# AdwCleaner v1.309 - Rapport créé le 08/10/2011 à 16:24:45
# Mis à jour le 29/09/11 à 20h par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : alexandre - ALEXANDRE-VAIO (Administrateur)
# Exécuté depuis : C:\Users\alexandre\Downloads\adwcleaner0.exe
# Option [Suppression]


***** [KillNav] *****

# firefox.exe [PID:6912] -> Tué

***** [Processus] *****


***** [Services] *****


***** [Fichiers / Dossiers] *****


***** [Registre] *****


***** [Registre (64 bits)] *****


***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v7.0.1 (fr)

Profil : 5gnfjeww.default
Fichier : C:\Users\alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\5gnfjeww.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\alexandre\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [59892 octets] - [07/10/2011 13:49:55]
AdwCleaner[S1].txt - [57899 octets] - [07/10/2011 13:52:28]
AdwCleaner[R2].txt - [2884 octets] - [08/10/2011 12:01:01]
AdwCleaner[R3].txt - [2983 octets] - [08/10/2011 16:24:18]
AdwCleaner[S2].txt - [3153 octets] - [08/10/2011 16:24:31]
AdwCleaner[S3].txt - [1443 octets] - [08/10/2011 16:24:45]

*************************

Dossier Temporaire : 0 dossier(s) et 0 fichier(s) supprimé(s)

########## EOF - C:\AdwCleaner[S3].txt - [1665 octets] ##########

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 7900

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

08.10.2011 16:37:59
mbam-log-2011-10-08 (16-37-59).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 181136
Temps écoulé: 5 minute(s), 44 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

je dois te le donner en partie
Rapport de ZHPDiag v1.28.1367 par Nicolas Coolman, Update du 05/10/2011
Run by alexandre at 08/10/2011 16:39:24
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 7.0.1 v7.0.1

---\\ Windows Product Information
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : CGKHQ
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3950 MB (56% free)
System Restore: Activé (Enable)
System drive C: has 228 GB (50%) free of 455 GB

---\\ Logged in mode
~ Computer Name: ALEXANDRE-VAIO
~ User Name: alexandre
~ All Users Names: HomeGroupUser$, alexandre, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\alexandre\AppData\Roaming\
~ %Desktop% : C:\Users\alexandre\Desktop\
~ %Favorites% : C:\Users\alexandre\Favorites\
~ %LocalAppData% : C:\Users\alexandre\AppData\Local\
~ %StartMenu% : C:\Users\alexandre\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 228 Go of 455 Go)
D:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
F:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.27/04/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]
[MD5.0732B49B250E306F7A6591029AF9885B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/08/2011 - 06:36:16.) -- C:\Windows\system32\wininet.dll [1389056]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.01/04/2011 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.01/04/2011 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448]
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.01/04/2011 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.D5B031C308A409A0A576BFF4CF083D30] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/06/2011 - 03:34:03.) -- C:\Windows\system32\drivers\AFD.sys [499200] *1908
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128] *1828
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\drivers\Cdfs.sys [92160] *1828
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.01/04/2011 - 10:19:21.) -- C:\Windows\system32\drivers\Cdrom.sys [147456] *1820
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.01/04/2011 - 10:26:32.) -- C:\Windows\system32\drivers\DfsC.sys [102400] *1884
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.01/04/2011 - 11:43:43.) -- C:\Windows\system32\drivers\HDAudBus.sys [122368] *1908
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\drivers\i8042prt.sys [105472] *1892
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\drivers\IpNat.sys [116224] *1860
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.17/06/2011 - 03:40:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [158208] *1852
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.01/04/2011 - 10:23:20.) -- C:\Windows\system32\drivers\netBT.sys [261632] *1828
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/04/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776] *1908
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\drivers\Parport.sys [97280] *1892
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.01/04/2011 - 11:52:35.) -- C:\Windows\system32\drivers\Rasl2tp.sys [129536] *1916
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.01/04/2011 - 10:21:56.) -- C:\Windows\system32\drivers\tdx.sys [119296] *1820
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 8/2330
Mes musiques (My Musics) : 4/4 (Modified)
~ Mes Videos (My Videos) : 2/80
~ Mes Favoris (My Favorites) : 2/34
~ Mes Documents (My Documents) : 18/110
~ Mon Bureau (My Desktop) : 1/5
~ Menu demarrer (Programs) : 6/35
~ Scan Hidden Files in 00mn 04s



