kernel\Burner\MKDMP3Enc.ACM" . (.Unknown owner - No comment.) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (.Unknown owner - No comment.) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\PROGRA~1\CYBERL~1\MAGICS~1\Kernel\Burner\MKDMP3Enc.ACM"="MP3 PowerEncoder" . (.Unknown owner - No comment.) -- (.not file.)
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec" . (.Unknown owner - No comment.) -- C:\Windows\System32\xvidvfw.dll

---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoViewContextMenu"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRun"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoFind"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDesktop"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "HideClock"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoFolderOptions"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=149
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0

---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297576]
O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [98408]
O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [147048]
O58 - SDL:[MD5.16BFE5660820E1C3A85EA1BD86C53689] - 13/03/2009 - 20:40:40 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17592]
O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [67688]
O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [67688]
O58 - SDL:[MD5.44362605F5FFF00C9B7696B47680A8C5] - 13/01/2009 - 08:45:00 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [954368]
O58 - SDL:[MD5.97AFFA9D95FFE20EEE6229BC6BE166CF] - 14/12/2006 - 08:11:58 ---A- . (.ATK0100 - ATK0100 ACPI Utility.) -- C:\Windows\system32\drivers\ATKACPI.sys [7680]
O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 06/12/2010 - 08:48:06 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [61960]
O58 - SDL:[MD5.DA39805E2BAD99D37FCE9477DD94E7F2] - 19/02/2011 - 14:12:41 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [135096]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.BF79E659C506674C0497CC9C61F1A165] - 24/07/2006 - 03:00:00 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdr4_xp.sys [2432]
O58 - SDL:[MD5.2C41CD49D82D5FD85C72D57B6CA25471] - 24/07/2006 - 03:00:00 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdralw2k.sys [2560]
O58 - SDL:[MD5.F98E07CCCF9152959210C532C951667D] - 13/03/2009 - 20:40:40 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19128]
O58 - SDL:[MD5.6186B6B953BDC884F0F379B84B3E3A98] - 30/07/2008 - 16:42:12 ---A- . (.Symantec Corporation - Confidence Online v6.1 WDM driver (6,1,4,10).) -- C:\Windows\system32\drivers\COH_Mon.sys [23888]
O58 - SDL:[MD5.3BE1651C63954067940E7F473498AD70] - 30/07/2010 - 06:51:50 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\system32\drivers\dgderdrv.sys [18120]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]
O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys [117760]
O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [316520]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 22:17:00 R--A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [37480]
O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [232040]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]
O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [65640]
O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [65640]
O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [65640]
O58 - SDL:[MD5.9B5CC6C481BDD00A963829B892623247] - 29/11/2010 - 16:42:06 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20952]
O58 - SDL:[MD5.E74DC2F3F9675A6025A4AA020EDD4341] - 29/11/2010 - 16:42:18 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224]
O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [28776]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 10:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [88680]
O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [40040]
O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 20/11/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\pxhelp20.sys [43872]
O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [900712]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.2967E9C168CB5E0108A8A243AE179BAD] - 09/10/2007 - 09:49:58 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [1970712]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.DF1AF7F5F1EC7800B3AC398ACC06C754] - 24/01/2007 - 10:08:06 ---A- . (.Silicon Integrated Systems Corporation - SiS AGPv3.5 Filter.) -- C:\Windows\system32\drivers\SISAGPX.SYS [56184]
O58 - SDL:[MD5.A029482BE40DEF54DF02FCE751AA16DC] - 20/06/2007 - 04:12:18 ---A- . (.Silicon Integrated Systems Corp. - NDIS 6.0 Miniport Driver for SiS191/SiS190 Ethernet Device.) -- C:\Windows\system32\drivers\SiSGB6.sys [47616]
O58 - SDL:[MD5.6BA9C92029070D92774BAB7DBBF06763] - 16/10/2007 - 10:07:26 ---A- . (.Silicon Integrated Systems Corporation - SiS VGA Kernal Mode Vista Driver.) -- C:\Windows\system32\drivers\SISGRKMD.sys [454008]
O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [38504]
O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [71784]
O58 - SDL:[MD5.33B5AC23A36D38F55A73BE3CBB53D076] - 01/12/2005 - 09:44:24 ---A- . (.Unknown owner - USB2.0 PC Camera driver.) -- C:\Windows\system32\drivers\sncamd.sys [24704]
O58 - SDL:[MD5.419C9A8DCE47328F8683EEFE86F71308] - 20/02/2006 - 17:51:14 ---A- . (.Unknown owner - USB2.0 PC Camera driver.) -- C:\Windows\system32\drivers\snp2sxp.sys [10446720]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 17/06/2010 - 14:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.3F0164FBC0BD1ADBD02DF9759181451A] - 27/04/2010 - 03:25:16 ---A- . (.MCCI - SAMSUNG USB Mobile Device.) -- C:\Windows\system32\drivers\ss_bbus.sys [98432]
O58 - SDL:[MD5.2DD4E8844F8F094659DD695A80FED36E] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_bcm.sys [12416]
O58 - SDL:[MD5.2DD4E8844F8F094659DD695A80FED36E] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_bcmnt.sys [12416]
O58 - SDL:[MD5.B89D62206034E5FE573C80A24DD55675] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem Filter.) -- C:\Windows\system32\drivers\ss_bmdfl.sys [14848]
O58 - SDL:[MD5.1ED0FCEA586FE2A416EE15196E5631DD] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem.) -- C:\Windows\system32\drivers\ss_bmdm.sys [123648]
O58 - SDL:[MD5.994D2E5378CC337EC7DD73C1E04FCAA4] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Logging Device Driver.) -- C:\Windows\system32\drivers\ss_bserd.sys [100224]
O58 - SDL:[MD5.F9F4BC8A7EC80F39DE8323D0D1BC85FE] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\Windows\system32\drivers\ss_bwh.sys [12288]
O58 - SDL:[MD5.F9F4BC8A7EC80F39DE8323D0D1BC85FE] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\Windows\system32\drivers\ss_bwhnt.sys [12288]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.760E4F5A1E754BBE4A1BD2A0B54F6AA6] - 01/03/2007 - 14:24:30 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [182456]
O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [235112]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.E5B7B1383A353CBA210B92B427E3132F] - 13/03/2009 - 20:40:40 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20152]
O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys [112232]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.CBE5F69A5E5B918225F420BA748F3742] - 24/06/2010 - 14:00:14 ---A- . (...) -- C:\Windows\system32\FsUsbExDisk.Sys [36608]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK
O64 - Services: CurCS - (.not file.) - aswMonFlt (aswMonFlt) .(...) - LEGACY_ASWMONFLT
O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR
O64 - Services: CurCS - (.not file.) - aswSnx (aswSnx) .(...) - LEGACY_ASWSNX
O64 - Services: CurCS - (.not file.) - aswSP (aswSP) .(...) - LEGACY_ASWSP
O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP
O64 - Services: CurCS - C:\Users\PC-DE-~1\AppData\Local\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME
O64 - Services: CurCS - C:\Windows\System32\drivers\dgderdrv.sys - dgderdrv (dgderdrv) .(.Devguru Co., Ltd - Device Error Recovery SDK(x86).) - LEGACY_DGDERDRV
O64 - Services: CurCS - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - Symantec Eraser Control driver (eeCtrl) .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL
O64 - Services: CurCS - (.not file.) - EraserUtilDrv10910 (EraserUtilDrv10910) .(...) - LEGACY_ERASERUTILDRV10910
O64 - Services: CurCS - (.not file.) - EraserUtilDrv10920 (EraserUtilDrv10920) .(...) - LEGACY_ERASERUTILDRV10920
O64 - Services: CurCS - (.not file.) - EraserUtilDrv11010 (EraserUtilDrv11010) .(...) - LEGACY_ERASERUTILDRV11010
O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(...) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\FsUsbExDisk.sys - FsUsbExDisk (FsUsbExDisk) .(...) - LEGACY_FSUSBEXDISK
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC
O64 - Services: CurCS - (.not file.) - Symantec Intrusion Prevention Driver (IDSvix86) .(...) - LEGACY_IDSVIX86
O64 - Services: CurCS - (.not file.) - Kaspersky Lab Driver (KLIF) .(...) - LEGACY_KLIF
O64 - Services: CurCS - (.not file.) - mbr (mbr) .(...) - LEGACY_MBR
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
O64 - Services: CurCS - (.not file.) - Symantec Data Store (SymDS) .(...) - LEGACY_SYMDS
O64 - Services: CurCS - (.not file.) - Symantec Extended File Attributes (SymEFA) .(...) - LEGACY_SYMEFA
O64 - Services: CurCS - (.not file.) - Symantec Iron Driver (SymIRON) .(...) - LEGACY_SYMIRON
O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(...) - LEGACY_SYMTDI
O64 - Services: CurCS - (.not file.) - Symantec Vista Network Dispatch Driver (SYMTDIv) .(...) - LEGACY_SYMTDIV

