Rapport de ZHPDiag v1.27.1862 par Nicolas Coolman, Update du 03/04/2011
Run by Thierry at 28/09/2011 20:34:54
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19120
---\\ System Information
Windows Vista Home Premium Edition, 64-bit Service Pack 2 (Build 6002)
Processor: Intel64 Family 6 Model 26 Stepping 4, GenuineIntel
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3062 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 118 GB (58%)
free of 200 GB
---\\ Logged in mode
Computer Name: PC-DE-BUREAU
User Name: Thierry
All Users Names: Utilisateur, Thierry, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=C:\Users\Thierry\AppData\Roaming
%LocalAppData%=C:\Users\Thierry\AppData\Local
%StartMenu%=C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start
Menu
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 118 Go of 200 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 242 Go of 565 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 135 Go of 146 Go)
F:\ CD-ROM drive (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Floppy drive,
Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
EnableLUA: OK
---\\ Recherche particulière de fichiers génériques
[MD5.6B08E54A451B3F95E4109DBA7E594270] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 23:10:18.) -- C:\Windows\Explorer.exe [3079168]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 03:48:04.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.8419DAE7205374F2CAA4C9CDBD0999E6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.23/07/2011 12:04:29.) -- C:\Windows\system32\wininet.dll [916480]
[MD5.898E7C06A350D4A1A64A9EA264D55452]
- (.Microsoft Corporation - Application d'ouverture de session Windows.)
(.10/04/2009 22:28:14.) -- C:\Windows\system32\Winlogon.exe [314368]
---\\ Processus lancés
[MD5.E273A48CB6D61990E7E7F040CD606F1D] - (.Packard Bell BV - Activboard Application.) -- C:\ACER\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe [79416]
[MD5.1BB16912FD7A9D5A39D033C15485470F] - (.Packard Bell BV - ActivOSD Application.) -- C:\ACER\Preload\Autorun\DRV\FUJI Keyboard\AOSD.exe [99896]
[MD5.B3A6C62AEB2ABD456328D1F62769DD47] - (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [358024]
[MD5.CB2B9EB1447D8A264E46948DF46C1212] - (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe [1038136]
[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856]
[MD5.A847B258D12B6D1BB124BD5DEBB05162] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247728]
[MD5.D3AE1A1CF8DE0E56FD0656825BA5AAD8] - (.Pas de propriétaire - Application MFC hyperappel.) -- C:\Program Files (x86)\Petit Larousse 2010\bin\Hyperappel.exe [237568]
[MD5.31E239AFB4C7E633FA57BBA91A32A301] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\PowerDVD 5.0\PDVDServ.exe [69216]
[MD5.1C2C16B154291D673DAFF8695F6471F1] - (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5081912]
[MD5.E2B4488830B9F047930BB5FE0E4FD71B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3722416]
[MD5.B9E350C3EEE748E332251274DEC33829] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe [115712]
[MD5.04D1DC458C723B291179F8449ACC281D] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [638232]
[MD5.745EE2C6FB0B43C9F00E017F5E5D7317] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [307376]
[MD5.DAF60E13E96ECB67F0EDAA89C6B01B8D] - (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\SysWOW64\NOTEPAD.EXE [151040]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\SysWOW64\conime.exe [69120]
[MD5.C2271BD91106CEEC631265842CAD09DC]
- (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe
[642048]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Thierry] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF64_10_3_162.dll (.not file.)
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_21 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
M2 - MFEP: prefs.js [Thierry - kvqejc3j.default\engine@conduit.com] [] Conduit Engine v3.3.3.2 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Thierry
- kvqejc3j.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [] Vuze Remote
Community Toolbar v3.3.3.2 (.Conduit Ltd..)
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com
R0 - HKUS\S-1-5-21-2040713455-2030708646-1934615058-1001-2040713455-2030708646-1934615058-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-2040713455-2030708646-1934615058-1001-2040713455-2030708646-1934615058-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook:
(no name) [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} Clé orpheline
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,AutoConfigProxy = wininet.dll
---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32
shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll
O2 - BHO: Java(tm) Plug-In 2
SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun
Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
O3 - Toolbar: Google Toolbar
[64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. -
Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RAVCpl64.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe
O4 - HKLM\..\Run: [NvCplDaemon] C:\Windows\system32\NvCpl.dll (.not file.)
O4 - HKLM\..\Run: [FujiKeyboard] . (.Packard Bell BV - Activboard Application.) -- c:\Acer\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
O4 - HKLM\..\Run: [Service Scheduler2 Acronis] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
O4 - HKCU\..\Run: [SmpcSys] . (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [rcwinHyper] . (.Pas de propriétaire - Application MFC TrayApp.) -- C:\Program Files (x86)\Le Robert & Collins\rcwinHyper.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKLM\..\Wow6432Node\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Wow6432Node\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RAVCpl64.exe
O4 - HKLM\..\Wow6432Node\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe
O4 - HKLM\..\Wow6432Node\Run: [NvCplDaemon] C:\Windows\system32\NvCpl.dll (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [FujiKeyboard] . (.Packard Bell BV - Activboard Application.) -- c:\Acer\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe
O4 - HKLM\..\Wow6432Node\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe
O4 - HKLM\..\Wow6432Node\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O4 - HKLM\..\Wow6432Node\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
O4 - HKLM\..\Wow6432Node\Run: [Service Scheduler2 Acronis] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-2040713455-2030708646-1934615058-1001-2040713455-2030708646-1934615058-1000\..\Run: [SmpcSys] . (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
O4 - HKUS\S-1-5-21-2040713455-2030708646-1934615058-1001-2040713455-2030708646-1934615058-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-2040713455-2030708646-1934615058-1001-2040713455-2030708646-1934615058-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hyperappel du Petit Larousse 2010.lnk . (...) -- C:\Program Files (x86)\Petit Larousse 2010\bin\Hyperappel.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\Startup\PHOTOfunSTUDIO -viewer-.lnk . (.Matsushita Electric
Industrial Co., Ltd..) -- C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO
-viewer-\PhAutoRun.exe
---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Thierry\Desktop\Free PDF to Word Converterr.lnk . (.Free-PDF-to-Word.com.) -- C:\Program Files (x86)\Free PDF to Word Converter\PDF2Word.exe
O4 - Global Startup: C:\Users\Thierry\Desktop\Images.lnk . (...) -- D:\Users\Utilisateur\Pictures
O4 - Global Startup: C:\Users\Thierry\Desktop\Internet Explorer (32 bits).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Thierry\Desktop\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Thierry\Desktop\IZArc.lnk . (...) -- C:\Program Files (x86)\IZArc\IZArc.exe
O4 - Global Startup: C:\Users\Thierry\Desktop\Le Robert & Collins.lnk . (...) -- C:\Program Files (x86)\Le Robert & Collins\rcwin.exe
O4 - Global Startup: C:\Users\Thierry\Desktop\Mes documents Sylvie.lnk . (...) -- D:\Users\Utilisateur\Documents\Mes documents Sylvie
O4 - Global Startup: C:\Users\Thierry\Desktop\Mes documents Thierry.lnk . (...) -- D:\Users\Utilisateur\Documents\Mes documents Thierry
O4 - Global Startup: C:\Users\Thierry\Desktop\Paint.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\mspaint.exe
O4 - Global Startup: C:\Users\Thierry\Desktop\Phonetik.lnk . (...) -- C:\Program Files (x86)\Phonetik\phonetik.exe
O4 - Global Startup: C:\Users\Thierry\Desktop\SpeedCrunch.lnk . (...) -- C:\Program Files (x86)\SpeedCrunch 0.10\speedcrunch.exe
O4 - Global Startup: C:\Users\Thierry\Desktop\TomTom HOME 2.lnk . (.TomTom International B.V..) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOME.exe
O4 - Global Startup: C:\Users\Thierry\Desktop\Vidéos.lnk . (...) -- D:\Users\Utilisateur\Videos
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk . (.COMODO.) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ConvertXtoDVD 4.lnk . (.VSO Software SARL.) -- C:\Program Files (x86)\VSO\ConvertX.4.0.3.313\ConvertXtoDvd.exe
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVDFab 8 Qt.lnk . (.Fengtao Software Inc..) -- C:\Program Files (x86)\DVDFab 8.0.9.2\DVDFab.exe
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free PDF to Word Converter.lnk . (.Free-PDF-to-Word.com.) -- C:\Program Files (x86)\Free PDF to Word Converter\PDF2Word.exe
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk . (.LIGHTNING UK!.) -- C:\Program Files (x86)\ImgBurn_2.4.4.0\ImgBurn.exe
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk . (.Malwarebytes Corporation.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware 1.50.1\mbam.exe
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MediaCoder x64.lnk . (.Stanley Huang.) -- C:\Program Files\MediaCoder 2011 64b\mediacoder.exe
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PDFCreator.lnk . (...) -- C:\Program Files (x86)\PDFCreator\PDFCreator.exe (.not file.)