---\\ Processus lancés
[MD5.C7144387E236687F8FB3F26FC845A822] - (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3077528] [PID.3660]
[MD5.EF4BF6AB09A06867104DAC48DF35E779] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.3752]
[MD5.6C72E91639AA9D190CDA13D389FE7827] - (.Sony Corporation - Pas de description.) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe [320880] [PID.3812]
[MD5.E055D387B31577489BDD1BA0A5E056B4] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe [597792] [PID.3880]
[MD5.F6EA75A95BE7580273F6F4437E58A508] - (.Sony Corporation - Marketing Tools.) -- C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe [26624] [PID.3928]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.4076]
[MD5.DAAF803D7F2ACD6C84AF50C26F618DE1] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe [287472] [PID.3264]
[MD5.7636713B4F0944045AB4AF7CED5245AB] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704] [PID.3260]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.3576]
[MD5.026423673B8563E9975BDA97ED6273C7] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [449608] [PID.3308]
[MD5.4CBE2BD48A10404A7CB9FA9D45FD77A3] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [1047208] [PID.6132]
[MD5.4D96F6F7508BDF46771262EEEA505F98] - (.Sony of America Corporation - VaioCare Window Listener Application.) -- C:\Program Files\Sony\VAIO Care\listener.exe [81016] [PID.5964]
[MD5.4E5585800B561FBEF64B27425365A36F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [924632] [PID.5892]
[MD5.83F4BA8B8CDA4F063AA2002955A508A9] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16856] [PID.492]
[MD5.7B2E3899314974CC40D93A6CD7C855C8] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [2134016] [PID.3684]
[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [136360] [PID.]
[MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [269480] [PID.]
[MD5.AA0280938EE7749597F2FEE76DBF31A5] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe [90112] [PID.]
[MD5.5460828F8951D310B42B442877603B8D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.]
[MD5.627FA58ADC043704F9D14CA44340956F] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [360224] [PID.]
[MD5.63F6D08C54D5B3C1B12A6172032055C7] - (.ArcSoft, Inc. - MgiSvr.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960] [PID.]
[MD5.6B31C9CB94927DBEEB62E15275F4CC54] - (.Sony Corporation - VAIO Event Service (Service Module).) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe [205168] [PID.]
[MD5.6A740F5FF3246C3BE3DD317299EFC88E] - (.Sony Corporation - VAIO Content Folder Watcher.) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642416] [PID.]
[MD5.10E212BFB7EAB152A64C1AAEC2F7F4E0] - (.Sony Corporation - VCM Intelligent Analyzing Manager.) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [529776] [PID.]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.]
[MD5.D8BEF4AC1EAC809DBDBD441D6CFF6C4C] - (.Sony Corporation - VAIO Entertainment Database Service.) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336] [PID.]
[MD5.CC800D2D9FD467542BAC7C186C4774AD] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.]
[MD5.7CD368DFF5D7D4BA9F8F46F31EA8877D] - (.Sony Corporation - VAIO Event Service(Service Sub Module).) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe [112488] [PID.]
[MD5.94E920BE59B9AB65D95E582DBAA136AC] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [366152] [PID.]
[MD5.9E89C2D6945389270DE067CE51FF7425] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.]
[MD5.D347D3ABE070AA09C22FC37121555D52] - (.Sony Corporation - VAIOCare.) -- C:\Program Files\Sony\VAIO Care\VCService.exe [44736] [PID.]
~ Scan Processes Running in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\alexandre\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://home.sweetim.com
G2 - GCE: Preference [User Data\Default] [dhkplhfnhceodhffomolpfigojocbpcb] Babylon Chrome OCR v.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [fnjbmmemklcjgepojigaapkoodmkgbae] DivX HiQ v.2.1.1.94 (Activé)
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\5gnfjeww.default\prefs.js
C:\Users\alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\5gnfjeww.default\user.js (.not file.)
M3 - MFPP: Plugins - [alexandre] -- C:\Users\alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\5gnfjeww.default\searchplugins\mywebsearch.xml
M3 - MFPP: Plugins - [alexandre] -- C:\Users\alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\5gnfjeww.default\searchplugins\TelevisionFanatic.xml
M2 - MFEP: prefs.js [alexandre - 5gnfjeww.default\foxyproxy@eric.h.jung] [] FoxyProxy Basic v2.2 (.LeahScape, Inc..)
M2 - MFEP: prefs.js [alexandre - 5gnfjeww.default\illimitux@illimitux.net] [illimitux] Illimitux v4.0 (.http://www.illimitux.net/.)
M2 - MFEP: prefs.js [alexandre - 5gnfjeww.default\plugin@yontoo.com] [] Yontoo Layers v1.20.00 (.Yontoo LLC.)
M2 - MFEP: prefs.js [alexandre - 5gnfjeww.default\{4daac69c-cba7-45e2-9bc8-1044483d3352}] [] Softonic_France Community Toolbar v3.7.0.6 (.Conduit Ltd..)
M2 - MFEP: prefs.js [alexandre - 5gnfjeww.default\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}] [] XfireXO v3.7.0.6 (.Conduit Ltd..)
M2 - MFEP: prefs.js [alexandre - 5gnfjeww.default\{707db484-2428-402d-afb5-d85b387544c7}] [] Mario Forever Toolbar v2.1.0.15 (.Conduit Ltd..)
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKUS\S-1-5-21-2703860372-3540785183-1039810928-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-2703860372-3540785183-1039810928-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: (no name) [64Bits] - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {4daac69c-cba7-45e2-9bc8-1044483d3352} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} . (...) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) [64Bits] - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} Clé orpheline
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> [64Bits] - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites [64Bits] - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files (x86)\Div
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE [64Bits] - {EEE6C35C-6118-11DC-9C72-001320C79847} . (...) -- C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (.not file.)
O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Layers Runtime.) -- C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
~ Scan BHO in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKCU\..\Run: [msnmsgr] ~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [ISBMgr.exe] . (.Sony Corporation - Pas de description.) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Wow6432Node\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Wow6432Node\Run: [MarketingTools] . (.Sony Corporation - Marketing Tools.) -- C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Wow6432Node\Run: [BEWINTERNET-CHSessionManager] . (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Internet Everywhere\IEWCH_8.0\SessionManager\SessionManager.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [CardDetectorHUAWEI1752_1552] . (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe
O4 - HKLM\..\Wow6432Node\Run: [DivX Download Manager] . (.DivX, LLC - DivX Download Manager Service.) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-2703860372-3540785183-1039810928-1000\..\Run: [msnmsgr] ~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-2703860372-3540785183-1039810928-1000\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-2703860372-3540785183-1039810928-1000\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\alexandre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CDPoker.lnk . (...) -- C:\Poker\CDPoker\casino.exe
O4 - Global Startup: C:\Users\alexandre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\alexandre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\alexandre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JHUploader.lnk . (...) -- C:\Users\alexandre\AppData\Local\Temp\Temp1_JHUploader.zip\JHUploader.exe (.not file.)
O4 - Global Startup: C:\Users\alexandre\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files (x86)\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\alexandre\Desktop\CDPoker.lnk . (...) -- C:\Poker\CDPoker\casino.exe
O4 - Global Startup: C:\Users\alexandre\Desktop\DivX Movies.lnk . (...) -- C:\Users\alexandre\Videos\DivX Movies
O4 - Global Startup: C:\Users\alexandre\Desktop\LEGO Star Wars 2 DEMO.lnk . (...) -- C:\Program Files (x86)\LucasArts\LEGO Star Wars 2 DEMO\starwars_pc.exe
O4 - Global Startup: C:\Users\alexandre\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CDPoker.lnk . (...) -- C:\Poker\CDPoker\casino.exe
O4 - Global Startup: C:\Users\alexandre\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\alexandre\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\alexandre\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Xfire.lnk . (.Xfire Inc..) -- C:\Program Files (x86)\Xfire\Xfire.exe
O4 - Global Startup: C:\Users\alexandre\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
~ Scan Global Startup in 00mn 00s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~1\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6DD0B22D-C026-4940-9700-1362E8BA5673}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{EB67E911-867D-4C13-AE00-E3C7ECA0A89B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6DD0B22D-C026-4940-9700-1362E8BA5673}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{EB67E911-867D-4C13-AE00-E3C7ECA0A89B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6DD0B22D-C026-4940-9700-1362E8BA5673}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{EB67E911-867D-4C13-AE00-E3C7ECA0A89B}: DhcpNameServer = 192.168.2.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype-ie-addon-data [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll
~ Scan Winlogon in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll (.not file.)
~ Scan AppInit DLL in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA - Pas de description.) - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Roxio Upnp Server 10 (Roxio Upnp Server 10) . (.Sonic Solutions - RoxioUpnpService10 Module.) - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: VAIO Care Performance Service (SampleCollector) - Clé orpheline
O23 - Service: CamMonitor (uCamMonitor) . (.ArcSoft, Inc. - MgiSvr.) - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service (VAIO Event Service) . (.Sony Corporation - VAIO Event Service (Service Module).) - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) . (.Sony Corporation - VAIO Content Folder Watcher.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) . (.Sony Corporation - VCM Intelligent Analyzing Manager.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VSNService (VSNService) . (.Sony Corporation - VAIO Smart Network Service.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) . (.Sony Corporation - VAIO Entertainment Database Service.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
~ Scan Services in 00mn 00s