---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Editeur du Registre.) -- C:\Windows\regedit.exe

---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\PC-DE-BFZ\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {70D46D94-BF1E-45ED-B567-48701376298E} - (Google Desktop) - http://127.0.0.1:4664/search&s=SfMmGW3PpcMvQK68UR0KLPE7iR4?q={searchTerms}
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} [DefaultScope] - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - https://search.sweetim.com/

---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.F3DA5AFBB8A80C3301E1A086FAFF4D9B] [SPRF] (.Unknown owner - No comment.) -- C:\Users\PC-DE-BFZ\AppData\Local\Temp\1L+qrrP0.exe.part [497597]

---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l'autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "{15E2849A-2173-464E-8BA3-F42DC13F91E5}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink MagicSports.) -- C:\Program Files\CyberLink\MagicSports\MagicSports.exe
O87 - FAEL: "{7BA99D53-6697-4755-9C83-91E1624F1494}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "TCP Query User{5E8EEA13-2D18-4390-82A2-C1609014FEFD}C:\program files\internet explorer\iexplore.exe" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe
O87 - FAEL: "UDP Query User{14AE9303-0EBA-485D-B703-62AEB8D55F35}C:\program files\internet explorer\iexplore.exe" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe
O87 - FAEL: "TCP Query User{48E4BF2D-1D9B-4360-B03F-E88ECFB4191A}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\french\setup.exe" | In - Public - P6 - TRUE | .(.Kaspersky Lab.) -- C:\programdata\kaspersky lab setup files\kaspersk
O87 - FAEL: "UDP Query User{31E665E1-48E1-42C2-8483-5E6D756F4309}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\french\setup.exe" | In - Public - P17 - TRUE | .(.Kaspersky Lab.) -- C:\programdata\kaspersky lab setup files\kaspers
O87 - FAEL: "{7B84C5B5-EC72-449C-8CC6-9F432F911DB8}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "{75DC4FE9-DD72-4C04-B907-4CDD0CB663B8}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Mesh Operating Environment.) -- C:\Program Files\Windows Live\Mesh\MOE.exe
O87 - FAEL: "{8712CC93-070C-4CFC-84D1-52C07C62B5F4}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O87 - FAEL: "{7893081C-164B-470A-A3B0-32AE6DFCD471}" | In - Public - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe
O87 - FAEL: "{C385A809-33B2-4B70-86F0-CA16561A3FC0}" | In - Public - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 06/12/2010 135336 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 06/12/2010 267944 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 18/02/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 05/02/2007 94208 | (ASLDRService) . (...) - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
SS - | Demand 28/02/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe
SR - | Auto 07/10/2010 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 07/10/2010 0 | (CLTNetCnService) . (...) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SR - | Auto 30/07/2010 95568 | (dgdersvc) . (.Devguru Co., Ltd..) - C:\Windows\system32\dgdersvc.exe
SR - | Auto 24/06/2010 233472 | (FsUsbExService) . (.Teruten.) - C:\Windows\system32\FsUsbExService.exe
SS - | Demand 21/06/2010 30192 | Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Auto 16/05/2009 133104 | (gupdate1c9d64de00c6588) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SS - | Demand 07/03/2011 820520 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 07/03/2011 0 | (LiveUpdate Notice Ex) . (...) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SR - | Auto 29/01/2008 583048 | (LiveUpdate Notice Service) . (.Symantec Corporation.) - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
SR - | Auto 06/03/2007 266343 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
SR - | Demand 11/01/2007 887544 | (RoxMediaDB9) . (.Sonic Solutions.) - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
SR - | Auto 11/01/2007 166648 | (RoxWatch9) . (.Sonic Solutions.) - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
SS - | Demand 14/09/2006 73728 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

---\\ Search Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, http://www.gmer.net
Run by PC-DE-BFZ at 05/04/2011 22:59:12

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
1 ntkrnlpa!IofCallDriver[0x8305F912] -> \Device\Harddisk0\DR0[0x865B03A0]
3 CLASSPNP[0x88DC58B3] -> ntkrnlpa!IofCallDriver[0x8305F912] -> [0x8538AF08]
5 acpi[0x836976BC] -> ntkrnlpa!IofCallDriver[0x8305F912] -> \Device\Ide\IdeDeviceP1T0L0-1[0x8539B030]
kernel: MBR read successfully
user & kernel MBR OK

---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by PC-DE-BFZ at 05/04/2011 22:59:14
Use the desktop link 'MBRCheck' to have full report
Dump file Name : C:\PhysicalDisk0_MBR.bin

End of the scan (1194 lines in 03mn 02s)(0)

Réponse 35 / 47

Utilisateur anonyme

Je regarderai en détail demain

Réponse 36 / 47

nour_darbi Messages postés 53 Date d'inscription Statut Membre Dernière intervention

D'accord, et mercii

Réponse 37 / 47

Utilisateur anonyme

Bonjour,
On va supprimer les restants de Symantec et Avast avec ZHPFix

Copie les lignes suivantes en gras ci dessous, c'est à dire
que tu sélectionnes les lignes indiquées en gras avec ta souris, tu fait
clic droit dessus>copier

O4 - HKLM\..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exetEng.dll (.not file.)
O23 - Service: (CLTNetCnService) - Orphean Key
O23 - Service: (LiveUpdate) . (.Symantec Corporation - LiveUpdate Engine COM Module.) - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.exe
O23 - Service: (LiveUpdate Notice Ex) - Orphean Key
O23 - Service: (LiveUpdate Notice Service) . (.Symantec Corporation - LiveUpdate Notice Service.) - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
[HKLM\Software\Symantec]
[HKCU\Software\Norton]
[HKCU\Software\Symantec]
O43 - CFD: 15/01/2011 - 14:01:56 - [1005044] ----D- C:\Program Files\Norton 360
O43 - CFD: 30/10/2009 - 15:31:14 - [0] ----D- C:\Program Files\Norton Security Scan
O43 - CFD: 15/01/2011 - 13:57:36 - [20256219] ----D- C:\Program Files\Symantec
O43 - CFD: 15/01/2011 - 14:01:56 - [17738] ----D- C:\ProgramData\Norton
O43 - CFD: 10/07/2010 - 18:34:12 - [6411766] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 17/10/2009 - 23:32:54 - [461809181] ----D- C:\ProgramData\Symantec
O43 - CFD: 16/05/2009 - 20:50:26 - [3089] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Symantec
O64 - Services: CurCS - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - Symantec Eraser Control driver (eeCtrl) .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL
O64 - Services: CurCS - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK
O64 - Services: CurCS - (.not file.) - aswMonFlt (aswMonFlt) .(...) - LEGACY_ASWMONFLT
O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR
O64 - Services: CurCS - (.not file.) - aswSnx (aswSnx) .(...) - LEGACY_ASWSNX
O64 - Services: CurCS - (.not file.) - aswSP (aswSP) .(...) - LEGACY_ASWSP
O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI
O64 - Services: CurCS - (.not file.) - Symantec Data Store (SymDS) .(...) - LEGACY_SYMDS
O64 - Services: CurCS - (.not file.) - Symantec Extended File Attributes (SymEFA) .(...) - LEGACY_SYMEFA
O64 - Services: CurCS - (.not file.) - Symantec Iron Driver (SymIRON) .(...) - LEGACY_SYMIRON
O64 - Services: CurCS - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - Symantec Eraser Control driver (eeCtrl) .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL
O64 - Services: CurCS - (.not file.) - Symantec Intrusion Prevention Driver (IDSvix86) .(...) - LEGACY_IDSVIX86
O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(...) - LEGACY_SYMTDI
O64 - Services: CurCS - (.not file.) - Symantec Vista Network Dispatch Driver (SYMTDIv) .(...) - LEGACY_SYMTDIV
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - https://search.sweetim.com/
SS - | Demand 26/09/2007 2999664 | (LiveUpdate) . (.Symantec Corporation.) - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.exe
SS - | Auto 26/09/2007 0 | (LiveUpdate Notice Ex) . (...) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SR - | Auto 29/01/2008 583048 | (LiveUpdate Notice Service) . (.Symantec Corporation.) - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

* Lance ZHPFix, soit à partir d'un raccourci sur le bureau, soit à partir de
ZHPDiag (avec Vista/Seven, clic droit dessus, et sur exécuter en
tant qu'administrateur)
Clique sur l'icône représentant la lettre H (« coller les lignes Helper »)
- Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
- Clique sur le bouton « GO » pour lancer le nettoyage,
- Copie/colle la totalité du rapport dans ta prochaine réponse

Redémarre ton PC

Ensuite, poste moi un nouveau rapport ZHPDiag, héberge le

Réponse 38 / 47

nour_darbi Messages postés 53 Date d'inscription Statut Membre Dernière intervention