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Pinnacle Studio 12.lnk . (.Pinnacle Systems.) -- C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk . (...) -- C:\Windows\Installer\{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}\QTPlayer.ico
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VSO DivxToDVD.lnk . (.VSO Software.) -- C:\Program Files (x86)\DivxToDVD 0.5.2\DivxToDVD.exe
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk . (.Vuze Inc..) -- C:\Program Files (x86)\Vuze\Azureus.exe
O4 - Global Startup: C:\Users\Thierry\AppData\Roaming\Microsoft\Internet
Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.)
-- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~1\Office12\EXCEL.exe
O8 - Extra context menu item:
Google Sidewiki... - (.not file.) - C:\Program Files (x86)\Google\Google
Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock
LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{709F3BFF-91DD-49DE-86D8-86C4328CEFA7}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF0065DA-BAA2-4F7A-872F-7B5E920D4092}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{709F3BFF-91DD-49DE-86D8-86C4328CEFA7}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{CF0065DA-BAA2-4F7A-872F-7B5E920D4092}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{709F3BFF-91DD-49DE-86D8-86C4328CEFA7}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{CF0065DA-BAA2-4F7A-872F-7B5E920D4092}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS3\Services\Tcpip\..\{709F3BFF-91DD-49DE-86D8-86C4328CEFA7}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS3\Services\Tcpip\..\{CF0065DA-BAA2-4F7A-872F-7B5E920D4092}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{709F3BFF-91DD-49DE-86D8-86C4328CEFA7}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{709F3BFF-91DD-49DE-86D8-86C4328CEFA7}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{709F3BFF-91DD-49DE-86D8-86C4328CEFA7}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS3\Services\Tcpip\..\{709F3BFF-91DD-49DE-86D8-86C4328CEFA7}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{709F3BFF-91DD-49DE-86D8-86C4328CEFA7}: DhcpDomain = tele2
O17 - HKLM\System\CS1\Services\Tcpip\..\{709F3BFF-91DD-49DE-86D8-86C4328CEFA7}: DhcpDomain = tele2
O17 - HKLM\System\CS2\Services\Tcpip\..\{709F3BFF-91DD-49DE-86D8-86C4328CEFA7}: DhcpDomain = tele2
O17 - HKLM\System\CS3\Services\Tcpip\..\{709F3BFF-91DD-49DE-86D8-86C4328CEFA7}: DhcpDomain = tele2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters:
DhcpNameServer = 192.168.1.254
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs:
. (.Pas de propriétaire - Pas de description.) -
C:\Windows\system32\guard64.dll (.not file.)
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
. (.Microsoft Corporation - Contr?leur de site Web.) -- C:\Windows\System32\webcheck.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no
name) [64Bits] - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft
Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (ACDaemon) . (.ArcSoft Inc. - ArcSoft Connect Service.) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: (afcdpsrv) . (.Acronis - File Level CDP Manager Service.) - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: (Capture Device Service) . (.InterVideo Inc. - Capture Device Service.) - C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: (CLPSLS) . (.COMODO - COMODO livePCsupport Service.) - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
O23 - Service: (cmdAgent) . (.COMODO - COMODO Internet Security.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
O23 - Service: (FLEXnet Licensing Service) . (.Macrovision Europe Ltd. - Activation Licensing Service.) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: (GenericHidService) . (.Packard Bell Services - HID Service Vista compliant.) - C:\Windows\System32\HidService.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: (gupdatem) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 180.4.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: (ReflectService) . (.Pas de propriétaire - Reflect Service - Enables mounting of image.) - C:\Program Files\Macrium\Reflect\ReflectService.exe
O23 - Service: (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: (TomTomHOMEService)
. (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom
HOME 2\TomTomHOMEService.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default
MHTML Editor: Last - .(...) - (.not file.)
---\\ Taches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\NeroLiveEpgUpdate-PC-de-bureau_Utilisateur.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{DBF894F5-CC11-4393-8209-31A05F3BC043}.job
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.15DA71C12A4E8824839FF1C64EB6B7BA] [APT] [NeroLiveEpgUpdate-PC-de-bureau_Utilisateur] (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero 9\Nero Live\NeroLive.exe
[MD5.D244D86CBEE4DE76EC4D151D9836E808]
[APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple
Software Update\SoftwareUpdate.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (cmdGuard) . (.COMODO - COMODO Internet Security Sandbox Driver.) - C:\Windows\System32\DRIVERS\cmdguard.sys
O41 - Driver: (cmdHlp) . (.COMODO - COMODO Internet Security Helper Driver.) - C:\Windows\System32\DRIVERS\cmdhlp.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (inspect) . (.COMODO - COMODO Internet Security Firewall Driver.) - C:\Windows\System32\DRIVERS\inspect.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6)
. (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.)