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\iMeshNAG.job
[MD5.00000000000000000000000000000000] [APT] [iMeshNAG] (...) -- C:\Users\alexandre\AppData\Local\Temp\iMesh_setup.exe (.not file.)
[MD5.3E30EE1AAC9790821E0454B1D68740F3] [APT] [{3B6B8B41-E3AA-4641-85BE-34D18EB21680}] (.France Telecom SA.) -- C:\Program Files (x86)\Internet Everywhere\IEWCH_8.0\Launcher\Launcher.exe
[MD5.00000000000000000000000000000000] [APT] [{583035A5-8A26-407B-A79D-1188AF7A45CA}] (...) -- C:\Users\alexandre\Games\World of Warcraft\Launcher.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{B486DE98-E90A-4BD1-96DD-D2963C7BA0AC}] (...) -- C:\Users\alexandre\Games\World of Warcraft\Launcher.exe (.not file.)
[MD5.61CFEDAF9C527A1463F34F71240F9BB5] [APT] [{F4AC0485-3E46-4FB2-94E2-D33FDED7951D}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
[MD5.5111C2975C5FB818EF6CA7EC36BF818E] [APT] [Level4Daily] (.Sony Corporation.) -- C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe
[MD5.5111C2975C5FB818EF6CA7EC36BF818E] [APT] [Level4Month] (.Sony Corporation.) -- C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe
[MD5.84A792BAFF0B6D946A36C7AE96686890] [APT] [VPM Logon Start] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
[MD5.84A792BAFF0B6D946A36C7AE96686890] [APT] [VPM Session Change] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
[MD5.84A792BAFF0B6D946A36C7AE96686890] [APT] [VPM Unlock] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
[MD5.C4CE3410C807C16F8B14081B9F00045D] [APT] [VAIO Gate] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
[MD5.AA8DC44463E3AEF6D91C1DD300D2DC35] [APT] [VAIO Update 5] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
~ Scan Scheduled Task in 00mn 10s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys
O41 - Driver: McAfee Inc. mfehidk (mfehidk) . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) - C:\Windows\system32\drivers\mfehidk.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM] -- {5BC83141-83DD-07BE-C940-04B385540F04}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.4.5 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Akamai NetSession Interface - (.Pas de propriétaire.) [HKLM] -- Akamai
O42 - Logiciel: Alps Pointing-device for VAIO - (.ALPS ELECTRIC CO., LTD..) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: ArcSoft Magic-i Visual Effects 2 - (.ArcSoft.) [HKLM] -- {7BB90344-0647-468E-925A-7F69F7983421}
O42 - Logiciel: ArcSoft WebCam Companion 3 - (.ArcSoft.) [HKLM] -- {DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CDPoker - (.Pas de propriétaire.) [HKCU] -- Club Dice Poker
O42 - Logiciel: Card Detector for Huawei E1752 and E1552 - (.Pas de propriétaire.) [HKLM] -- CardDetectorHUAWEI1752_1552
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {C5529BC1-C2BF-44E8-B62A-01913D70081C}
O42 - Logiciel: Click to Disc MergeModules x64 - (.Sony Corporation.) [HKLM] -- {393A9268-A428-4F5A-9B20-BD753309A98E}
O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup.divx.com
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Désinstaller Internet Everywhere - (.Pas de propriétaire.) [HKLM] -- {BEWINTERNET-CH}.UninstallSuite
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Gestion de l’alimentation de VAIO - (.Sony Corporation.) [HKLM] -- {803E4FA5-A940-4420-B89D-A8BC2E160247}
O42 - Logiciel: Install(Fr) - (.AeriaGames.) [HKLM] -- {E32B0931-C97B-48E1-A466-27D4088060EF}
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Intel(R) Turbo Boost Technology Driver - (.Intel Corporation.) [HKLM] -- {D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}
O42 - Logiciel: Java(TM) 6 Update 16 (64-bit) - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F86416016FF}
O42 - Logiciel: Java(TM) 6 Update 26 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216016FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: L'Age de Glace 3(TM) Demo - (.Activision.) [HKLM] -- InstallShield_{33591674-169B-4F4A-A178-D19001CA9862}
O42 - Logiciel: LEGO Star Wars 2 DEMO - (.LucasArts.) [HKLM] -- InstallShield_{150FEA49-4039-4458-B9D0-F19CC17229FE}
O42 - Logiciel: LEGO® Pirates des Caraïbes Le Jeu Vidéo DÉMO - (.Disney Interactive Studios.) [HKLM] -- {A85568D7-A01E-4E05-AFEE-4A1852D70281}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Media Gallery - (.Sony Corporation.) [HKLM] -- {DD88F979-FA58-41AC-980C-A6E1A82B61D9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {aac9fcc4-dd9e-4add-901c-b5496a07ab2e}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 7.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 7.0.1 (x86 fr)
O42 - Logiciel: Mumble 1.2.3 - (.Thorvald Natvig.) [HKLM] -- {E1019541-10A2-464F-A23E-A4F23DA65160}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
O42 - Logiciel: Outil de restauration de données VAIO - (.Sony Corporation.) [HKLM] -- {57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}
O42 - Logiciel: PMB - (.Sony Corporation.) [HKLM] -- {B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}
O42 - Logiciel: PMB VAIO Edition Guide - (.Sony Corporation.) [HKLM] -- {339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}
O42 - Logiciel: PMB VAIO Edition plug-in (Click to Disc) - (.Sony Corporation.) [HKLM] -- InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}
O42 - Logiciel: PMB VAIO Edition plug-in (Click to Disc) - (.Sony Corporation.) [HKLM] -- {4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}