Bonjour,

Rapport de ZHPFix 1.12.3269 par Nicolas Coolman, Update du 30/03/2011
Fichier d'export Registre : C:\ZHPExportRegistry-06-04-2011-16-53-22.txt
Run by PC-DE-BFZ at 06/04/2011 16:53:22
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Registry Key ==========
O23 - Service: (CLTNetCnService) - Orphean Key => Registry Key removed successfully
O23 - Service: (LiveUpdate) . (.Symantec Corporation - LiveUpdate Engine COM Module.) - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.exe => Registry Key removed successfully
O23 - Service: (LiveUpdate Notice Ex) - Orphean Key => Registry Key removed successfully
O23 - Service: (LiveUpdate Notice Service) . (.Symantec Corporation - LiveUpdate Notice Service.) - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe => Registry Key removed successfully
O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys => Registry Key removed successfully
HKLM\Software\Symantec => Registry Key removed successfully
HKCU\Software\Norton => Registry Key removed successfully
HKCU\Software\Symantec => Registry Key removed successfully
O64 - Services: CurCS - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - Symantec Eraser Control driver (eeCtrl) .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL => Registry Key removed successfully
O64 - Services: CurCS - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK => Registry Key removed successfully
O64 - Services: CurCS - (.not file.) - aswMonFlt (aswMonFlt) .(...) - LEGACY_ASWMONFLT => Registry Key removed successfully
O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR => Registry Key removed successfully
O64 - Services: CurCS - (.not file.) - aswSnx (aswSnx) .(...) - LEGACY_ASWSNX => Registry Key removed successfully
O64 - Services: CurCS - (.not file.) - aswSP (aswSP) .(...) - LEGACY_ASWSP => Registry Key removed successfully
O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI => Registry Key removed successfully
O64 - Services: CurCS - (.not file.) - Symantec Data Store (SymDS) .(...) - LEGACY_SYMDS => Registry Key removed successfully
O64 - Services: CurCS - (.not file.) - Symantec Extended File Attributes (SymEFA) .(...) - LEGACY_SYMEFA => Registry Key removed successfully
O64 - Services: CurCS - (.not file.) - Symantec Iron Driver (SymIRON) .(...) - LEGACY_SYMIRON => Registry Key removed successfully
O64 - Services: CurCS - (.not file.) - Symantec Intrusion Prevention Driver (IDSvix86) .(...) - LEGACY_IDSVIX86 => Registry Key removed successfully
O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(...) - LEGACY_SYMTDI => Registry Key removed successfully
O64 - Services: CurCS - (.not file.) - Symantec Vista Network Dispatch Driver (SYMTDIv) .(...) - LEGACY_SYMTDIV => Registry Key removed successfully
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - https://search.sweetim.com/ => Registry Key removed successfully
SS - | Demand 26/09/2007 2999664 | (LiveUpdate) . (.Symantec Corporation.) - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.exe => Registry Key removed successfully
SS - | Auto 26/09/2007 0 | (LiveUpdate Notice Ex) . (...) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe => Registry Key removed successfully

========== Registry Value ==========
O4 - HKLM\..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exetEng.dll (.not file.) => Registry key value removed successfully

========== Repertory ==========
C:\Program Files\Norton 360 => Quarantined and Deleted successfully
C:\Program Files\Norton Security Scan => Quarantined and Deleted successfully
C:\Program Files\Symantec => Folder not found
C:\ProgramData\Norton => Quarantined and Deleted successfully
C:\ProgramData\NortonInstaller => Quarantined and Deleted successfully
C:\ProgramData\Symantec => File delete on reboot
C:\Users\PC-DE-BFZ\AppData\Roaming\Symantec => Quarantined and Deleted successfully

========== File ==========
c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exeteng.dll => File not found
c:\progra~1\symantec\liveup~1\lucoms~1.exe => Quarantined and Deleted successfully
c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe => Quarantined and Deleted successfully
c:\program files\common files\symantec shared\ccsvchst.exe => File not found

========== Summary ==========
24 : Registry Key
1 : Registry Value
7 : Repertory
4 : File

End of the scan

Réponse 39 / 47

nour_darbi Messages postés 53 Date d'inscription Statut Membre Dernière intervention

[url=https://www.luanagames.com/index.fr.html]ZHPDiag4.Txt[/url]

Rapport de ZHPDiag v1.27.1849 par Nicolas Coolman, Update du 31/03/2011
Run by PC-DE-BFZ at 06/04/2011 17:02:50
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 4.0 v4.0 (Defaut)
GCIE: Google Chrome v10.0.648.204

---\\ System Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1918 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 146 GB (64%) free of 225 GB

---\\ Logged in mode
Computer Name: PC-DE-PC-DE-BFZ
User Name: PC-DE-BFZ
All Users Names: PC-DE-BFZ, ASPNET, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\PC-DE-BFZ\AppData\Roaming
%LocalAppData%=C:\Users\PC-DE-BFZ\AppData\Local
%StartMenu%=C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 146 Go of 225 Go)
D:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

---\\ Search Generic System Files
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17/03/2011 21:18:53.) -- C:\Windows\System32\wininet.dll [1126912]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 07:32:26.) -- C:\Windows\System32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 07:32:49.) -- C:\Windows\System32\drivers\ntfs.sys [1083880]

---\\ Running Processes
[MD5.5EBED4145F8CE0AE9BF859F7F33CC729] - (.Silicon Integrated Systems Corporation - SiSTray.) -- C:\Program Files\SiS VGA Utilities\SiSTray.exe [552960]
[MD5.675253563B449B0B37E97BD09150B1ED] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [857648]
[MD5.66CF7713FE5BD782943975AF9427A4A8] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4702208]
[MD5.BF38C273C3EC524880AF0AEB2E7CE160] - (.Sonic Solutions - RoxMMTrayApp Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [232184]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768]
[MD5.E26642C193B81F2AA06D6013D4E07D03] - (...) -- C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe [102400]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952]
[MD5.CAFE5B48E48E6CD8FB7D05A82CD56248] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3366200]
[MD5.BC9C9BE7BB74D629362608ACE470E7DA] - (.Microsoft Corporation - Notification de cadeaux MSN.) -- C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [135680]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [97680]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376]
[MD5.2D4040F03702E79F6FA98D2E76BA831F] - (.Sonic Solutions - ROXHelpRunner Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe [17656]
[MD5.42A8D7674CC494E73930C69D4987C49F] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [642048]

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Users\PC-DE-BFZ\AppData\Roaming\Mozilla\Firefox\Profiles\plo2nbru.default\searchplugins\bing.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\googledesktop.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\WebSearch.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [PC-DE-BFZ] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.0.1.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.732.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Unknown owner - No comment.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.615.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Unknown owner - No comment.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60129.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.732] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.732] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=1.0.0.0] - (.RealNetworks, Inc. - RealPlayer(tm) HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.732] - (.RealNetworks, Inc. - 6.0.12.732.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Users\PC-DE-BFZ\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
M0 - MFSP: prefs.js [PC-DE-BFZ - plo2nbru.default] https://www.google.fr/?gws_rd=ssl
M2 - MFEP: prefs.js [PC-DE-BFZ - plo2nbru.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
M2 - MFEP: prefs.js [PC-DE-BFZ - plo2nbru.default\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] [] DVDVideoSoft Menu v1.2.1 (.Copyright (C) 2010 DVDVideoSoft.)

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-1276515037-3699232844-3715797077-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ ---\\ Changed inifile Value, Mapped to Registry (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Browser Helper Objects (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} . (.Packard Bell - BAE.dll.) -- C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (...) -- "C:\Program Files\Microsoft\BingBar\BingExt.dll" (.not file.)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- "C:\Program Files\Microsoft\BingBar\BingExt.dll"

---\\ ---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [SiSTray] . (.Silicon Integrated Systems Corporation - SiSTray.) -- C:\Program Files\SiS VGA Utilities\SiSTray.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe
O4 - HKLM\..\Run: [RoxWatchTray] . (.Sonic Solutions - RoxMMTrayApp Module.) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [snp2std] . (.Sonix - CameraMonitor Application.) -- C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] . (...) -- C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [MSPService] . (...) -- C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\PC-DE-BFZ\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-1276515037-3699232844-3715797077-1002\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1276515037-3699232844-3715797077-1002\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-1276515037-3699232844-3715797077-1002\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1276515037-3699232844-3715797077-1002\..\Run: [EPSON Stylus DX4400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.exe
O4 - HKUS\S-1-5-21-1276515037-3699232844-3715797077-1002\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\PC-DE-BFZ\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-1276515037-3699232844-3715797077-1002\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk . (.Microsoft Corporation.) -- C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