- C:\Windows\System32\DRIVERS\wanarp.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 Plugin 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin 64
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: COMODO Internet Security - (.COMODO Group Inc..) [HKLM] -- {FD8E178D-8B4E-42DA-B434-EFF270329B1C}
O42 - Logiciel: Canon MP630 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP630_series
O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler
O42 - Logiciel: Java(TM) 6 Update 21 (64-bit) - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F86416021FF}
O42 - Logiciel: Le Robert & Collins - (.Pas de propriétaire.) [HKCU] -- Le Robert & Collins
O42 - Logiciel: Macrium Reflect - Free Edition - (.Macrium.) [HKLM] -- {FD66A549-5110-48C8-ACE6-3F52AB3BF100}
O42 - Logiciel: MediaCoder x64 2011 - (.Broad Intelligence.) [HKLM] -- MediaCoder x64
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
O42 - Logiciel: Microsoft Office Home and Student - (.Pas de propriétaire.) [HKLM] -- Office2007
O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f}
O42 - Logiciel: Microsoft Works 9.0 - (.Pas de propriétaire.) [HKLM] -- Works9
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Phonetik - (.Pas de propriétaire.) [HKCU] -- Phonetik
O42 - Logiciel: Pilote vidéo Pinnacle - (.Pinnacle Systems.) [HKLM] -- {5EB90C06-964F-4195-B83E-BD7E55C88415}
O42 - Logiciel: doPDF 6.2 printer - (.Softland.) [HKLM] -- doPDF 6 printer_is1
O42 - Logiciel: scilab-5.2.1
(64-bit) - (.DIGITEO.) [HKLM] -- scilab-5.2.1 (64-bit)_is1
---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ALWIL Software]
[HKCU\Software\AVAST Software]
[HKCU\Software\AcerUtil]
[HKCU\Software\Acronis]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Vuze_Remote]
[HKCU\Software\AppDataLow\Software\conduitEngine]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\Audacity]
[HKCU\Software\Azureus]
[HKCU\Software\Bsd Concept]
[HKCU\Software\Bureau van Dijk]
[HKCU\Software\CDDB]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ComodoGroup]
[HKCU\Software\Conduit]
[HKCU\Software\Cyberlink]
[HKCU\Software\DVD Shrink]
[HKCU\Software\DVDFab]
[HKCU\Software\DanniDin]
[HKCU\Software\DivXNetworks]
[HKCU\Software\Dnote Software]
[HKCU\Software\Foxit Software Company]
[HKCU\Software\GSpot Appliance Corp]
[HKCU\Software\Google]
[HKCU\Software\IZSoftware]
[HKCU\Software\ImgBurn]
[HKCU\Software\InterVideo]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macrium]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaNavigation]
[HKCU\Software\Micro Application]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Novell]
[HKCU\Software\ODBC]
[HKCU\Software\Packard Bell]
[HKCU\Software\Panasonic]
[HKCU\Software\Pinnacle Systems]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Red Giant Software]
[HKCU\Software\Scilab]
[HKCU\Software\Sephonics]
[HKCU\Software\Softland]
[HKCU\Software\Softwrap]
[HKCU\Software\SpeedCrunch]
[HKCU\Software\TomTom]
[HKCU\Software\Ulead Systems]
[HKCU\Software\Ulead]
[HKCU\Software\VOB]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\Vso]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ej-technologies]
[HKCU\Software\ƒAƒvƒ?ƒP [ƒVƒ‡ƒ" ƒEƒBƒU [ƒh‚? ? ?‚3‚ê‚?ƒ [ƒJƒ‹ ƒAƒvƒŠƒP [ƒVƒ‡ƒ"]
[HKLM\Software\<company>]
[HKLM\Software\Acer]
[HKLM\Software\Acronis]
[HKLM\Software\Audible]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\ComodoGroup]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Macrium]
[HKLM\Software\Macromedia]
[HKLM\Software\MediaCoder]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\OemSetup]
[HKLM\Software\PACKARD BELL]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Scilab]
[HKLM\Software\Softland]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/04/2011 - 20:16:56 - [180836865] ----D- C:\Program Files\Alwil Software
O43 - CFD: 26/04/2011 - 21:23:00 - [2819059] ----D- C:\Program Files\Canon
O43 - CFD: 26/04/2011 - 21:19:58 - [28666917] --H-D- C:\Program Files\CanonBJ
O43 - CFD: 28/04/2011 - 19:40:48 - [7278424] ----D- C:\Program Files\CCleaner
O43 - CFD: 26/04/2011 - 21:23:08 - [215342513] ----D- C:\Program Files\Common Files
O43 - CFD: 28/04/2011 - 20:12:00 - [162849211] ----D- C:\Program Files\COMODO
O43 - CFD: 13/05/2011 - 15:41:36 - [9054360] ----D- C:\Program Files\Defraggler
O43 - CFD: 10/04/2011 - 19:20:00 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 11/04/2011 - 20:08:54 - [1315920] ----D- C:\Program Files\Google
O43 - CFD: 23/08/2011 - 22:04:34 - [5588151] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 19/06/2011 - 17:55:24 - [80355102] ----D- C:\Program Files\Java
O43 - CFD: 20/04/2011 - 20:42:30 - [28767662] ----D- C:\Program Files\Macrium
O43 - CFD: 18/05/2011 - 19:04:22 - [96145065] ----D- C:\Program Files\MediaCoder 2011 64b
O43 - CFD: 02/11/2006 - 17:07:28 - [94671287] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 02/12/2008 - 09:35:00 - [1140374] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14/04/2011 - 20:54:20 - [116334702] ----D- C:\Program Files\Movie Maker
O43 - CFD: 02/11/2006 - 17:07:28 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 10/04/2011 - 19:28:26 - [1331495822] ----D- C:\Program Files\PACKARD BELL
O43 - CFD: 02/11/2006 - 17:07:28 - [36351145] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 08/05/2011 - 08:58:32 - [454489860] ----D- C:\Program Files\scilab-5.2.1
O43 - CFD: 19/04/2011 - 22:00:36 - [1426162] ----D- C:\Program Files\Softland
O43 - CFD: 02/11/2006 - 17:44:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 21/01/2008 - 05:09:42 - [1302528] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 14/04/2011 - 20:54:16 - [2963968] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 14/04/2011 - 20:54:08 - [6394224] ----D- C:\Program Files\Windows Defender
O43 - CFD: 14/04/2011 - 20:54:18 - [9655416] ----D- C:\Program Files\Windows Journal
O43 - CFD: 16/09/2011 - 09:23:44 - [9619128] ----D- C:\Program Files\Windows Mail
O43 - CFD: 14/04/2011 - 20:54:18 - [5140215] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 10/04/2011 - 19:20:00 - [8057896] ----D- C:\Program Files\Windows NT
O43 - CFD: 14/04/2011 - 20:54:14 - [16439458] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 15/04/2011 - 17:38:54 - [167424] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 14/04/2011 - 20:54:18 - [8119695] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 26/04/2011 - 21:23:08 - [560] ----D- C:\Program Files\Common Files\CANON
O43 - CFD: 02/12/2008 - 09:35:56 - [205126369] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 02/11/2006 - 15:33:54 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 15:33:54 - [608256] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 21/01/2008 - 05:09:30 - [9604626] ----D- C:\Program Files\Common Files\System
O43 - CFD: 14/04/2011 - 21:28:58 - [102204] ----D- C:\ProgramData\Acronis
O43 - CFD: 17/09/2011 - 17:32:50 - [399346596] ----D- C:\ProgramData\Adobe
O43 - CFD: 10/04/2011 - 20:16:56 - [3469872] ----D- C:\ProgramData\Alwil Software
O43 - CFD: 01/05/2011 - 15:35:50 - [2066944] ----D- C:\ProgramData\Apple