O42 - Logiciel: PMB VAIO Edition plug-in (VAIO Image Optimizer) - (.Sony Corporation.) [HKLM] -- InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}
O42 - Logiciel: PMB VAIO Edition plug-in (VAIO Image Optimizer) - (.Sony Corporation.) [HKLM] -- {1873FFC1-FDCB-47E1-B7C7-F418211E3530}
O42 - Logiciel: PMB VAIO Edition plug-in (VAIO Movie Story) - (.Sony Corporation.) [HKLM] -- InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}
O42 - Logiciel: PMB VAIO Edition plug-in (VAIO Movie Story) - (.Sony Corporation.) [HKLM] -- {B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}
O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}
O42 - Logiciel: Paramètres de contrôle du contenu VAIO - (.Sony Corporation.) [HKLM] -- {23825B69-36DF-4DAD-9CFD-118D11D80F16}
O42 - Logiciel: Paramètres des fonctions d'origine VAIO - (.Sony Corporation.) [HKLM] -- {A63E7492-A0BC-4BB9-89A7-352965222380}
O42 - Logiciel: Paraworld MP Demo - (.SEK GmbH.) [HKLM] -- Paraworld Multiplayer Demo_is1
O42 - Logiciel: Prise en charge du transfert VAIO - (.Sony Corporation.) [HKLM] -- {5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}
O42 - Logiciel: Realtek HDMI Audio Driver for ATI - (.Realtek Semiconductor Corp..) [HKLM] -- {5449FB4F-1802-4D5B-A6D8-087DB1142147}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Roxio Central Audio - (.Roxio.) [HKLM] -- {73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
O42 - Logiciel: Roxio Central Copy - (.Roxio.) [HKLM] -- {B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
O42 - Logiciel: Roxio Central Core - (.Roxio.) [HKLM] -- {ED439A64-F018-4DD4-8BA5-328D85AB09AB}
O42 - Logiciel: Roxio Central Data - (.Roxio.) [HKLM] -- {08E81ABD-79F7-49C2-881F-FD6CB0975693}
O42 - Logiciel: Roxio Central Tools - (.Roxio.) [HKLM] -- {1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
O42 - Logiciel: Roxio Easy Media Creator 10 LJ - (.Roxio.) [HKLM] -- {537BF16E-7412-448C-95D8-846E85A1D817}
O42 - Logiciel: Roxio Easy Media Creator Home - (.Roxio.) [HKLM] -- {FE51662F-D8F6-43B5-99D9-D4894AF00F83}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553074) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5729F1AE-5895-468F-9165-BAD161C9E982}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2553073) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{65EA4836-B5A3-4C1D-8883-0C35E471003A}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870
O42 - Logiciel: Setting Utility Series - (.Sony Corporation.) [HKLM] -- {A7DA438C-2E43-4C20-BFDA-C1F4A6208558}
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
O42 - Logiciel: Skypeâ„¢ 5.1 - (.Skype Technologies S.A..) [HKLM] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
O42 - Logiciel: Sony Home Network Library - (.Sony Corporation.) [HKLM] -- {D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}
O42 - Logiciel: SweetIM Toolbar for Internet Explorer 3.9 - (.SweetIM Technologies Ltd..) [HKLM] -- {A6CC2CA2-2779-4F10-88BF-A3C9EB874C24}
O42 - Logiciel: SweetIM for Messenger 3.3 - (.SweetIM Technologies Ltd..) [HKLM] -- {1D301950-EA2F-4882-9AA0-49467756842A}
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client
O42 - Logiciel: Toytopia fr - (.Boonty.) [HKLM] -- Toytopia_is1
O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VAIO - PMB VAIO Edition Guide - (.Sony Corporation.) [HKLM] -- InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}
O42 - Logiciel: VAIO Care - (.Sony Corporation.) [HKLM] -- {36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}
O42 - Logiciel: VAIO Content Metadata Intelligent Analyzing Manager - (.Sony Corporation.) [HKLM] -- {4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}
O42 - Logiciel: VAIO Content Metadata Intelligent Network Service Manager - (.Sony Corporation.) [HKLM] -- {4427F384-B5BE-4769-B7D0-C784FC321EB1}
O42 - Logiciel: VAIO Content Metadata Manager Settings - (.Sony Corporation.) [HKLM] -- {12D0BE8D-538C-4AB1-86DE-C540308F50DA}
O42 - Logiciel: VAIO Content Metadata XML Interface Library - (.Sony Corporation.) [HKLM] -- {291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}
O42 - Logiciel: VAIO Control Center - (.Sony Corporation.) [HKLM] -- {72042FA6-5609-489F-A8EA-3C2DD650F667}
O42 - Logiciel: VAIO DVD Menu Data - (.Sony Corporation.) [HKLM] -- {596BED91-A1D8-4DF1-8CD1-1C777F7588AC}
O42 - Logiciel: VAIO Entertainment Platform - (.Sony Corporation.) [HKLM] -- {6B1F20F2-6321-4669-A58C-33DF8E7517FF}
O42 - Logiciel: VAIO Event Service - (.Sony Corporation.) [HKLM] -- {C7477742-DDB4-43E5-AC8D-0259E1E661B1}
O42 - Logiciel: VAIO Gate - (.Sony Corporation.) [HKLM] -- {A7C30414-2382-4086-B0D6-01A88ABA21C3}
O42 - Logiciel: VAIO Gate Default - (.Sony Corporation.) [HKLM] -- {B7546697-2A80-4256-A24B-1C33163F535B}
O42 - Logiciel: VAIO Marketing Tools - (.Sony Corporation.) [HKLM] -- MarketingTools
O42 - Logiciel: VAIO Media plus - (.Sony Corporation.) [HKLM] -- {8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}
O42 - Logiciel: VAIO Media plus Opening Movie - (.Sony Corporation.) [HKLM] -- {9238E8A4-BEBA-43A3-B926-769BDBF194C5}
O42 - Logiciel: VAIO Movie Story MergeModules x64 - (.Sony Corporation.) [HKLM] -- {C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}
O42 - Logiciel: VAIO Movie Story Template Data - (.Sony Corporation.) [HKLM] -- InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}