---\\ ---\\ Other User Links (O4)
O4 - Global Startup: C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\AD-R.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\DVDVideoSoft Free Studio.lnk . (.DVD Video Soft Limited..) -- C:\Program Files\Common Files\DVDVideoSoft\FreeStudioManager.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\PC-DE-BFZ\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\OpenOffice.org 3.1.lnk . (.OpenOffice.org.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\Desktop\Windows Live Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Unknown owner - No comment.) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A96940F3-F228-4081-88ED-D46398CE9F2C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A96940F3-F228-4081-88ED-D46398CE9F2C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Extra protocols and protocol Hijackers (O18)
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (ASLDRService) . (.Unknown owner - ASLDR Service.) - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (dgdersvc) . (.Devguru Co., Ltd. - Device Error Recovery SDK(x86).) - C:\Windows\system32\dgdersvc.exe
O23 - Service: (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\Windows\system32\FsUsbExService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google - Google Desktop.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: (gupdate1c9d64de00c6588) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (LiveUpdate Notice Service) - Orphean Key
O23 - Service: (RichVideo) . (.Unknown owner - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: (RoxMediaDB9) . (.Sonic Solutions - RoxMediaDB9 Module.) - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: (RoxWatch9) . (.Sonic Solutions - RoxSniffer9 Module.) - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: (stllssvr) . (.MicroVision Development, Inc. - SureThing Labelflash Disc Printer Service M.) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe

---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe

---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1276515037-3699232844-3715797077-1002Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1276515037-3699232844-3715797077-1002UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HDReg.job
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineCore] (.Unknown owner.) -- C:\Program âiles\Google\Update\GoogleUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineUA] (.Unknown owner.) -- C:\Program âiles\Google\Update\GoogleUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-1276515037-3699232844-3715797077-1002Core] (.Unknown owner.) -- C:\Users\PC-DE-BâZ\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-1276515037-3699232844-3715797077-1002UA] (.Unknown owner.) -- C:\Users\PC-DE-BâZ\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [HDReg] (.Unknown owner.) -- C:\Program âiles\HDReg\HDRegRem.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-1276515037-3699232844-3715797077-1002] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\RealUpgrade.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-1276515037-3699232844-3715797077-1002] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\RealUpgrade.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (.Unknown owner.) -- C:\Program âiles\Apple Soâtware Update\SoâtwareUpdate.exe (.not file.)

---\\ Drivers launched at startup (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

---\\ Software installed (O42)
O42 - Logiciel: ADSL Neuf - (.Unknown owner.) [HKLM] -- NEUF_FR
O42 - Logiciel: ATK Hotkey - (.ATK.) [HKLM] -- {3912D529-02BC-4CA8-B5ED-0D0C20EB6003}
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- {1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Archiveur WinRAR - (.Unknown owner.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM] -- {77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8}
O42 - Logiciel: Browser Address Error Redirector - (.Unknown owner.) [HKLM] -- {3EE33958-7381-4E7B-A4F3-6E43098E9E9C}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CX4300_5500_DX4400 Manuel - (.Unknown owner.) [HKLM] -- CX4300_5500_DX4400 Manuel
O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.Unknown owner.) [HKLM] -- {8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}
O42 - Logiciel: Creator 9 - (.Unknown owner.) [HKLM] -- CREATOR9
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DVDVideoSoftTB Toolbar - (.Unknown owner.) [HKLM] -- DVDVideoSoftTB Toolbar
O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}
O42 - Logiciel: EPSON Copy Utility 3 - (.Unknown owner.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857}
O42 - Logiciel: EPSON Easy Photo Print - (.Unknown owner.) [HKLM] -- {B66E665A-DF96-4C38-9422-C7F74BC1B4E5}
O42 - Logiciel: EPSON File Manager - (.Unknown owner.) [HKLM] -- {2EB81825-E9EE-44F4-8F51-1240C3898DC6}
O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EPSON Scan - (.Unknown owner.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Scan Assistant - (.Unknown owner.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}
O42 - Logiciel: Feedback Tool - (.Microsoft Corporation.) [HKLM] -- {90024193-9F13-4877-89D5-A1CDF0CBBF28}
O42 - Logiciel: Firefox - (.Unknown owner.) [HKLM] -- FirefoxFR
O42 - Logiciel: Free YouTube to Mp3 Converter version 2.5 - (.DVD Video Soft Limited..) [HKLM] -- Free YouTube to Mp3 Converter_is1
O42 - Logiciel: Free YouTube to iPhone Converter version 2.9.25 - (.DVDVideoSoft Limited..) [HKLM] -- Free YouTube to iPhone Converter_is1
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: GearDrvs - (.GEAR Software.) [HKLM] -- {CB84F0F2-927B-458D-9DC5-87832E3DC653}
O42 - Logiciel: GearDrvs - (.Symantec Corporation.) [HKLM] -- {206FD69B-F9FE-4164-81BD-D52552BC9C23}
O42 - Logiciel: Google BAE - (.Unknown owner.) [HKLM] -- GoogleBAE
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: GoogleDesktop - (.Unknown owner.) [HKLM] -- GoogleDesktop
O42 - Logiciel: GoogleToolbar - (.Unknown owner.) [HKLM] -- GoogleToolbar
O42 - Logiciel: HDReg France - (.Acxiom.) [HKLM] -- {0ED40D2A-7131-4FE7-941E-5C329336F712}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Infocentre Rev. 2.0 - (.Unknown owner.) [HKLM] -- Infocentre
O42 - Logiciel: Java(TM) 6 Update 24 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216015FF}
O42 - Logiciel: Java(TM) 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Kies - (.??? ?????.) [HKLM] -- InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}
O42 - Logiciel: Kies - (.??? ?????.) [HKLM] -- {D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}
O42 - Logiciel: MP Manager - (.MPMAN.) [HKLM] -- {7D0D36BF-4799-4701-9A77-74EB325FE7B0}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MagicSports 3.5 - (.Unknown owner.) [HKLM] -- {5927AF0D-335C-41D6-937B-54587EBD6D2C}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Metaboli - (.Unknown owner.) [HKLM] -- METABOLI
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Unknown owner.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Unknown owner.) [HKLM] -- M2416447
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Unknown owner.) [HKLM] -- M979906
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Microsoft Works 9 - (.Unknown owner.) [HKLM] -- WKS9
O42 - Logiciel: Microsoft Works 9 SE - (.Unknown owner.) [HKLM] -- works9se
O42 - Logiciel: Microsoft® Office Trial 2007 - (.Unknown owner.) [HKLM] -- OFF2k7_FR
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 4.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0 (x86 fr)
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] -- {B2E581DB-C4DD-432C-AC84-ED761AC056BC}
O42 - Logiciel: OutlookAddInNet3Setup - (.Samsung.) [HKLM] -- {5B4383F2-37EE-4E97-AD81-F5FF76F286DA}
O42 - Logiciel: Packard Bell Demo - (.Unknown owner.) [HKLM] -- PB_DEMO
O42 - Logiciel: Packard Bell ImageWriter - (.Unknown owner.) [HKLM] -- ImageWriter
O42 - Logiciel: Packard Bell LCD Test - (.Unknown owner.) [HKLM] -- LCDTest
O42 - Logiciel: Packard Bell Updator - (.Unknown owner.) [HKLM] -- Updator
O42 - Logiciel: PhotoFiltre - (.Unknown owner.) [HKLM] -- PhotoFiltre
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0
O42 - Logiciel: RealUpgrade 1.0 - (.RealNetworks, Inc..) [HKLM] -- {F4F4F84E-804F-4E9A-84D7-C34283F0088F}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Roxio Creator 9 LE - (.Roxio.) [HKLM] -- {B7FB0C86-41A4-4402-9A33-912C462042A0}
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: Samsung Master - (.Samsung.) [HKLM] -- {AEC0CEBC-0FC7-4716-8222-1C4A742719B1}
O42 - Logiciel: SeaTools for Windows - (.Seagate Technology.) [HKLM] -- {98613C99-1399-416C-A07C-1EE1C585D872}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{210B16C0-CEBD-4DE9-B474-04A7E8735E16}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3DED0A62-44C8-4E00-A785-5212F297A9D9}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: SetUp My PC - (.Unknown owner.) [HKLM] -- SETUPMYPC_FR
O42 - Logiciel: Shockwave player 10 - (.Unknown owner.) [HKLM] -- Shockwave
O42 - Logiciel: SiS VGA Utilities - (.Silicon Integrated Systems Corporation.) [HKLM] -- SiS VGA Utilities
O42 - Logiciel: Skype(TM) 4.0 - (.Skype Technologies S.A..) [HKLM] -- {24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Uninstall 1.0.0.0 - (.Unknown owner.) [HKLM] -- Uninstall_is1
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {F53D678E-238F-4A71-9742-08BB6774E9DC}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {FCFBA290-CB48-4AF1-A241-2685AEDEDD66}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- Windows Live OneCare safety scanner
O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- {FE0646A7-19D0-41B4-A2BB-2C35D644270D}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AB93C51F-71F9-4A28-8134-FE1B5B9373E9}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {2A697B53-0DE3-42DA-B41D-C3F804B1C538}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\DVDVideoSoftTB]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avira]
[HKCU\Software\Caphyon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DVDVideoSoft]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EPSON]
[HKCU\Software\GNU]
[HKCU\Software\Google]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MPMAN]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Roxio]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\STOIK Imagic 30]
[HKCU\Software\Samsung]
[HKCU\Software\SiS]
[HKCU\Software\Skype]
[HKCU\Software\Sonic]
[HKCU\Software\Stoik]
[HKCU\Software\Sun Microsystems]
[HKCU\Software\Synaptics]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\pixeasy]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATK]
[HKLM\Software\Adobe]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\AsLdr]
[HKLM\Software\Avira]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DVDVideoSoftTB]
[HKLM\Software\DVDVideoSoft]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EPSON]
[HKLM\Software\FullCircle]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Licenses]
[HKLM\Software\MSS Software]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MicroVision]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\PB_EBAY]
[HKLM\Software\PB_FIRSTCHOICE]
[HKLM\Software\PB_KODAK]
[HKLM\Software\PB_METABOLI]
[HKLM\Software\Policies]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\Roxio]
[HKLM\Software\SRS Labs]
[HKLM\Software\SamsungMaster]
[HKLM\Software\Samsung]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\SymDebug]
[HKLM\Software\Synaptics]
[HKLM