O43 - CFD: 01/05/2011 - 15:36:16 - [25542144] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 10/04/2011 - 19:20:00 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 04/05/2011 - 21:53:44 - [1690591] ----D- C:\ProgramData\ArcSoft
O43 - CFD: 31/08/2011 - 18:52:12 - [109] ----D- C:\ProgramData\BSD
O43 - CFD: 12/06/2011 - 16:40:20 - [7998673] ----D- C:\ProgramData\BSD Concept
O43 - CFD: 10/04/2011 - 19:20:00 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 26/04/2011 - 21:20:34 - [19640721] --H-D- C:\ProgramData\CanonBJ
O43 - CFD: 13/06/2011 - 11:11:10 - [124] --H-D- C:\ProgramData\CanonIJEGV
O43 - CFD: 26/04/2011 - 21:38:46 - [2180] --H-D- C:\ProgramData\CanonIJScan
O43 - CFD: 27/09/2011 - 20:51:00 - [42049533] ----D- C:\ProgramData\Comodo
O43 - CFD: 30/04/2011 - 11:12:40 - [19316] ----D- C:\ProgramData\CyberLink
O43 - CFD: 10/04/2011 - 19:20:00 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 29/06/2011 - 21:11:46 - [114519] ----D- C:\ProgramData\DVD Shrink
O43 - CFD: 10/04/2011 - 19:20:00 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 04/06/2011 - 11:55:18 - [670] ----D- C:\ProgramData\FLEXnet
O43 - CFD: 11/04/2011 - 20:06:44 - [539731] ----D- C:\ProgramData\Google
O43 - CFD: 17/07/2011 - 14:00:04 - [871027] ----D- C:\ProgramData\InterVideo
O43 - CFD: 20/04/2011 - 20:45:50 - [17875] ----D- C:\ProgramData\Macrium
O43 - CFD: 28/04/2011 - 19:03:52 - [17120357] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 10/04/2011 - 19:20:00 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 12/06/2011 - 16:42:04 - [219334273] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 02/12/2008 - 09:40:32 - [57676] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 10/04/2011 - 19:20:00 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 30/04/2011 - 12:53:50 - [9939907] ----D- C:\ProgramData\Nero
O43 - CFD: 28/04/2011 - 18:00:48 - [276] ----D- C:\ProgramData\Norton
O43 - CFD: 28/04/2011 - 17:58:54 - [1835054] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 10/04/2011 - 19:25:06 - [202795] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 30/04/2011 - 11:25:22 - [622573] ----D- C:\ProgramData\Pinnacle
O43 - CFD: 30/04/2011 - 11:25:22 - [0] ----D- C:\ProgramData\Pinnacle Studio Plus
O43 - CFD: 30/04/2011 - 11:28:02 - [35784] ----D- C:\ProgramData\Pinnacle Studio Ultimate
O43 - CFD: 30/04/2011 - 11:25:22 - [884179343] ----D- C:\ProgramData\Studio 12
O43 - CFD: 08/05/2011 - 09:18:48 - [26178] ----D- C:\ProgramData\TomTom
O43 - CFD: 17/07/2011 - 13:59:18 - [100098] ----D- C:\ProgramData\Ulead Systems
O43 - CFD: 26/05/2011 - 19:23:38 - [47] ----D- C:\ProgramData\vsosdk
O43 - CFD: 25/06/2011 - 11:32:26 - [0] ----D- C:\Users\Thierry\AppData\Roaming\Acronis
O43 - CFD: 04/06/2011 - 11:55:40 - [3635592] ----D- C:\Users\Thierry\AppData\Roaming\Adobe
O43 - CFD: 03/05/2011 - 21:47:30 - [524] ----D- C:\Users\Thierry\AppData\Roaming\ArcSoft
O43 - CFD: 20/06/2011 - 21:46:24 - [1206207] ----D- C:\Users\Thierry\AppData\Roaming\Azureus
O43 - CFD: 18/05/2011 - 19:03:56 - [22054] ----D- C:\Users\Thierry\AppData\Roaming\Broad Intelligence
O43 - CFD: 12/06/2011 - 18:43:14 - [7193314] ----D- C:\Users\Thierry\AppData\Roaming\BSD Concept
O43 - CFD: 26/04/2011 - 21:38:46 - [7008] ----D- C:\Users\Thierry\AppData\Roaming\Canon
O43 - CFD: 30/04/2011 - 11:14:02 - [51200] ----D- C:\Users\Thierry\AppData\Roaming\CyberLink
O43 - CFD: 19/06/2011 - 16:00:12 - [6407] ----D- C:\Users\Thierry\AppData\Roaming\dvdcss
O43 - CFD: 11/04/2011 - 20:07:24 - [0] ----D- C:\Users\Thierry\AppData\Roaming\Google
O43 - CFD: 10/04/2011 - 19:24:24 - [0] ----D- C:\Users\Thierry\AppData\Roaming\Identities
O43 - CFD: 14/04/2011 - 22:03:58 - [23158898] ----D- C:\Users\Thierry\AppData\Roaming\ImgBurn
O43 - CFD: 10/04/2011 - 19:26:44 - [0] ----D- C:\Users\Thierry\AppData\Roaming\InstallShield
O43 - CFD: 11/04/2011 - 20:08:52 - [1087] ----D- C:\Users\Thierry\AppData\Roaming\Macromedia
O43 - CFD: 28/04/2011 - 19:05:14 - [88521] ----D- C:\Users\Thierry\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 17:07:26 - [0] ----D- C:\Users\Thierry\AppData\Roaming\Media Center Programs
O43 - CFD: 30/04/2011 - 13:03:28 - [3854675] -S--D- C:\Users\Thierry\AppData\Roaming\Microsoft
O43 - CFD: 23/04/2011 - 21:00:14 - [0] ----D- C:\Users\Thierry\AppData\Roaming\Microsoft Web Folders
O43 - CFD: 11/04/2011 - 20:53:30 - [27221543] ----D- C:\Users\Thierry\AppData\Roaming\Mozilla
O43 - CFD: 30/04/2011 - 13:02:42 - [687106] ----D- C:\Users\Thierry\AppData\Roaming\Nero
O43 - CFD: 29/04/2011 - 08:37:28 - [8678715] ----D- C:\Users\Thierry\AppData\Roaming\OpenCandy
O43 - CFD: 01/05/2011 - 15:32:24 - [274432] ----D- C:\Users\Thierry\AppData\Roaming\Panasonic
O43 - CFD: 30/04/2011 - 11:31:50 - [67721] ----D- C:\Users\Thierry\AppData\Roaming\proDAD
O43 - CFD: 08/05/2011 - 08:58:24 - [11451] ----D- C:\Users\Thierry\AppData\Roaming\Scilab
O43 - CFD: 19/04/2011 - 21:02:38 - [13824] ----D- C:\Users\Thierry\AppData\Roaming\Template
O43 - CFD: 08/05/2011 - 09:18:34 - [6666029] ----D- C:\Users\Thierry\AppData\Roaming\TomTom
O43 - CFD: 17/07/2011 - 14:04:00 - [5402575] ----D- C:\Users\Thierry\AppData\Roaming\Ulead Systems
O43 - CFD: 22/06/2011 - 21:29:34 - [483438] ----D- C:\Users\Thierry\AppData\Roaming\vlc
O43 - CFD: 04/09/2011 - 20:15:46 - [386442] ----D- C:\Users\Thierry\AppData\Roaming\Vso
O43 - CFD: 28/09/2011 - 20:35:00 - [3679210] ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 29/04/2011 - 08:32:28 - [3094515] ----D- C:\Program Files (x86)\7-Zip
O43 - CFD: 14/04/2011 - 21:26:32 - [82618361] ----D- C:\Program Files (x86)\Acronis
O43 - CFD: 16/09/2011 - 18:36:10 - [601526812] ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 20/04/2011 - 20:13:06 - [1139795] ----D- C:\Program Files (x86)\AnyReader 3.6
O43 - CFD: 01/05/2011 - 15:35:50 - [2201342] ----D- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 01/05/2011 - 15:33:02 - [145929915] ----D- C:\Program Files (x86)\ArcSoft
O43 - CFD: 16/07/2011 - 18:08:08 - [8692269] ----D- C:\Program Files (x86)\Audacity 1.2.6
O43 - CFD: 16/07/2011 - 16:14:50 - [0] ----D- C:\Program Files (x86)\Besweetv1.5b31
O43 - CFD: 30/04/2011 - 11:31:32 - [309963574] ----D- C:\Program Files (x86)\Boris FX, Inc
O43 - CFD: 12/06/2011 - 16:40:16 - [59215021] ----D- C:\Program Files (x86)\BSD Concept
O43 - CFD: 26/04/2011 - 21:23:00 - [318719105] ----D- C:\Program Files (x86)\Canon
O43 - CFD: 17/07/2011 - 14:00:08 - [939765159] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 19/06/2011 - 18:52:02 - [634976] ----D- C:\Program Files (x86)\Conduit
O43 - CFD: 19/06/2011 - 18:51:44 - [4468064] ----D- C:\Program Files (x86)\ConduitEngine
O43 - CFD: 30/04/2011 - 10:32:02 - [2922728] ----D- C:\Program Files (x86)\CyberLink
O43 - CFD: 28/04/2011 - 20:34:52 - [0] ----D- C:\Program Files (x86)\directx
O43 - CFD: 04/09/2011 - 18:51:24 - [8224094] ----D- C:\Program Files (x86)\DivxToDVD 0.5.2
O43 - CFD: 19/04/2011 - 20:08:06 - [971286] ----D- C:\Program Files (x86)\DVD Shrink 3.2
O43 - CFD: 19/05/2011 - 20:00:58 - [50649805] ----D- C:\Program Files (x86)\DVDFab 8.0.9.2
O43 - CFD: 10/04/2011 - 19:23:58 - [85610898] ----D- C:\Program Files (x86)\EasyBits For Kids