O42 - Logiciel: VAIO Movie Story Template Data - (.Sony Corporation.) [HKLM] -- {6FA8BA2C-052B-4072-B8E2-2302C268BE9E}
O42 - Logiciel: VAIO Personalization Manager - (.Sony Corporation.) [HKLM] -- {A95187EF-BCF4-4468-B501-C0BAB976ADD1}
O42 - Logiciel: VAIO Premium Partners - (.Sony Europe.) [HKLM] -- VAIO Premium Partners
O42 - Logiciel: VAIO Quick Web Access - (.Sony Corporation.) [HKLM] -- splashtop
O42 - Logiciel: VAIO Quick Web Access - (.Sony Corporation.) [HKLM] -- {5A92468F-3ED8-4F96-A9E1-4F176C80EC29}
O42 - Logiciel: VAIO Smart Network - (.Sony Corporation.) [HKLM] -- {0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}
O42 - Logiciel: VAIO Update - (.Sony Corporation.) [HKLM] -- {5BEE8F1F-BD32-4553-8107-500439E43BD7}
O42 - Logiciel: VAIO Wallpaper Contents - (.Sony Corporation.) [HKLM] -- {D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}
O42 - Logiciel: VAIO screensaver - (.Sony Europe.) [HKLM] -- VAIO screensaver
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421}
O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Ventrilo Client - (.Flagship Industries, Inc..) [HKLM] -- {789289CA-F73A-4A16-A331-54D498CE069F}
O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM] -- {9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
O42 - Logiciel: WinRAR 4.00 bêta 5 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) - (.Broadcom.) [HKLM] -- 930E4792BDAEAFB62A9514EE7578775658A5D07C
O42 - Logiciel: Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) - (.Broadcom.) [HKLM] -- 3BA80AB4C7E9F8497C115C844953A3D4BEB84D21
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {FE4BE0BD-1EDB-4D24-9614-847B3C472887}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: Windows iLivid Toolbar - (.Bandoo Media, Inc.) [HKLM] -- Searchqu 406 MediaBar
O42 - Logiciel: World of Warcraft - (.Blizzard Entertainment.) [HKLM] -- World of Warcraft
O42 - Logiciel: Xfire (remove only) - (.Pas de propriétaire.) [HKLM] -- Xfire
O42 - Logiciel: Yontoo Layers Runtime 1.10.01 - (.Yontoo LLC.) [HKLM] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B}
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AhnLab]
[HKCU\Software\Alps]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\DivX]
[HKCU\Software\AppDataLow\Software\Fun Web Products]
[HKCU\Software\AppDataLow\Software\FunWebProducts]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\MyWebSearch]
[HKCU\Software\AppDataLow\Software\TelevisionFanaticEI]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software\uTorrentBar]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\ArcSoft]
[HKCU\Software\Ask.com.tmp]
[HKCU\Software\Avira]
[HKCU\Software\BitTorrent]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Boonty]
[HKCU\Software\Bugsplat]
[HKCU\Software\CDDB]
[HKCU\Software\ClassesB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CocoonSoftware]
[HKCU\Software\DataMngr_Toolbar]
[HKCU\Software\Disney Interactive Studios]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\Evernote]
[HKCU\Software\FunWebProducts]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Judgehype]
[HKCU\Software\Lavalys]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Mumble]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PC SOFT]
[HKCU\Software\PTECH]
[HKCU\Software\Pando Networks]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Razer]
[HKCU\Software\Realtek]
[HKCU\Software\Roxio]
[HKCU\Software\RtkPCEE3sMsg]
[HKCU\Software\SecuROM]
[HKCU\Software\Settings]
[HKCU\Software\SkypeApps]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\Sonic]
[HKCU\Software\Sony Corporation]
[HKCU\Software\SpecItems]
[HKCU\Software\Spointer]
[HKCU\Software\Steganos]
[HKCU\Software\Sunflowers]
[HKCU\Software\SweetIM]
[HKCU\Software\Sysinternals]
[HKCU\Software\THQ]
[HKCU\Software\TeamSpeak 3 Client]
[HKCU\Software\Trolltech]
[HKCU\Software\Unity]
[HKCU\Software\Ventrilo]
[HKCU\Software\Widcomm]
[HKCU\Software\WideStream]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Xfire]
[HKCU\Software\ilivid]
[HKCU\Software\kde.org]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Activision]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\AeriaGames]
[HKLM\Software\Alps]
[HKLM\Software\America Online]
[HKLM\Software\AppDataLow]
[HKLM\Software\ArcSoft]
[HKLM\Software\Auslogics]
[HKLM\Software\Avira]
[HKLM\Software\Blizzard Entertainment]
[HKLM\Software\Boonty]
[HKLM\Software\CDDB]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Debug]
[HKLM\Software\DeviceVM]
[HKLM\Software\Digital River]
[HKLM\Software\Disney Interactive Studios]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LEGO Media]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfeeInstaller]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\PCTools]
[HKLM\Software\Pando Networks]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\SONOV]
[HKLM\Software\SRS Labs]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Skype]
[HKLM\Software\SoftAssist]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Sony]
[HKLM\Software\Symantec]
[HKLM\Software\THQ]
[HKLM\Software\Tarma Installer]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\Waves Audio]
[HKLM\Software\Widcomm]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\X-AVCSD]