Réponse 40 / 47

nour_darbi Messages postés 53 Date d'inscription Statut Membre Dernière intervention

[HKLM\Software\Uniblue]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\X-AVCSD]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\illiminable]
[HKLM\Software\mozilla.org]

---\\ Contents of the Common Files folders (O43)
O43 - CFD: 13/03/2009 - 13:50:50 - [12683094] ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 02/04/2011 - 18:32:24 - [135718331] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 04/04/2011 - 17:24:44 - [166318478] ----D- C:\Program Files\Adobe
O43 - CFD: 01/11/2010 - 14:29:30 - [0] ----D- C:\Program Files\Alwil Software
O43 - CFD: 21/02/2011 - 16:58:20 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 13/03/2009 - 13:16:14 - [5335437] ----D- C:\Program Files\ATK Hotkey
O43 - CFD: 12/02/2011 - 17:09:10 - [112856298] ----D- C:\Program Files\Avira
O43 - CFD: 21/02/2011 - 16:55:10 - [617032] ----D- C:\Program Files\Bonjour
O43 - CFD: 03/04/2011 - 03:06:04 - [61926935] ----D- C:\Program Files\Business-in-a-Box
O43 - CFD: 12/07/2010 - 11:46:36 - [2902648] ----D- C:\Program Files\CCleaner
O43 - CFD: 26/03/2011 - 21:13:56 - [1180621431] ----D- C:\Program Files\Common Files
O43 - CFD: 13/03/2009 - 13:37:30 - [82427735] ----D- C:\Program Files\CyberLink
O43 - CFD: 07/11/2010 - 16:40:04 - [12465622] ----D- C:\Program Files\DVDVideoSoft
O43 - CFD: 07/11/2010 - 16:40:52 - [158562] ----D- C:\Program Files\DVDVideoSoftTB
O43 - CFD: 10/07/2010 - 21:49:16 - [0] ----D- C:\Program Files\Ela-Salaty
O43 - CFD: 16/11/2009 - 23:23:46 - [145163248] ----D- C:\Program Files\epson
O43 - CFD: 23/10/2010 - 14:50:18 - [2400024] ----D- C:\Program Files\Feedback Tool
O43 - CFD: 15/05/2009 - 16:40:48 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 07/01/2011 - 22:31:38 - [34408519] ----D- C:\Program Files\Google
O43 - CFD: 13/03/2009 - 13:25:34 - [1943721] ----D- C:\Program Files\HDReg
O43 - CFD: 26/03/2011 - 21:46:20 - [48706359] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 23/03/2011 - 15:07:20 - [7128404] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 12/03/2011 - 18:19:44 - [1856627] ----D- C:\Program Files\iPod
O43 - CFD: 12/03/2011 - 18:21:46 - [127660511] ----D- C:\Program Files\iTunes
O43 - CFD: 20/02/2011 - 14:02:54 - [169347787] ----D- C:\Program Files\Java
O43 - CFD: 31/10/2009 - 23:58:38 - [51216] ----D- C:\Program Files\Kaspersky Lab
O43 - CFD: 03/04/2011 - 00:53:12 - [4920393] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 26/03/2011 - 21:14:50 - [2530872] ----D- C:\Program Files\MarkAny
O43 - CFD: 15/03/2011 - 22:27:22 - [21237210] ----D- C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 14:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 13/03/2009 - 13:48:44 - [369713301] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 16/02/2011 - 15:39:20 - [38371963] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 20/02/2010 - 23:39:18 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 15/12/2010 - 17:27:52 - [145421942] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 25/06/2010 - 21:31:44 - [8167779] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 12/08/2010 - 16:30:16 - [99342446] ----D- C:\Program Files\Movie Maker
O43 - CFD: 23/03/2011 - 15:07:20 - [36399500] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 17/05/2009 - 12:24:52 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 31/12/2009 - 00:04:20 - [376485973] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 12/07/2010 - 12:02:42 - [107896257] ----D- C:\Program Files\Packard Bell
O43 - CFD: 26/03/2011 - 21:18:02 - [31060] ----D- C:\Program Files\PC Connectivity Solution
O43 - CFD: 16/07/2009 - 16:52:22 - [3553191] ----D- C:\Program Files\PhotoFiltre
O43 - CFD: 20/02/2011 - 17:56:24 - [163531] ----D- C:\Program Files\PixEasy
O43 - CFD: 21/02/2011 - 16:59:52 - [76322555] ----D- C:\Program Files\QuickTime
O43 - CFD: 24/06/2010 - 21:19:12 - [83010104] ----D- C:\Program Files\Real
O43 - CFD: 13/03/2009 - 13:18:52 - [16217860] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 13/03/2009 - 13:34:56 - [74182375] ----D- C:\Program Files\Roxio
O43 - CFD: 26/03/2011 - 21:22:46 - [436959118] ----D- C:\Program Files\Samsung
O43 - CFD: 13/03/2009 - 13:26:44 - [9444415] ----D- C:\Program Files\Seagate
O43 - CFD: 13/03/2009 - 13:17:30 - [8175692] ----D- C:\Program Files\SiS VGA Utilities
O43 - CFD: 16/05/2009 - 19:51:40 - [28420953] R---D- C:\Program Files\Skype
O43 - CFD: 13/03/2009 - 13:18:04 - [13605382] ----D- C:\Program Files\Synaptics
O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 30/11/2009 - 23:51:38 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 30/11/2009 - 23:51:38 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 30/11/2009 - 23:51:36 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 30/11/2009 - 23:51:38 - [7084664] ----D- C:\Program Files\Windows Journal
O43 - CFD: 20/12/2010 - 23:08:56 - [190756655] ----D- C:\Program Files\Windows Live
O43 - CFD: 24/01/2010 - 04:44:54 - [46213918] ----D- C:\Program Files\Windows Live Safety Center
O43 - CFD: 09/02/2011 - 21:37:48 - [9116344] ----D- C:\Program Files\Windows Mail
O43 - CFD: 16/10/2010 - 01:58:24 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 15/05/2009 - 16:40:48 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 30/11/2009 - 23:51:36 - [13528738] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 04/12/2009 - 23:43:36 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 30/11/2009 - 23:51:38 - [7610938] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 17/01/2010 - 14:14:18 - [3525705] ----D- C:\Program Files\WinRAR
O43 - CFD: 06/04/2011 - 17:03:04 - [14833783] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 04/04/2011 - 17:25:38 - [3516357] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 12/03/2011 - 18:19:40 - [103706295] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 13/03/2009 - 13:48:42 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 07/11/2010 - 16:40:26 - [27465773] ----D- C:\Program Files\Common Files\DVDVideoSoft
O43 - CFD: 13/03/2009 - 13:37:06 - [13139244] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 20/02/2011 - 14:03:26 - [33233760] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 01/11/2010 - 14:30:06 - [436816974] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 24/06/2010 - 21:20:10 - [21490541] ----D- C:\Program Files\Common Files\Real
O43 - CFD: 13/03/2009 - 13:34:36 - [65562642] ----D- C:\Program Files\Common Files\Roxio Shared
O43 - CFD: 26/03/2011 - 21:15:06 - [49707036] ----D- C:\Program Files\Common Files\Samsung
O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 16/05/2009 - 19:51:40 - [1942824] ----D- C:\Program Files\Common Files\Skype
O43 - CFD: 13/03/2009 - 13:34:36 - [3925552] ----D- C:\Program Files\Common Files\Sonic Shared
O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 13/03/2009 - 13:34:56 - [595968] ----D- C:\Program Files\Common Files\SureThing Shared
O43 - CFD: 06/04/2011 - 16:49:26 - [13081753] ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 30/11/2009 - 23:51:36 - [42750094] ----D- C:\Program Files\Common Files\System
O43 - CFD: 16/05/2009 - 14:58:38 - [319142773] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 13/03/2009 - 13:26:24 - [2994176] ----D- C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 24/06/2010 - 21:19:00 - [352256] ----D- C:\Program Files\Common Files\xing shared
O43 - CFD: 04/04/2011 - 19:16:54 - [152033447] ----D- C:\ProgramData\Adobe
O43 - CFD: 01/11/2010 - 14:29:30 - [35509941] ----D- C:\ProgramData\Alwil Software
O43 - CFD: 05/06/2009 - 19:59:56 - [94671872] ----D- C:\ProgramData\Apple
O43 - CFD: 12/03/2011 - 18:19:28 - [65308456] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 12/02/2011 - 17:09:10 - [42381192] ----D- C:\ProgramData\Avira
O43 - CFD: 15/05/2009 - 16:40:48 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 13/03/2009 - 13:37:46 - [4197] ----D- C:\ProgramData\CyberLink
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 16/11/2009 - 23:16:42 - [415970] ----D- C:\ProgramData\EPSON
O43 - CFD: 15/05/2009 - 16:40:48 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 07/01/2011 - 22:16:10 - [539633] ----D- C:\ProgramData\Google
O43 - CFD: 13/03/2009 - 13:35:08 - [326] ----D- C:\ProgramData\InstallShield
O43 - CFD: 31/10/2009 - 02:37:06 - [30987336] ----D- C:\ProgramData\Kaspersky Lab Setup Files
O43 - CFD: 03/04/2011 - 00:53:08 - [6539603] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 19/10/2009 - 22:48:18 - [246826] ----D- C:\ProgramData\McAfee
O43 - CFD: 15/05/2009 - 16:40:48 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 15/03/2011 - 22:27:46 - [178192140] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 15/12/2010 - 17:22:54 - [57040] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 15/05/2009 - 16:40:48 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 01/11/2009 - 00:10:32 - [144] ----D- C:\ProgramData\PC Drivers HeadQuarters
O43 - CFD: 21/03/2010 - 17:00:22 - [1052639] ----D- C:\ProgramData\Real
O43 - CFD: 13/03/2009 - 14:00:24 - [16029] ----D- C:\ProgramData\Roxio
O43 - CFD: 26/03/2011 - 21:21:40 - [7869301] ----D- C:\ProgramData\Samsung
O43 - CFD: 16/05/2009 - 19:51:40 - [41044696] ----D- C:\ProgramData\Skype
O43 - CFD: 16/05/2009 - 15:26:26 - [957] ----D- C:\ProgramData\Sonic
O43 - CFD: 16/01/2010 - 21:16:40 - [239224] ----D- C:\ProgramData\SpeakyChat
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 30/03/2010 - 20:39:56 - [294] ----D- C:\ProgramData\Sun
O43 - CFD: 06/04/2011 - 16:52:08 - [291713] ----D- C:\ProgramData\Symantec
O43 - CFD: 20/02/2011 - 17:54:16 - [0] ---AD- C:\ProgramData\TEMP
O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 01/11/2009 - 00:10:34 - [0] ----D- C:\ProgramData\UAB
O43 - CFD: 16/11/2009 - 23:28:32 - [3184] ----D- C:\ProgramData\UDL
O43 - CFD: 10/07/2010 - 20:26:40 - [0] ----D- C:\ProgramData\WindowsSearch
O43 - CFD: 04/04/2011 - 17:42:58 - [4996621] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Adobe
O43 - CFD: 21/02/2011 - 17:17:56 - [222361] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Apple Computer
O43 - CFD: 12/02/2011 - 17:35:30 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Avira
O43 - CFD: 15/05/2009 - 16:42:54 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\CyberLink
O43 - CFD: 18/07/2010 - 14:33:14 - [604188] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\EPSON
O43 - CFD: 10/07/2010 - 22:16:38 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Google
O43 - CFD: 15/05/2009 - 16:41:50 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Identities
O43 - CFD: 17/10/2009 - 22:44:20 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\InstallShield
O43 - CFD: 16/07/2009 - 16:49:08 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Leadertech
O43 - CFD: 16/05/2009 - 13:47:46 - [2644] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Macromedia
O43 - CFD: 03/04/2011 - 00:53:20 - [1743] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Media Center Programs
O43 - CFD: 04/04/2011 - 17:42:58 - [11180629] -S--D- C:\Users\PC-DE-BFZ\AppData\Roaming\Microsoft
O43 - CFD: 27/10/2010 - 18:17:48 - [17431518] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Mozilla
O43 - CFD: 28/02/2010 - 01:35:38 - [2050] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\MP-Manager
O43 - CFD: 28/02/2010 - 00:15:44 - [102467792] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\MPMAN
O43 - CFD: 24/05/2009 - 16:55:14 - [2898816] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\OpenOffice.org
O43 - CFD: 17/10/2009 - 23:19:16 - [143267] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Packard Bell
O43 - CFD: 23/10/2010 - 14:48:06 - [207872] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Raccourcis applicatifs
O43 - CFD: 04/07/2010 - 20:37:52 - [3695307] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Real
O43 - CFD: 04/01/2011 - 21:31:22 - [150] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Registry Mechanic
O43 - CFD: 10/11/2010 - 19:53:44 - [10891438] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Roxio
O43 - CFD: 26/03/2011 - 21:14:50 - [4384663] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Samsung
O43 - CFD: 18/05/2009 - 02:27:08 - [1007114] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Skype
O43 - CFD: 18/05/2009 - 00:08:48 - [172816] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\skypePM
O43 - CFD: 15/05/2009 - 16:55:32 - [4036] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Talkback
O43 - CFD: 11/06/2009 - 01:03:36 - [13824] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Template
O43 - CFD: 06/07/2010 - 16:25:38 - [43942488] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\U3
O43 - CFD: 28/08/2010 - 19:08:02 - [230206] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\Uniblue
O43 - CFD: 05/06/2009 - 20:30:28 - [0] ----D- C:\Users\PC-DE-BFZ\AppData\Roaming\WinRAR