O43 - CFD: 29/04/2011 - 11:58:14 - [3727890] ----D- C:\Program Files (x86)\Foxit PDF Editor 2.0
O43 - CFD: 09/09/2011 - 18:38:02 - [1482505] ----D- C:\Program Files (x86)\Free PDF to Word Converter
O43 - CFD: 11/04/2011 - 20:43:30 - [24066758] ----D- C:\Program Files (x86)\Google
O43 - CFD: 12/06/2011 - 16:40:40 - [70481729] ----D- C:\Program Files (x86)\Heredis 11
O43 - CFD: 14/04/2011 - 21:36:48 - [2100361] ----D- C:\Program Files (x86)\ImgBurn_2.4.4.0
O43 - CFD: 17/07/2011 - 13:59:56 - [66767418] --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 02/12/2008 - 09:19:08 - [64806] ----D- C:\Program Files (x86)\Intel
O43 - CFD: 23/08/2011 - 22:04:34 - [5579035] ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 29/04/2011 - 08:36:48 - [11076004] ----D- C:\Program Files (x86)\IZArc
O43 - CFD: 23/04/2011 - 18:57:56 - [47105466] ----D- C:\Program Files (x86)\Kit CD-DVD Edition Classic
O43 - CFD: 28/04/2011 - 20:34:52 - [3168820] ----D- C:\Program Files (x86)\Larousse
O43 - CFD: 28/04/2011 - 20:30:34 - [591491783] ----D- C:\Program Files (x86)\Le Robert & Collins
O43 - CFD: 30/04/2011 - 11:31:48 - [9563460] ----D- C:\Program Files (x86)\LooksBuilderSE
O43 - CFD: 16/09/2011 - 17:17:38 - [7049504] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware 1.50.1
O43 - CFD: 23/04/2011 - 21:00:14 - [413881946] ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 02/12/2008 - 09:38:32 - [7791803] ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 02/12/2008 - 09:38:14 - [144949414] ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 13/04/2011 - 22:34:52 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 29/04/2011 - 11:52:46 - [32675209] ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 02/11/2006 - 17:07:28 - [25757] ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 11/04/2011 - 22:15:52 - [0] ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 30/04/2011 - 12:56:46 - [1115065960] ----D- C:\Program Files (x86)\Nero
O43 - CFD: 01/05/2011 - 15:42:18 - [57650334] ----D- C:\Program Files (x86)\Panasonic
O43 - CFD: 28/04/2011 - 20:37:20 - [529120771] ----D- C:\Program Files (x86)\Petit Larousse 2010
O43 - CFD: 27/09/2011 - 18:29:08 - [118864] ----D- C:\Program Files (x86)\Phonetik
O43 - CFD: 30/04/2011 - 11:30:24 - [1301418927] ----D- C:\Program Files (x86)\Pinnacle
O43 - CFD: 01/08/2011 - 18:28:44 - [4965641] ----D- C:\Program Files (x86)\PoiEdit2007
O43 - CFD: 30/04/2011 - 11:12:02 - [139603341] ----D- C:\Program Files (x86)\PowerDVD 5.0
O43 - CFD: 30/04/2011 - 11:31:48 - [122650450] ----D- C:\Program Files (x86)\proDAD
O43 - CFD: 01/05/2011 - 15:37:12 - [76692505] ----D- C:\Program Files (x86)\QuickTime
O43 - CFD: 10/04/2011 - 19:26:52 - [2234364] ----D- C:\Program Files (x86)\Realtek
O43 - CFD: 02/11/2006 - 17:07:28 - [38690561] ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 27/09/2011 - 20:42:58 - [8642860] ----D- C:\Program Files (x86)\sephonics
O43 - CFD: 27/04/2011 - 18:27:32 - [18006057] ----D- C:\Program Files (x86)\SpeedCrunch 0.10
O43 - CFD: 08/05/2011 - 09:18:22 - [50622777] ----D- C:\Program Files (x86)\TomTom HOME 2
O43 - CFD: 08/05/2011 - 09:18:30 - [22486] ----D- C:\Program Files (x86)\TomTom International B.V
O43 - CFD: 31/07/2011 - 16:26:38 - [1946215] ----D- C:\Program Files (x86)\Tomtomax Maxi-Box
O43 - CFD: 17/07/2011 - 13:53:50 - [260409744] ----D- C:\Program Files (x86)\Ulead DVD MovieFactory 6
O43 - CFD: 17/07/2011 - 13:57:22 - [247917494] ----D- C:\Program Files (x86)\Ulead Systems
O43 - CFD: 02/11/2006 - 17:36:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 14/04/2011 - 22:06:32 - [78824094] ----D- C:\Program Files (x86)\VideoLAN
O43 - CFD: 22/05/2011 - 16:06:58 - [62046390] ----D- C:\Program Files (x86)\VSO
O43 - CFD: 19/06/2011 - 18:52:08 - [111297136] ----D- C:\Program Files (x86)\Vuze
O43 - CFD: 19/06/2011 - 18:51:32 - [4549434] ----D- C:\Program Files (x86)\Vuze_Remote
O43 - CFD: 14/04/2011 - 20:54:08 - [1016832] ----D- C:\Program Files (x86)\Windows Calendar
O43 - CFD: 21/01/2008 - 05:09:48 - [53248] ----D- C:\Program Files (x86)\Windows Collaboration
O43 - CFD: 21/01/2008 - 05:09:42 - [504128] ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 16/09/2011 - 09:23:44 - [8935608] ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 14/04/2011 - 20:54:08 - [3013093] ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 02/11/2006 - 17:07:28 - [7957544] ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 14/04/2011 - 20:54:06 - [13528738] ----D- C:\Program Files (x86)\Windows Photo Gallery
O43 - CFD: 15/04/2011 - 17:38:54 - [134144] ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 14/04/2011 - 20:54:08 - [26609456] ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 26/04/2011 - 21:23:08 - [560] ----D- C:\Program Files\Common Files\CANON
O43 - CFD: 02/12/2008 - 09:35:56 - [205126369] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 02/11/2006 - 15:33:54 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 15:33:54 - [608256] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 21/01/2008 - 05:09:30
- [9604626] ----D- C:\Program Files\Common Files\System
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.A0EE17004762E97600DCFD7E74EF1700] - 28/09/2011 - 18:31:54 ---A- . (...) -- C:\Windows\WindowsUpdate.log [7267]
O44 - LFC:[MD5.D5CAC442A91D6091CDF019F102DDA18B] - 28/09/2011 - 18:31:38 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.F38BD250ADFF3F35119BABBD1B01F31B] - 28/09/2011 - 17:43:19 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1495948]
O44 - LFC:[MD5.5C1E755938AC422DF7F7A325B5DB1083] - 28/09/2011 - 17:43:19 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [103872]
O44 - LFC:[MD5.14F0FD1225AB6B1DC45CB1406A4B0813] - 28/09/2011 - 17:43:19 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [126420]
O44 - LFC:[MD5.C26828F45F32123811152E76D94A57EE] - 28/09/2011 - 17:43:19 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [595798]
O44 - LFC:[MD5.A48836E3263D696D0812E90E378C96C0] - 28/09/2011 - 17:43:19 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [678804]
O44 - LFC:[MD5.A0EE17004762E97600DCFD7E74EF1700] - 28/09/2011 - 17:31:49 ---A- . (...) -- C:\Windows\SysNative\LogConfigTemp.xml [0]
O44 - LFC:[MD5.66A2E4047DB56E5CD0D56FD6109BC8BD] - 28/09/2011 - 09:55:48 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [423944]
O44 - LFC:[MD5.90C2DE5A95CC7E50A88503817E2CBD69] - 27/09/2011 - 19:28:22 ---A- . (...) -- C:\Windows\SysNative\spsys.log [10024]
O44 - LFC:[MD5.788382A56AE36CBF53598B5A46435E75] - 24/09/2011 - 13:49:17 ---A- . (...) -- C:\Windows\rcwin.ini [115]
O44 - LFC:[MD5.5B06DAA14AFB345215EC80A9C562DC6D] - 17/09/2011 - 15:58:03 ---A- . (.COMODO - COMODO Internet Security.) -- C:\Windows\SysNative\guard64.dll [363560]
O44 - LFC:[MD5.701A5948B60452EF6CF06C2900C3B9EA] - 06/09/2011 - 21:45:29 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [41184]
O44 - LFC:[MD5.8C4B783D0367A8FEDB321E0A5DE1DB58] - 06/09/2011 - 21:45:29 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [199304]
O44 - LFC:[MD5.8C4B783D0367A8FEDB321E0A5DE1DB58]
- 06/09/2011 - 21:45:17 ---A- . (.AVAST Software - avast! start-up scanner.)