[HKLM\Software\illiminable]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 01s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/07/2010 - 20:30:02 - [17568529] ----D- C:\Program Files\Apoint
O43 - CFD: 26/12/2009 - 00:41:42 - [23290510] ----D- C:\Program Files\ATI
O43 - CFD: 24/06/2011 - 23:53:28 - [0] ----D- C:\Program Files\Babylon
O43 - CFD: 07/09/2010 - 19:18:28 - [85766494] ----D- C:\Program Files\Common Files
O43 - CFD: 25/12/2009 - 23:49:32 - [679904] ----D- C:\Program Files\DIFX
O43 - CFD: 18/05/2011 - 12:16:04 - [7727936] ----D- C:\Program Files\DivX
O43 - CFD: 02/04/2011 - 21:47:46 - [90256916] ----D- C:\Program Files\DVD Maker
O43 - CFD: 03/07/2010 - 21:22:32 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 28/06/2011 - 23:04:16 - [0] ----D- C:\Program Files\Google
O43 - CFD: 12/08/2011 - 10:39:40 - [6201872] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 03/07/2010 - 20:48:46 - [79707151] ----D- C:\Program Files\Java
O43 - CFD: 26/12/2009 - 04:08:44 - [149237810] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 03/07/2010 - 20:40:38 - [1141526] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 03/07/2010 - 20:29:36 - [16660640] ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 07:32:40 - [36813993] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 03/07/2010 - 21:04:00 - [227084570] ----D- C:\Program Files\Sony
O43 - CFD: 14/08/2011 - 00:50:00 - [60723154] ----D- C:\Program Files\TeamSpeak 3 Client
O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 25/12/2009 - 23:49:38 - [145225849] ----D- C:\Program Files\WIDCOMM
O43 - CFD: 02/04/2011 - 21:47:40 - [4039680] ----D- C:\Program Files\Windows Defender
O43 - CFD: 02/04/2011 - 21:47:44 - [9224824] ----D- C:\Program Files\Windows Journal
O43 - CFD: 22/10/2010 - 23:07:08 - [1059906] ----D- C:\Program Files\Windows Live
O43 - CFD: 02/04/2011 - 21:47:46 - [6667776] ----D- C:\Program Files\Windows Mail
O43 - CFD: 02/04/2011 - 21:47:44 - [7687085] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 03/07/2010 - 21:22:32 - [12627636] ----D- C:\Program Files\Windows NT
O43 - CFD: 02/04/2011 - 21:47:44 - [5516056] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 02/04/2011 - 21:47:44 - [244736] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 02/04/2011 - 21:47:46 - [9066726] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 22/09/2011 - 14:17:42 - [66260414] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 03/07/2010 - 20:50:16 - [6700319] ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 03/07/2010 - 21:22:36 - [12194291] ----D- C:\Program Files\Common Files\System
O43 - CFD: 10/10/2010 - 13:03:40 - [769] ----D- C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 24/03/2011 - 11:44:06 - [1690027] ----D- C:\ProgramData\ArcSoft
O43 - CFD: 19/09/2011 - 22:38:14 - [188] ----D- C:\ProgramData\ATI
O43 - CFD: 12/09/2010 - 12:01:38 - [960447518] ----D- C:\ProgramData\Avira
O43 - CFD: 04/07/2010 - 12:05:12 - [9038] ----D- C:\ProgramData\Blizzard
O43 - CFD: 01/07/2011 - 11:07:28 - [4113046] ----D- C:\ProgramData\Blizzard Entertainment
O43 - CFD: 03/07/2010 - 21:22:32 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 27/01/2011 - 17:33:44 - [173943] --H-D- C:\ProgramData\CanonBJ
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 18/05/2011 - 12:17:04 - [5037480] ----D- C:\ProgramData\DivX
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 20/09/2010 - 10:08:52 - [0] ----D- C:\ProgramData\eMule
O43 - CFD: 03/07/2010 - 20:34:40 - [111994] ----D- C:\ProgramData\Evernote
O43 - CFD: 03/07/2010 - 21:22:32 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 24/06/2011 - 23:52:24 - [526512] ----D- C:\ProgramData\Google
O43 - CFD: 13/06/2011 - 09:59:50 - [3772] ----D- C:\ProgramData\Lucasarts
O43 - CFD: 07/10/2011 - 10:26:18 - [7269044] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 07/09/2010 - 19:18:48 - [25640] ----D- C:\ProgramData\McAfee
O43 - CFD: 20/05/2011 - 21:08:02 - [57398395] ----D- C:\ProgramData\Media Get LLC
O43 - CFD: 03/07/2010 - 21:22:32 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 24/06/2011 - 23:50:38 - [200911087] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 15/09/2011 - 22:10:06 - [105022] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 03/07/2010 - 21:22:32 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 21/05/2011 - 03:18:02 - [155] ----D- C:\ProgramData\Norton
O43 - CFD: 03/02/2011 - 18:30:44 - [355097] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 28/07/2010 - 09:12:50 - [1311] ----D- C:\ProgramData\Partner
O43 - CFD: 02/09/2011 - 18:50:26 - [441] ----D- C:\ProgramData\PMB Files
O43 - CFD: 16/10/2010 - 20:10:16 - [0] ----D- C:\ProgramData\Roxio
O43 - CFD: 03/07/2010 - 20:38:08 - [36] ----D- C:\ProgramData\SiteAdvisor
O43 - CFD: 20/11/2010 - 01:41:44 - [22859823] ----D- C:\ProgramData\Skype
O43 - CFD: 03/07/2010 - 20:48:18 - [632] ----D- C:\ProgramData\Sonic
O43 - CFD: 17/06/2011 - 22:43:58 - [1338024065] ----D- C:\ProgramData\Sony Corporation
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 03/07/2010 - 23:24:34 - [294] ----D- C:\ProgramData\Sun
O43 - CFD: 21/05/2011 - 03:18:00 - [155] ----D- C:\ProgramData\Symantec
O43 - CFD: 03/10/2011 - 23:21:56 - [3496671] ----D- C:\ProgramData\Tarma Installer
O43 - CFD: 24/06/2011 - 23:49:56 - [0] ---AD- C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 03/07/2010 - 20:48:22 - [16918555] ----D- C:\ProgramData\Uninstall