---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.6E9985C2BC54D772FBE33A4B04B3A10E] - 06/04/2011 - 16:00:18 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.980DC6465758094E9839F3C38E149402] - 06/04/2011 - 16:00:07 ---A- . (...) -- C:\Windows\PFRO.log [2534]
O44 - LFC:[MD5.24EF12005489377600FCFD7FF8EF1200] - 06/04/2011 - 15:59:09 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1948799]
O44 - LFC:[MD5.DAA981628BDD2BBC69DC00289C74A0DD] - 06/04/2011 - 15:53:22 ---A- . (...) -- C:\ZHPExportRegistry-06-04-2011-16-53-22.txt [37140]
O44 - LFC:[MD5.295737B9D48DDCBAE97F6D40B7E2D7DF] - 05/04/2011 - 21:48:20 ---A- . (...) -- C:\ZHPExportRegistry-05-04-2011-22-48-20.txt [6276]
O44 - LFC:[MD5.E7917072CECEFB14C4A15ED00FD1771E] - 04/04/2011 - 21:43:42 ---A- . (...) -- C:\ZHPExportRegistry-04-04-2011-22-43-42.txt [366872]
O44 - LFC:[MD5.E74DC2F3F9675A6025A4AA020EDD4341] - 02/04/2011 - 23:53:09 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.9B5CC6C481BDD00A963829B892623247] - 02/04/2011 - 23:53:02 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]
O44 - LFC:[MD5.A6F203934328AB8D7F6ABBD1E6F1501B] - 02/04/2011 - 22:17:16 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.971C65525EB6A72D067C8AE750B452A3] - 02/04/2011 - 20:51:47 ---A- . (...) -- C:\Ad-Report-SCAN[4].txt [5115]
O44 - LFC:[MD5.66ABB295EEAD00AA7BB06E6EB8516860] - 02/04/2011 - 20:40:35 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [15525]
O44 - LFC:[MD5.C228C63366F08AE46B69912863556C8D] - 02/04/2011 - 19:56:40 ---A- . (...) -- C:\Ad-Report-SCAN[3].txt [16633]
O44 - LFC:[MD5.005F3C78AB5076F9239FABDACB6215A7] - 02/04/2011 - 19:51:16 ---A- . (...) -- C:\Ad-Report-SCAN[2].txt [491]
O44 - LFC:[MD5.4D112D0247429063CE3C135EA84570E2] - 02/04/2011 - 17:34:19 ---A- . (...) -- C:\Ad-Report-SCAN[1].txt [16498]
O44 - LFC:[MD5.D5A0DDFBE53C099282C1AD11DEF708AE] - 31/03/2011 - 21:33:56 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [359880]
O44 - LFC:[MD5.C5C19E9266FF3044A5C11779272889EA] - 31/03/2011 - 15:39:21 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1522546]
O44 - LFC:[MD5.2BFFE9C21C50D06E3352D89F18D39632] - 31/03/2011 - 15:39:21 ---A- . (...) -- C:\Windows\System32\perfc009.dat [107760]
O44 - LFC:[MD5.D7142E6FD3AD9940F236E0F5CC2A11CB] - 31/03/2011 - 15:39:21 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [130494]
O44 - LFC:[MD5.5AF6E822050D040D5C675C4595541CEE] - 31/03/2011 - 15:39:21 ---A- . (...) -- C:\Windows\System32\perfh009.dat [604324]
O44 - LFC:[MD5.B6ED467ABF2E58CE550EB63F977E84C4] - 31/03/2011 - 15:39:21 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [678046]
O44 - LFC:[MD5.F9F4BC8A7EC80F39DE8323D0D1BC85FE] - 26/03/2011 - 20:34:37 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP.) -- C:\Windows\System32\drivers\ss_bwh.sys [12288]
O44 - LFC:[MD5.F9F4BC8A7EC80F39DE8323D0D1BC85FE] - 26/03/2011 - 20:34:37 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP.) -- C:\Windows\System32\drivers\ss_bwhnt.sys [12288]
O44 - LFC:[MD5.994D2E5378CC337EC7DD73C1E04FCAA4] - 26/03/2011 - 20:34:37 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Logging Device Driver.) -- C:\Windows\System32\drivers\ss_bserd.sys [100224]
O44 - LFC:[MD5.B89D62206034E5FE573C80A24DD55675] - 26/03/2011 - 20:34:36 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem Filter.) -- C:\Windows\System32\drivers\ss_bmdfl.sys [14848]
O44 - LFC:[MD5.1ED0FCEA586FE2A416EE15196E5631DD] - 26/03/2011 - 20:34:36 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem.) -- C:\Windows\System32\drivers\ss_bmdm.sys [123648]
O44 - LFC:[MD5.3F0164FBC0BD1ADBD02DF9759181451A] - 26/03/2011 - 20:34:35 ---A- . (.MCCI - SAMSUNG USB Mobile Device.) -- C:\Windows\System32\drivers\ss_bbus.sys [98432]
O44 - LFC:[MD5.2DD4E8844F8F094659DD695A80FED36E] - 26/03/2011 - 20:34:35 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_bcm.sys [12416]
O44 - LFC:[MD5.2DD4E8844F8F094659DD695A80FED36E] - 26/03/2011 - 20:34:35 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_bcmnt.sys [12416]
O44 - LFC:[MD5.15AB846886C225FFF0376F3CEF21188F] - 26/03/2011 - 20:19:57 ---A- . (.Teruten - FsUsbDevice.) -- C:\Windows\System32\FsUsbExService.Exe [233472]
O44 - LFC:[MD5.C83C84DAE3B901BF404D36F304B00FA0] - 26/03/2011 - 20:19:57 ---A- . (.Unknown owner - EjectDisk DLL.) -- C:\Windows\System32\FsUsbExDevice.Dll [110592]
O44 - LFC:[MD5.1667A0F0E7161176DB6AB4ECACF4E307] - 26/03/2011 - 20:14:45 ---A- . (...) -- C:\aqua_bitmap.cpp [2006]
O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 17/03/2011 - 21:19:46 ---A- . (...) -- C:\Windows\System32\icrav03.rat [8798]
O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 17/03/2011 - 21:19:46 ---A- . (...) -- C:\Windows\System32\ticrf.rat [1988]
O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 17/03/2011 - 21:18:44 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822]
O44 - LFC:[MD5.8627F01C7E0C25E7CDFCAED985E10264] - 12/03/2011 - 16:13:54 ---A- . (...) -- C:\Windows\System32\mapisvc.inf [629]
O44 - LFC:[MD5.CBE5F69A5E5B918225F420BA748F3742] - 24/06/2010 - 14:00:14 ---A- . (...) -- C:\Windows\System32\FsUsbExDisk.Sys [36608]