-- C:\Windows\SysNative\aswBoot.exe [254400]
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{4df56726-6722-11e0-864c-0024211050cd}\AutoRun\command.
(.Pas de propriétaire - Pas de description.) -- G:\LaunchU3.exe (.not
file.)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer
IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen
- MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control]
- (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On
Security Package.) -- C:\Windows\system32\credssp.dll
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System]
- "EnableUIADesktopToggle"=0
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer]
- "BindDirectlyToPropertySetStorage"=0
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.F14215E37CF124104575073F782111D2] - 21/01/2008 - 03:46:53 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [486456]
O58 - SDL:[MD5.7D05A75E3066861A6610F7EE04FF085C] - 21/01/2008 - 03:46:54 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [342584]
O58 - SDL:[MD5.820A201FE08A0C345B3BEDBC30E1A77C] - 21/01/2008 - 03:46:54 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (X64).) -- C:\Windows\system32\drivers\adpu160m.sys [126520]
O58 - SDL:[MD5.9B4AB6854559DC168FBB4C24FC52E794] - 21/01/2008 - 03:47:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [185912]
O58 - SDL:[MD5.3426A6EAA09077F3AB946FB9CEB85D8E] - 13/05/2011 - 09:42:13 ---A- . (.Acronis - File Level CDP Kernel Helper.) -- C:\Windows\system32\drivers\afcdp.sys [250400]
O58 - SDL:[MD5.157D0898D4B73F075CE9FA26B482DF98] - 21/01/2008 - 03:46:50 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15976]
O58 - SDL:[MD5.BA8417D4765F3988FF921F30F630E303] - 21/01/2008 - 03:46:52 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [90680]
O58 - SDL:[MD5.9D41C435619733B34CC16A511E644B11] - 21/01/2008 - 03:47:00 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [91192]
O58 - SDL:[MD5.5A68B880C16AD5A6AA20B49A47FFFF24] - 06/09/2011 - 21:36:14 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [24408]
O58 - SDL:[MD5.230613BE2D3DA8053879BE5ED2848F2D] - 06/09/2011 - 21:36:30 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [65368]
O58 - SDL:[MD5.0DC1996AE4178D7D14744EF6B3082313] - 06/09/2011 - 21:36:41 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [42328]
O58 - SDL:[MD5.B6FF911C23775CDFDD49612D92637AF4] - 06/09/2011 - 21:38:18 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [601944]
O58 - SDL:[MD5.5A590D8516376AED1829FC07D3BDAA4B] - 06/09/2011 - 21:38:16 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [301912]
O58 - SDL:[MD5.3239C0082FB0C1C4EE323730B85690A5] - 06/09/2011 - 21:36:41 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [58200]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 18/09/2006 - 22:30:15 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 18/09/2006 - 22:30:15 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]
O58 - SDL:[MD5.F0F0BA4D815BE446AA6A4583CA3BCA9B] - 02/11/2006 - 09:43:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [86528]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 18/09/2006 - 22:30:18 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 18/09/2006 - 22:30:18 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 19/09/2006 - 12:42:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]
O58 - SDL:[MD5.192AA0324412C6ED8BD7B345706D8A66] - 02/12/2008 - 08:44:59 ---A- . (.Sonic Solutions - CDR4 64-bit CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdr4_xp.sys [10488]
O58 - SDL:[MD5.9BDA54D19073AB1C2DBAFB13D989FE97] - 02/12/2008 - 08:44:59 ---A- . (.Sonic Solutions - CDRAL 64-bit Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdralw2k.sys [10488]
O58 - SDL:[MD5.244A50232767FED81D7166BC80151364] - 17/09/2011 - 15:57:58 ---A- . (.COMODO - COMODO Internet Security Eradication Driver.) -- C:\Windows\system32\drivers\cmderd.sys [16016]
O58 - SDL:[MD5.51EDA25D4F92978816A71C1ED7B492E7] - 17/09/2011 - 15:57:57 ---A- . (.COMODO - COMODO Internet Security Sandbox Driver.) -- C:\Windows\system32\drivers\cmdGuard.sys [252344]
O58 - SDL:[MD5.ED717F2D0A8EEDDFB18EDDC0347B4293] - 17/09/2011 - 15:57:58 ---A- . (.COMODO - COMODO Internet Security Helper Driver.) -- C:\Windows\system32\drivers\cmdhlp.sys [40176]
O58 - SDL:[MD5.E5D5499A1C50A54B5161296B6AFE6192] - 21/01/2008 - 03:46:50 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [18024]
O58 - SDL:[MD5.222CB641B4B8A1D1126F8033F9FD6A00] - 02/11/2006 - 12:50:06 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [88168]
O58 - SDL:[MD5.264CEE7B031A9D6C827F3D0CB031F2FE] - 21/01/2008 - 03:46:56 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G6032E.sys [146176]
O58 - SDL:[MD5.C4636D6E10469404AB5308D9FD45ED07] - 21/01/2008 - 03:46:59 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [397368]
O58 - SDL:[MD5.D7109A1E6BD2DFDBCBA72A6BC626A13B] - 21/01/2008 - 03:46:59 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [47672]
O58 - SDL:[MD5.FC28E90F2204D8FD147FA9BFA8A51C01] - 29/07/2005 - 16:35:59 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys [402456]
O58 - SDL:[MD5.3E3BF3627D886736D0B4E90054F929F6] - 21/01/2008 - 03:46:59 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [290872]
O58 - SDL:[MD5.8C3951AD2FE886EF76C7B5027C3125D3] - 02/11/2006 - 13:02:39 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44648]
O58 - SDL:[MD5.10F14CC4B14D086AFA1CC873D9E1BDF1] - 17/09/2011 - 15:57:58 ---A- . (.COMODO - COMODO Internet Security Firewall Driver.) -- C:\Windows\system32\drivers\inspect.sys [92688]
O58 - SDL:[MD5.8C7FA71CB1EBCD3EDE8958D27B1BF0B4] - 16/07/2008 - 12:56:06 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15_64.sys [17952]
O58 - SDL:[MD5.63C766CDC609FF8206CB447A65ABBA4A] - 02/11/2006 - 13:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [37480]
O58 - SDL:[MD5.1281FE73B17664631D12F643CBEA3F59] - 02/11/2006 - 13:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [37480]
O58 - SDL:[MD5.3455B8531FBEDF55545A17900BA0873A] - 01/10/2008 - 07:32:22 ---A- . (.JMicron Technology Corp. - JMicron JMB36X RAID Driver.) -- C:\Windows\system32\drivers\jraid.sys [95584]
O58 - SDL:[MD5.ACBE1AF32D3123E330A07BFBC5EC4A9B] - 21/01/2008 - 03:46:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [113720]
O58 - SDL:[MD5.799FFB2FC4729FA46D2157C0065B3525] - 21/01/2008 - 03:46:56 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [105016]
O58 - SDL:[MD5.F445FF1DAAD8A226366BFAF42551226B] - 21/01/2008 - 03:47:01 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [113720]
O58 - SDL:[MD5.024DA28053D57E9E32BEE52600576BBB] - 23/09/2005 - 22:18:34 ---A- . (.Pinnacle Systems GmbH - Pinnacle Marvin Discrete Bus Enumerator.) -- C:\Windows\system32\drivers\MarvinBus64.sys [261120]