O43 - CFD: 28/07/2011 - 13:55:12 - [3207095] ----D- C:\ProgramData\Xfire
O43 - CFD: 09/11/2010 - 12:36:38 - [720943] ----D- C:\Users\alexandre\AppData\Roaming\Acreon
O43 - CFD: 15/09/2011 - 16:44:36 - [0] ----D- C:\Users\alexandre\AppData\Roaming\Activision
O43 - CFD: 08/07/2010 - 14:35:02 - [2797747] ----D- C:\Users\alexandre\AppData\Roaming\Adobe
O43 - CFD: 11/03/2011 - 20:18:54 - [2766] ----D- C:\Users\alexandre\AppData\Roaming\ArcSoft
O43 - CFD: 03/07/2010 - 21:25:18 - [0] ----D- C:\Users\alexandre\AppData\Roaming\ATI
O43 - CFD: 08/07/2010 - 14:33:30 - [567] ----D- C:\Users\alexandre\AppData\Roaming\Auslogics
O43 - CFD: 05/11/2010 - 19:29:20 - [0] ----D- C:\Users\alexandre\AppData\Roaming\Avira
O43 - CFD: 01/07/2011 - 11:05:52 - [6652788848] ----D- C:\Users\alexandre\AppData\Roaming\BitTorrent
O43 - CFD: 19/11/2010 - 20:14:36 - [18350179] ----D- C:\Users\alexandre\AppData\Roaming\CocoonSoftware
O43 - CFD: 04/06/2011 - 17:36:04 - [1041941] ----D- C:\Users\alexandre\AppData\Roaming\DisneyInteractiveStudios
O43 - CFD: 30/01/2011 - 19:38:40 - [200704] ----D- C:\Users\alexandre\AppData\Roaming\DivX
O43 - CFD: 06/09/2010 - 18:25:18 - [199] ----D- C:\Users\alexandre\AppData\Roaming\dvdcss
O43 - CFD: 03/07/2010 - 23:25:32 - [0] ----D- C:\Users\alexandre\AppData\Roaming\Google
O43 - CFD: 03/07/2010 - 21:24:02 - [0] ----D- C:\Users\alexandre\AppData\Roaming\Identities
O43 - CFD: 03/07/2010 - 23:36:04 - [0] ----D- C:\Users\alexandre\AppData\Roaming\InstallShield
O43 - CFD: 03/07/2010 - 21:25:22 - [302] ----D- C:\Users\alexandre\AppData\Roaming\Intel Corporation
O43 - CFD: 03/07/2010 - 23:28:02 - [54118] ----D- C:\Users\alexandre\AppData\Roaming\Macromedia
O43 - CFD: 07/10/2011 - 10:26:30 - [6900530] ----D- C:\Users\alexandre\AppData\Roaming\Malwarebytes
O43 - CFD: 26/12/2009 - 04:08:44 - [0] ----D- C:\Users\alexandre\AppData\Roaming\Media Center Programs
O43 - CFD: 19/09/2011 - 22:34:20 - [9646388] -S--D- C:\Users\alexandre\AppData\Roaming\Microsoft
O43 - CFD: 16/12/2010 - 19:12:16 - [638418] ----D- C:\Users\alexandre\AppData\Roaming\moovida-1
O43 - CFD: 04/07/2010 - 11:55:42 - [30101092] ----D- C:\Users\alexandre\AppData\Roaming\Mozilla
O43 - CFD: 07/10/2011 - 14:49:48 - [1140259] ----D- C:\Users\alexandre\AppData\Roaming\Mumble
O43 - CFD: 18/05/2011 - 15:19:14 - [61] ----D- C:\Users\alexandre\AppData\Roaming\Registry Mechanic
O43 - CFD: 16/10/2010 - 13:13:00 - [640] ----D- C:\Users\alexandre\AppData\Roaming\Roxio
O43 - CFD: 06/03/2011 - 04:33:36 - [402093] ----D- C:\Users\alexandre\AppData\Roaming\Shareaza
O43 - CFD: 02/07/2011 - 09:06:28 - [5024868] ----D- C:\Users\alexandre\AppData\Roaming\Skype
O43 - CFD: 11/07/2011 - 16:00:44 - [111784] ----D- C:\Users\alexandre\AppData\Roaming\skypePM
O43 - CFD: 06/09/2010 - 20:40:44 - [29876082] ----D- C:\Users\alexandre\AppData\Roaming\Sony Corporation
O43 - CFD: 20/05/2011 - 21:09:48 - [7765] ----D- C:\Users\alexandre\AppData\Roaming\teamspeak2
O43 - CFD: 25/05/2011 - 20:57:46 - [5417418] ----D- C:\Users\alexandre\AppData\Roaming\TS3Client
O43 - CFD: 08/10/2011 - 16:31:24 - [21617225652] ----D- C:\Users\alexandre\AppData\Roaming\uTorrent
O43 - CFD: 03/09/2011 - 21:44:32 - [5056] ----D- C:\Users\alexandre\AppData\Roaming\Ventrilo
O43 - CFD: 29/09/2011 - 18:52:34 - [2716256] ----D- C:\Users\alexandre\AppData\Roaming\vlc
O43 - CFD: 15/05/2011 - 11:47:50 - [593] ----D- C:\Users\alexandre\AppData\Roaming\widestream
O43 - CFD: 12/03/2011 - 09:18:52 - [0] ----D- C:\Users\alexandre\AppData\Roaming\Windows Live Writer
O43 - CFD: 14/02/2011 - 22:59:38 - [12] ----D- C:\Users\alexandre\AppData\Roaming\WinRAR
O43 - CFD: 08/10/2011 - 16:31:28 - [2812] ----D- C:\Users\alexandre\AppData\Roaming\Xfire
O43 - CFD: 09/06/2011 - 18:37:58 - [219906] ----D- C:\Users\alexandre\AppData\Roaming\ZombieDriver
O43 - CFD: 09/11/2010 - 12:37:18 - [0] ----D- C:\Users\alexandre\AppData\Local\._Revolution_
O43 - CFD: 10/10/2010 - 13:03:08 - [87039] ----D- C:\Users\alexandre\AppData\Local\Adobe
O43 - CFD: 03/07/2010 - 21:22:38 - [0] -SH-D- C:\Users\alexandre\AppData\Local\Application Data
O43 - CFD: 11/03/2011 - 20:18:54 - [946] ----D- C:\Users\alexandre\AppData\Local\ArcSoft
O43 - CFD: 03/07/2010 - 21:25:18 - [63038] ----D- C:\Users\alexandre\AppData\Local\ATI
O43 - CFD: 08/07/2010 - 05:41:46 - [0] ----D- C:\Users\alexandre\AppData\Local\Blizzard Entertainment
O43 - CFD: 11/09/2011 - 01:00:34 - [0] ----D- C:\Users\alexandre\AppData\Local\Diagnostics
O43 - CFD: 06/03/2011 - 03:28:30 - [0] ----D- C:\Users\alexandre\AppData\Local\ElevatedDiagnostics
O43 - CFD: 20/09/2010 - 10:08:54 - [0] ----D- C:\Users\alexandre\AppData\Local\eMule
O43 - CFD: 08/07/2010 - 14:32:18 - [50] ----D- C:\Users\alexandre\AppData\Local\Evernote
O43 - CFD: 24/06/2011 - 23:52:26 - [26421557] ----D- C:\Users\alexandre\AppData\Local\Google
O43 - CFD: 03/07/2010 - 21:22:38 - [0] -SH-D- C:\Users\alexandre\AppData\Local\Historique
O43 - CFD: 15/05/2011 - 11:35:12 - [14057] ----D- C:\Users\alexandre\AppData\Local\Ilivid Player
O43 - CFD: 20/05/2011 - 21:08:06 - [271] ----D- C:\Users\alexandre\AppData\Local\MediaGet2
O43 - CFD: 24/06/2011 - 23:50:46 - [323436104] ----D- C:\Users\alexandre\AppData\Local\Microsoft
O43 - CFD: 09/09/2010 - 14:22:10 - [994793] ----D- C:\Users\alexandre\AppData\Local\Microsoft Games
O43 - CFD: 29/05/2011 - 09:33:38 - [16798] ----D- C:\Users\alexandre\AppData\Local\moovida Air