---\\ MountPoints2 Shell Key (MPKS) (O51)
O51 - MPSK:{cf437550-56d4-11df-b972-001fc62eebab}\AutoRun\command. (.Unknown owner - No comment.) -- F:\LaunchU3.exe (.not file.)
O51 - MPSK:{f25789ff-7789-11df-a340-001fc62eebab}\AutoRun\command. (.Unknown owner - No comment.) -- F:\LaunchU3.exe (.not file.)

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"msacm.mkdmp3enc"="C:\PROGRA~1\CYBERL~1\MAGICS~1\Kernel\Burner\MKDMP3Enc.ACM" . (.Unknown owner - No comment.) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (.Unknown owner - No comment.) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\PROGRA~1\CYBERL~1\MAGICS~1\Kernel\Burner\MKDMP3Enc.ACM"="MP3 PowerEncoder" . (.Unknown owner - No comment.) -- (.not file.)
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec" . (.Unknown owner - No comment.) -- C:\Windows\System32\xvidvfw.dll

---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoViewContextMenu"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRun"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoFind"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDesktop"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "HideClock"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoFolderOptions"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=149
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0

---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297576]
O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [98408]
O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [147048]
O58 - SDL:[MD5.16BFE5660820E1C3A85EA1BD86C53689] - 13/03/2009 - 20:40:40 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17592]
O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [67688]
O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [67688]
O58 - SDL:[MD5.44362605F5FFF00C9B7696B47680A8C5] - 13/01/2009 - 08:45:00 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [954368]
O58 - SDL:[MD5.97AFFA9D95FFE20EEE6229BC6BE166CF] - 14/12/2006 - 08:11:58 ---A- . (.ATK0100 - ATK0100 ACPI Utility.) -- C:\Windows\system32\drivers\ATKACPI.sys [7680]
O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 06/12/2010 - 08:48:06 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [61960]
O58 - SDL:[MD5.DA39805E2BAD99D37FCE9477DD94E7F2] - 19/02/2011 - 14:12:41 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [135096]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.BF79E659C506674C0497CC9C61F1A165] - 24/07/2006 - 03:00:00 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdr4_xp.sys [2432]
O58 - SDL:[MD5.2C41CD49D82D5FD85C72D57B6CA25471] - 24/07/2006 - 03:00:00 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdralw2k.sys [2560]
O58 - SDL:[MD5.F98E07CCCF9152959210C532C951667D] - 13/03/2009 - 20:40:40 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19128]
O58 - SDL:[MD5.6186B6B953BDC884F0F379B84B3E3A98] - 30/07/2008 - 16:42:12 ---A- . (.Symantec Corporation - Confidence Online v6.1 WDM driver (6,1,4,10).) -- C:\Windows\system32\drivers\COH_Mon.sys [23888]
O58 - SDL:[MD5.3BE1651C63954067940E7F473498AD70] - 30/07/2010 - 06:51:50 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\system32\drivers\dgderdrv.sys [18120]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]
O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys [117760]
O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [316520]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 22:17:00 R--A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [37480]
O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [232040]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]
O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [65640]
O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [65640]
O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [65640]
O58 - SDL:[MD5.9B5CC6C481BDD00A963829B892623247] - 29/11/2010 - 16:42:06 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20952]
O58 - SDL:[MD5.E74DC2F3F9675A6025A4AA020EDD4341] - 29/11/2010 - 16:42:18 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224]
O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [28776]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 10:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [88680]
O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [40040]
O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 20/11/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\pxhelp20.sys [43872]
O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [900712]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.2967E9C168CB5E0108A8A243AE179BAD] - 09/10/2007 - 09:49:58 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [1970712]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.DF1AF7F5F1EC7800B3AC398ACC06C754] - 24/01/2007 - 10:08:06 ---A- . (.Silicon Integrated Systems Corporation - SiS AGPv3.5 Filter.) -- C:\Windows\system32\drivers\SISAGPX.SYS [56184]
O58 - SDL:[MD5.A029482BE40DEF54DF02FCE751AA16DC] - 20/06/2007 - 04:12:18 ---A- . (.Silicon Integrated Systems Corp. - NDIS 6.0 Miniport Driver for SiS191/SiS190 Ethernet Device.) -- C:\Windows\system32\drivers\SiSGB6.sys [47616]
O58 - SDL:[MD5.6BA9C92029070D92774BAB7DBBF06763] - 16/10/2007 - 10:07:26 ---A- . (.Silicon Integrated Systems Corporation - SiS VGA Kernal Mode Vista Driver.) -- C:\Windows\system32\drivers\SISGRKMD.sys [454008]
O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [38504]
O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [71784]
O58 - SDL:[MD5.33B5AC23A36D38F55A73BE3CBB53D076] - 01/12/2005 - 09:44:24 ---A- . (.Unknown owner - USB2.0 PC Camera driver.) -- C:\Windows\system32\drivers\sncamd.sys [24704]
O58 - SDL:[MD5.419C9A8DCE47328F8683EEFE86F71308] - 20/02/2006 - 17:51:14 ---A- . (.Unknown owner - USB2.0 PC Camera driver.) -- C:\Windows\system32\drivers\snp2sxp.sys [10446720]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 17/06/2010 - 14:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.3F0164FBC0BD1ADBD02DF9759181451A] - 27/04/2010 - 03:25:16 ---A- . (.MCCI - SAMSUNG USB Mobile Device.) -- C:\Windows\system32\drivers\ss_bbus.sys [98432]
O58 - SDL:[MD5.2DD4E8844F8F094659DD695A80FED36E] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_bcm.sys [12416]
O58 - SDL:[MD5.2DD4E8844F8F094659DD695A80FED36E] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_bcmnt.sys [12416]
O58 - SDL:[MD5.B89D62206034E5FE573C80A24DD55675] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem Filter.) -- C:\Windows\system32\drivers\ss_bmdfl.sys [14848]
O58 - SDL:[MD5.1ED0FCEA586FE2A416EE15196E5631DD] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem.) -- C:\Windows\system32\drivers\ss_bmdm.sys [123648]
O58 - SDL:[MD5.994D2E5378CC337EC7DD73C1E04FCAA4] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Logging Device Driver.) -- C:\Windows\system32\drivers\ss_bserd.sys [100224]
O58 - SDL:[MD5.F9F4BC8A7EC80F39DE8323D0D1BC85FE] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\Windows\system32\drivers\ss_bwh.sys [12288]
O58 - SDL:[MD5.F9F4BC8A7EC80F39DE8323D0D1BC85FE] - 27/04/2010 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\Windows\system32\drivers\ss_bwhnt.sys [12288]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.760E4F5A1E754BBE4A1BD2A0B54F6AA6] - 01/03/2007 - 14:24:30 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [182456]