O58 - SDL:[MD5.23A854450DAB5C9B7A42AB9BE6F2E4BD] - 31/08/2011 - 16:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25416]
O58 - SDL:[MD5.5C5CD6AACED32FB26C3FB34B3DCF972F] - 21/01/2008 - 03:46:59 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [35896]
O58 - SDL:[MD5.859BC2436B076C77C159ED694ACFE8F8] - 21/01/2008 - 03:46:56 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [438328]
O58 - SDL:[MD5.3C200630A89EF2C0864D515B7A75802E] - 02/11/2006 - 13:02:24 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [39016]
O58 - SDL:[MD5.4AC08BD6AF2DF42E0C3196D826C8AEA7] - 02/11/2006 - 13:03:03 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51816]
O58 - SDL:[MD5.63087073AEC62DA2EAA51BF512DF19C3] - 25/10/2008 - 21:00:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 180.) -- C:\Windows\system32\drivers\nvlddmkm.sys [9761056]
O58 - SDL:[MD5.2C040B7ADA5B06F6FACADAC8514AA034] - 21/01/2008 - 03:46:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [128056]
O58 - SDL:[MD5.F7EA0FE82842D05EDA3EFDD376DBFDBA] - 21/01/2008 - 03:46:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [54328]
O58 - SDL:[MD5.BB50B87757A11FD03EB9051682F63A01] - 17/01/2011 - 19:20:18 ---A- . (.Macrium Software - Macrium Reflect Virtual Disk Driver.) -- C:\Windows\system32\drivers\psmounter.sys [40600]
O58 - SDL:[MD5.ED15CDFA61F4C54DD1A24A9BB722BEF4] - 17/01/2011 - 19:20:44 ---A- . (.Paramount Software UK Ltd - Volume Access driver.) -- C:\Windows\system32\drivers\PSVolAcc.sys [13464]
O58 - SDL:[MD5.A6BF0A9B5A30D743623CA0D3BE35DF05] - 02/12/2008 - 08:44:59 ---A- . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) -- C:\Windows\system32\drivers\PxHlpa64.sys [52856]
O58 - SDL:[MD5.0B83F4E681062F3839BE2EC1D98FD94A] - 21/01/2008 - 03:46:52 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1221176]
O58 - SDL:[MD5.E1C80F8D4D1E39EF9595809C1369BF2A] - 02/11/2006 - 12:50:27 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [124008]
O58 - SDL:[MD5.6BCD9505F0AB48EDDA1EE250987B0EB4] - 27/08/2008 - 10:18:00 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [1489560]
O58 - SDL:[MD5.A2CBE070FBA458357ACEF41C3F3906CA] - 02/05/2008 - 06:59:48 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 64-bit Driver.) -- C:\Windows\system32\drivers\Rtlh64.sys [166912]
O58 - SDL:[MD5.BC85BDC1C30066C78B8C67AF1241D0B7] - 25/08/2005 - 15:44:36 ---A- . (.Realtek Corporation - Realtek NDIS 6.0 Intermediate Miniport Driver for Teaming.) -- C:\Windows\system32\drivers\RtTeam60.sys [43008]
O58 - SDL:[MD5.8B6B42D782202363A562F82B0E13B1C0] - 25/08/2005 - 15:44:37 ---A- . (.Windows (R) Codename Longhorn DDK provider - Sample NDIS 6.0 Intermediate Miniport Driver.) -- C:\Windows\system32\drivers\RtVlan60.sys [24064]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 30/09/2006 - 00:51:44 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]
O58 - SDL:[MD5.3A2F769FAB9582BC720E11EA1DFB184D] - 21/01/2008 - 03:47:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [78392]
O58 - SDL:[MD5.446EB38CE4A6D040F548B2F547CA96FF] - 13/05/2011 - 09:41:57 ---A- . (.Acronis - Acronis Snapshot API.) -- C:\Windows\system32\drivers\snapman.sys [254496]
O58 - SDL:[MD5.2F26A2C6FC96B29BEFF5D8ED74E6625B] - 02/11/2006 - 13:02:52 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [49256]
O58 - SDL:[MD5.A909667976D3BCCD1DF813FED517D837] - 02/11/2006 - 13:02:37 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [44648]
O58 - SDL:[MD5.36887B56EC2D98B9C362F6AE4DE5B7B0] - 02/11/2006 - 13:02:47 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [48232]
O58 - SDL:[MD5.DF9179B7BDF0C5B71F9C3D93C016BAE5] - 13/05/2011 - 09:42:09 ---A- . (.Acronis - Acronis Try&Decide Volume Filter Driver.) -- C:\Windows\system32\drivers\tdrpm251.sys [1455648]
O58 - SDL:[MD5.0735948466EC4FD24AA4AD36448C6888] - 14/04/2011 - 20:26:41 ---A- . (.Acronis - Acronis Try&Decide and Restore Points Volume Filter Driver.) -- C:\Windows\system32\drivers\tdrpman.sys [593952]
O58 - SDL:[MD5.3E24B7FE52BC455DA8D6E2CC2B4CA23F] - 14/04/2011 - 20:28:29 ---A- . (.Acronis - Acronis True Image File System Filter.) -- C:\Windows\system32\drivers\tifsfilt.sys [81952]
O58 - SDL:[MD5.F7546EAD58CC3000AC02CF9529B9934E] - 13/05/2011 - 09:42:07 ---A- . (.Acronis - Acronis Backup Archive Explorer.) -- C:\Windows\system32\drivers\timntr.sys [929312]
O58 - SDL:[MD5.697F0446134CDC8F99E69306184FBBB4] - 21/01/2008 - 03:46:56 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [284728]
O58 - SDL:[MD5.31707F09846056651EA2C37858F5DDB0] - 02/11/2006 - 12:50:54 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [148072]
O58 - SDL:[MD5.85E5E43ED5B48C8376281BAB519271B7] - 21/01/2008 - 03:46:52 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series x64 Windows Driver.) -- C:\Windows\system32\drivers\ulsata2.sys [174696]
O58 - SDL:[MD5.8294B6C3FDB6C33F24E150DE647ECDAA] - 21/01/2008 - 03:46:50 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [18024]
O58 - SDL:[MD5.A68F455ED2673835209318DD61BFBB0E] - 21/01/2008 - 03:47:25 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [149048]
O58 - SDL:[MD5.0D0E5281784C2C526BA43C2ECD374288] - 18/09/2006 - 07:50:10 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\Windows\SysWOW64\drivers\afc.sys [22784]
O58 - SDL:[MD5.C6E5276C00EBDEB096BB5EF4B797D1B6] - 16/07/2008 - 12:56:06 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\SysWOW64\drivers\int15.sys [15392]
O58 - SDL:[MD5.8C7FA71CB1EBCD3EDE8958D27B1BF0B4] - 16/07/2008 - 12:56:06 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\SysWOW64\drivers\int15_64.sys [17952]
O58 - SDL:[MD5.354585D8E53F2FF9B8AD5E1E2EF68CEF]
- 07/03/2005 - 18:44:16 ---A- . (.Matsushita Electric Industrial Co.,
Ltd. - Phoebe Photo Distribution Manager.) -- C:\Windows\SysWOW64\PhDi2.sys
[45056]
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\afcdp.sys - afcdp (afcdp) .(.Acronis - File Level CDP Kernel Helper.) - LEGACY_AFCDP
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWFSBLK.sys - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK
O64 - Services: CurCS - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSNX.sys - (.not file.) - aswSnx (aswSnx) .(...) - LEGACY_ASWSNX
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSP.sys - (.not file.) - aswSP (aswSP) .(...) - LEGACY_ASWSP
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cmdguard.sys - COMODO Internet Security Sandbox Driver (cmdGuard) .(.COMODO - COMODO Internet Security Sandbox Driver.) - LEGACY_CMDGUARD
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cmdhlp.sys - COMODO Internet Security Helper Driver (cmdHlp) .(.COMODO - COMODO Internet Security Helper Driver.) - LEGACY_CMDHLP
O64 - Services: CurCS - C:\Program Files\MediaCoder 2011 64b\sysInfoX64.sys - CrystalSysInfo (CrystalSysInfo) .(...) - LEGACY_CRYSTALSYSINFO
O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\inspect.sys - COMODO Internet Security Firewall Driver (inspect) .(.COMODO - COMODO Internet Security Firewall Driver.) - LEGACY_INSPECT
O64 - Services: CurCS - C:\Windows\sysWOW64\drivers\int15_64.sys - int15 (int15) .(.Acer, Inc. - int15.) - LEGACY_INT15
O64 - Services: CurCS - (.not file.) - klmd25 (klmd25) .(...) - LEGACY_KLMD25
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\tifsfilt.sys
- Acronis True Image FS Filter (tifsfilter) .(.Acronis - Acronis
True Image File System Filter.) - LEGACY_TIFSFILTER
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>
<regfile>[HKCR\..\open\Command] (.Microsoft Corporation - éditeur
du Registre.) -- C:\Windows\regedit.exe
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE>
<Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation
- Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [Thierry - kvqejc3j.default] user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU]
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.16E53BFC96CE14021C0E07EB1C198478] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Thierry\AppData\Roaming\inst.exe [99384]
[MD5.AF7CE12C4F3DC8CB2B07685C916BBCFE]
[SPRF] (.VSO Software - low level access layer for CD/DVD/BD devices.)
-- C:\Users\Thierry\AppData\Roaming\pcouffin.sys [82816]
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "FPS-SpoolSvc-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" |Out - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\lsass.exe (.not file.)
O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-DFSR-Out-TCP" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\dfsr.exe (.not file.)
O87 - FAEL: "WinCollab-DFSR-In-TCP" |In - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\dfsr.exe (.not file.)
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contr?leur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contr?leur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{C43F1E6A-3C0B-4AD8-B73E-B8108F1959E9}" | In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe
O87 - FAEL: "{C6042C5B-3E72-4891-B2E0-1DCF0D7FAAC4}" | In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe
O87 - FAEL: "{C5FC31B5-3116-4BA7-898D-6B195461BC0D}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDVD.) -- C:\Program Files (x86)\PowerDVD 5.0\PowerDVD.exe
O87 - FAEL: "{8414BCD1-DCE9-4083-BFC0-63FE36D08956}" | In - Private - P6 - TRUE | .(.Pinnacle Systems - Render Manager.) -- C:\Program Files (x86)\Pinnacle\Studio 12\Programs\RM.exe
O87 - FAEL: "{711B390D-1C8C-4EAD-9DE6-C7364A7D0C57}" | In - Private - P17 - TRUE | .(.Pinnacle Systems - Render Manager.) -- C:\Program Files (x86)\Pinnacle\Studio 12\Programs\RM.exe
O87 - FAEL: "{A903295A-35ED-4E5C-9343-CC54AD8769BA}" | In - Private - P6 - TRUE | .(.Pinnacle Systems - Studio program file.) -- C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe
O87 - FAEL: "{FE5CD7A1-0874-4A87-BA7F-84E8A5F1FD4E}" | In - Private - P17 - TRUE | .(.Pinnacle Systems - Studio program file.) -- C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe
O87 - FAEL: "{8E38DA70-E36C-42D4-9190-B16C9E5F639E}" | In - Private - P6 - TRUE | .(.Pinnacle Systems - umi.) -- C:\Program Files (x86)\Pinnacle\Studio 12\Programs\umi.exe
O87 - FAEL: "{371B7107-A6CC-41A5-A28D-E8EE2DB1C739}" | In - Private - P17 - TRUE | .(.Pinnacle Systems - umi.) -- C:\Program Files (x86)\Pinnacle\Studio 12\Programs\umi.exe
O87 - FAEL: "{A9FBDAC7-043B-4968-BDFF-1AE4BCC8AF8C}" | In - Private - P6 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program Files (x86)\Vuze\Azureus.exe
O87 - FAEL: "{A97A51D1-15AF-4868-A119-BD1288DED304}"
| In - Private - P17 - TRUE | .(.Vuze Inc. - Pas de description.) --
C:\Program Files (x86)\Vuze\Azureus.exe
---\\ Scan Additionnel (O88)
Database Version : 3356 - (03/04/2011)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\ext\stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO
[HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.ct2504091] =>Adware.Agent
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{30F9B915-B755-4826-820B-08FBA6BD249D} =>Toolbar.Conduit
C:\Users\Thierry\AppData\Roaming\\OpenCandy =>Adware.OpenCandy
C:\Program Files (x86)\IZArc\OpenCandy
=>Adware.OpenCandy
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 12/09/2009 892072 | (AcrSch2Svc) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
SR - | Auto 11/09/2007 124832 | (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
SR - | Auto 13/05/2011 2326920 | (afcdpsrv) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
SR - | Auto 06/09/2011 44768 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 11/08/2006 200704 | (Capture Device Service) . (.InterVideo Inc..) - C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
SR - | Auto 26/05/2011 161080 | (CLPSLS) . (.COMODO.) - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
SR - | Auto 17/09/2011 2528096 | C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (cmdAgent) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
SR - | Auto 16/07/2008 24576 | (ETService) . (...) - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
SS - | Demand 02/12/2008 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 29/05/2008 83264 | (GenericHidService) . (.Packard Bell Services.) - C:\Windows\System32\HidService.exe
SS - | Auto 11/04/2011 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/04/2011 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/04/2011 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 19/10/2006 61440 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 24/09/2008 935208 | Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 24/09/2008 0 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 17/01/2011 301720 | (ReflectService) . (...) - C:\Program Files\Macrium\Reflect\ReflectService.exe
SR - | Auto 08/08/2005 167936 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
SR - | Auto 22/04/2011 92592 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 21/01/2008 21504
| C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.)
- C:\Windows\system32\svchost.exe
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Thierry at 28/09/2011
20:35:48
device: opened successfully
user: error reading MBR
Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Thierry at 28/09/2011 20:35:51
Use the desktop link 'MBRCheck' to have full report
Dump file Name : C:\PhysicalDisk0_MBR.bin
End of the scan (976 lines in
00mn 56s)(0)