O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [235112]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.E5B7B1383A353CBA210B92B427E3132F] - 13/03/2009 - 20:40:40 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20152]
O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys [112232]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.CBE5F69A5E5B918225F420BA748F3742] - 24/06/2010 - 14:00:14 ---A- . (...) -- C:\Windows\system32\FsUsbExDisk.Sys [36608]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK
O64 - Services: CurCS - (.not file.) - aswMonFlt (aswMonFlt) .(...) - LEGACY_ASWMONFLT
O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR
O64 - Services: CurCS - (.not file.) - aswSnx (aswSnx) .(...) - LEGACY_ASWSNX
O64 - Services: CurCS - (.not file.) - aswSP (aswSP) .(...) - LEGACY_ASWSP
O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP
O64 - Services: CurCS - C:\Users\PC-DE-~1\AppData\Local\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME
O64 - Services: CurCS - C:\Windows\System32\drivers\dgderdrv.sys - dgderdrv (dgderdrv) .(.Devguru Co., Ltd - Device Error Recovery SDK(x86).) - LEGACY_DGDERDRV
O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(...) - LEGACY_EECTRL
O64 - Services: CurCS - (.not file.) - EraserUtilDrv10910 (EraserUtilDrv10910) .(...) - LEGACY_ERASERUTILDRV10910
O64 - Services: CurCS - (.not file.) - EraserUtilDrv10920 (EraserUtilDrv10920) .(...) - LEGACY_ERASERUTILDRV10920
O64 - Services: CurCS - (.not file.) - EraserUtilDrv11010 (EraserUtilDrv11010) .(...) - LEGACY_ERASERUTILDRV11010
O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(...) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\FsUsbExDisk.sys - FsUsbExDisk (FsUsbExDisk) .(...) - LEGACY_FSUSBEXDISK
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC
O64 - Services: CurCS - (.not file.) - Symantec Intrusion Prevention Driver (IDSvix86) .(...) - LEGACY_IDSVIX86
O64 - Services: CurCS - (.not file.) - Kaspersky Lab Driver (KLIF) .(...) - LEGACY_KLIF
O64 - Services: CurCS - (.not file.) - mbr (mbr) .(...) - LEGACY_MBR
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
O64 - Services: CurCS - (.not file.) - Symantec Data Store (SymDS) .(...) - LEGACY_SYMDS
O64 - Services: CurCS - (.not file.) - Symantec Extended File Attributes (SymEFA) .(...) - LEGACY_SYMEFA
O64 - Services: CurCS - (.not file.) - Symantec Iron Driver (SymIRON) .(...) - LEGACY_SYMIRON
O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(...) - LEGACY_SYMTDI
O64 - Services: CurCS - (.not file.) - Symantec Vista Network Dispatch Driver (SYMTDIv) .(...) - LEGACY_SYMTDIV

---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Editeur du Registre.) -- C:\Windows\regedit.exe

---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\PC-DE-BFZ\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {70D46D94-BF1E-45ED-B567-48701376298E} - (Google Desktop) - http://127.0.0.1:4664/search&s=SfMmGW3PpcMvQK68UR0KLPE7iR4?q={searchTerms}
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} [DefaultScope] - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8

---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.F3DA5AFBB8A80C3301E1A086FAFF4D9B] [SPRF] (.Unknown owner - No comment.) -- C:\Users\PC-DE-BFZ\AppData\Local\Temp\1L+qrrP0.exe.part [497597]

---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l'autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "{15E2849A-2173-464E-8BA3-F42DC13F91E5}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink MagicSports.) -- C:\Program Files\CyberLink\MagicSports\MagicSports.exe
O87 - FAEL: "{7BA99D53-6697-4755-9C83-91E1624F1494}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "TCP Query User{5E8EEA13-2D18-4390-82A2-C1609014FEFD}C:\program files\internet explorer\iexplore.exe" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe
O87 - FAEL: "UDP Query User{14AE9303-0EBA-485D-B703-62AEB8D55F35}C:\program files\internet explorer\iexplore.exe" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe
O87 - FAEL: "TCP Query User{48E4BF2D-1D9B-4360-B03F-E88ECFB4191A}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\french\setup.exe" | In - Public - P6 - TRUE | .(.Kaspersky Lab.) -- C:\programdata\kaspersky lab setup files\kaspersk
O87 - FAEL: "UDP Query User{31E665E1-48E1-42C2-8483-5E6D756F4309}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\french\setup.exe" | In - Public - P17 - TRUE | .(.Kaspersky Lab.) -- C:\programdata\kaspersky lab setup files\kaspers
O87 - FAEL: "{7B84C5B5-EC72-449C-8CC6-9F432F911DB8}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "{75DC4FE9-DD72-4C04-B907-4CDD0CB663B8}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Mesh Operating Environment.) -- C:\Program Files\Windows Live\Mesh\MOE.exe
O87 - FAEL: "{8712CC93-070C-4CFC-84D1-52C07C62B5F4}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O87 - FAEL: "{7893081C-164B-470A-A3B0-32AE6DFCD471}" | In - Public - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe
O87 - FAEL: "{C385A809-33B2-4B70-86F0-CA16561A3FC0}" | In - Public - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 06/12/2010 135336 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 06/12/2010 267944 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 18/02/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 05/02/2007 94208 | (ASLDRService) . (...) - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
SS - | Demand 28/02/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe
SR - | Auto 07/10/2010 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 30/07/2010 95568 | (dgdersvc) . (.Devguru Co., Ltd..) - C:\Windows\system32\dgdersvc.exe
SR - | Auto 24/06/2010 233472 | (FsUsbExService) . (.Teruten.) - C:\Windows\system32\FsUsbExService.exe
SS - | Demand 21/06/2010 30192 | Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Auto 16/05/2009 133104 | (gupdate1c9d64de00c6588) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SS - | Demand 07/03/2011 820520 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 07/03/2011 0 | (LiveUpdate Notice Service) . (...) - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
SR - | Auto 06/03/2007 266343 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
SR - | Demand 11/01/2007 887544 | (RoxMediaDB9) . (.Sonic Solutions.) - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
SR - | Auto 11/01/2007 166648 | (RoxWatch9) . (.Sonic Solutions.) - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
SS - | Demand 14/09/2006 73728 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

---\\ Search Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, http://www.gmer.net
Run by PC-DE-BFZ at 06/04/2011 17:05:59

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys
1 ntkrnlpa!IofCallDriver[0x8308C912] -> \Device\Harddisk0\DR0[0x86652AC8]
3 CLASSPNP[0x88DC28B3] -> ntkrnlpa!IofCallDriver[0x8308C912] -> [0x85D2C950]
5 acpi[0x836916BC] -> ntkrnlpa!IofCallDriver[0x8308C912] -> \Device\Ide\IdeDeviceP1T0L0-1[0x853A9030]
kernel: MBR read successfully
user & kernel MBR OK

---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by PC-DE-BFZ at 06/04/2011 17:06:02
Use the desktop link 'MBRCheck' to have full report
Dump file Name : C:\PhysicalDisk0_MBR.bin

End of the scan (1178 lines in 03mn 11s)(0)

Discussions similaires

Site Easywifi.config inaccessible /

Configuration répéteur Wifi

Impossible de se connecter a 192.168.1.1

192.168.49.1

Chromecast sur tv dans un hôtel ?

Votre réponse

Discussions similaires