O43 - CFD: 04/07/2010 - 11:55:30 - [52975394] ----D- C:\Users\alexandre\AppData\Local\Mozilla
O43 - CFD: 15/05/2011 - 11:30:40 - [0] ----D- C:\Users\alexandre\AppData\Local\PackageAware
O43 - CFD: 08/10/2011 - 16:40:06 - [140092] ----D- C:\Users\alexandre\AppData\Local\PMB Files
O43 - CFD: 06/09/2010 - 18:25:16 - [405170] ----D- C:\Users\alexandre\AppData\Local\Screamer Radio
O43 - CFD: 05/03/2011 - 20:28:22 - [748908616] ----D- C:\Users\alexandre\AppData\Local\Shareaza
O43 - CFD: 28/07/2010 - 20:03:56 - [532] ----D- C:\Users\alexandre\AppData\Local\Sony Corporation
O43 - CFD: 30/06/2011 - 20:51:22 - [1570] ----D- C:\Users\alexandre\AppData\Local\Sony_Corporation
O43 - CFD: 19/11/2010 - 19:29:28 - [379648] ----D- C:\Users\alexandre\AppData\Local\TeamSpeak 3 Client
O43 - CFD: 08/10/2011 - 16:39:12 - [954550] ----D- C:\Users\alexandre\AppData\Local\Temp
O43 - CFD: 03/07/2010 - 21:22:38 - [0] -SH-D- C:\Users\alexandre\AppData\Local\Temporary Internet Files
O43 - CFD: 24/06/2011 - 23:50:12 - [0] ----D- C:\Users\alexandre\AppData\Local\Unity
O43 - CFD: 14/05/2011 - 09:50:24 - [344342142] ----D- C:\Users\alexandre\AppData\Local\VirtualStore
O43 - CFD: 19/11/2010 - 20:14:16 - [275] ----D- C:\Users\alexandre\AppData\Local\WDSetup
O43 - CFD: 15/05/2011 - 11:47:48 - [11808] ----D- C:\Users\alexandre\AppData\Local\widestream6 Air
O43 - CFD: 06/08/2011 - 13:09:02 - [217569516] ----D- C:\Users\alexandre\AppData\Local\Windows Live
O43 - CFD: 12/03/2011 - 09:18:52 - [0] ----D- C:\Users\alexandre\AppData\Local\Windows Live Writer
O43 - CFD: 12/08/2011 - 10:11:28 - [0] ----D- C:\Users\alexandre\AppData\Local\{02E84E94-22E8-4572-913A-027AA9C07637}
O43 - CFD: 29/06/2011 - 00:38:30 - [0] ----D- C:\Users\alexandre\AppData\Local\{0923D777-63FD-4074-955B-B9C31C529641}
O43 - CFD: 11/09/2011 - 10:21:48 - [0] ----D- C:\Users\alexandre\AppData\Local\{1E2818AD-8467-4E8F-9C42-A86CC4555001}
O43 - CFD: 28/09/2011 - 21:17:34 - [0] ----D- C:\Users\alexandre\AppData\Local\{2317991D-F0BC-49C0-9924-DCDBCC20215B}
O43 - CFD: 29/08/2011 - 23:50:48 - [0] ----D- C:\Users\alexandre\AppData\Local\{24492B7F-711B-4F46-B173-EEBDE93CE4EB}
O43 - CFD: 14/09/2011 - 22:57:26 - [0] ----D- C:\Users\alexandre\AppData\Local\{25813786-6B36-496E-BA21-770E951AD4A6}
O43 - CFD: 21/07/2011 - 20:05:08 - [0] ----D- C:\Users\alexandre\AppData\Local\{37F3F8E6-DB97-4B02-AA89-F903D4815529}
O43 - CFD: 19/09/2011 - 21:00:52 - [0] ----D- C:\Users\alexandre\AppData\Local\{3D508821-6E9C-4A09-B348-7296FF5186C5}
O43 - CFD: 17/04/2011 - 07:12:02 - [0] ----D- C:\Users\alexandre\AppData\Local\{3FF8ADA2-E32E-4AE4-8088-D4C157B7B3B5}
O43 - CFD: 19/09/2011 - 21:00:58 - [0] ----D- C:\Users\alexandre\AppData\Local\{4273B368-3336-453A-85BD-0194A64BFBF0}
O43 - CFD: 11/09/2011 - 10:21:26 - [0] ----D- C:\Users\alexandre\AppData\Local\{4B1F7158-8FC3-4605-8849-B7353CECBF08}
O43 - CFD: 19/09/2011 - 22:43:26 - [0] ----D- C:\Users\alexandre\AppData\Local\{4B218268-9CAC-4176-8DBD-91E1567F60A0}
O43 - CFD: 06/08/2011 - 13:09:02 - [0] ----D- C:\Users\alexandre\AppData\Local\{5330223E-BDF5-4EF6-9479-0153AF6891AB}
O43 - CFD: 19/09/2011 - 22:43:24 - [0] ----D- C:\Users\alexandre\AppData\Local\{5809482F-5DAC-428B-9FDC-0C0965EF5001}
O43 - CFD: 04/06/2011 - 17:25:38 - [0] ----D- C:\Users\alexandre\AppData\Local\{5EC54024-BA93-4C74-B408-ED7A87551B8D}
O43 - CFD: 31/08/2011 - 21:58:44 - [0] ----D- C:\Users\alexandre\AppData\Local\{62E05D10-9083-4D9F-9B8F-8FCA01D04957}
O43 - CFD: 11/07/2011 - 18:02:16 - [0] ----D- C:\Users\alexandre\AppData\Local\{6B192DE8-E233-4338-B148-2BE7BF6ED6F5}
O43 - CFD: 31/08/2011 - 21:58:44 - [0] ----D- C:\Users\alexandre\AppData\Local\{707B2519-C5CE-455E-9BD3-23B28C0578BD}
O43 - CFD: 19/04/2011 - 09:30:40 - [0] ----D- C:\Users\alexandre\AppData\Local\{7227E334-62E6-4898-BC2A-3F4D82BDD6F0}
O43 - CFD: 11/05/2011 - 22:36:58 - [0] ----D- C:\Users\alexandre\AppData\Local\{7232DA39-BBDB-412C-8F45-A1C4143CE298}
O43 - CFD: 28/09/2011 - 20:29:24 - [0] ----D- C:\Users\alexandre\AppData\Local\{74AEDCE6-32FF-4DE1-ABB8-63C49C37C44C}
O43 - CFD: 01/07/2011 - 11:18:06 - [0] ----D- C:\Users\alexandre\AppData\Local\{78B69814-090B-4332-AD30-4057408A8985}
O43 - CFD: 02/06/2011 - 21:24:12 - [0] ----D- C:\Users\alexandre\AppData\Local\{7AB5FDB9-85D0-4542-B2E4-3708F485FE09}
O43 - CFD: 10/08/2011 - 18:10:26 - [0] ----D- C:\Users\alexandre\AppData\Local\{8497B55F-AE30-4206-B995-F51C7D72E8FF}
O43 - CFD: 04/09/2011 - 08:54:46 - [0] ----D- C:\Users\alexandre\AppData\Local\{8A1EDE0D-710A-45F8-944D-F5CB9154C7B2}
O43 - CFD: 15/07/2011 - 10:47:08 - [0] ----D- C:\Users\alexandre\AppData\Local\{8BF8B0AA-786C-4AE2-9064-2B2133D15567}
O43 - CFD: 27/04/2011 - 22:12:32 - [0] ----D- C:\Users\alexandre\AppData\Local\{8DA3B6DA-C68E-422C-9370-8B4EF495A3DA}
O43 - CFD: 07/06/2011 - 19:30:54 - [0] ----D- C:\Users\alexandre\AppData\Local\{90A363EB-FD1A-475C-A17C-228407309BAD}
O43 - CFD: 01/10/2011 - 15:21:44 - [0] ----D- C:\Users\alexandre\AppData\Local\{92911F40-50EB-4F33-9691-75E49591C753}
O43 - CFD: 12/08/2011 - 11:18:48 - [0] ----D- C:\Users\alexandre\AppData\Local\{92DEAF4E-8F3A-4110-B7C5-07033A3C9587}
O43 - CFD: 06/05/2011 - 09:26:22 - [0] ----D- C:\Users\alexandre\AppData\Local\{93111730-EE72-4E07-9D53-C0CCFFF9F3EC}
O43 - CFD: 30/06/2011 - 13:39:22 - [0] ----D- C:\Users\alexandre\AppData\Local\{950D32F3-2ABD-4B27-BF1C-FB8A465AB9B4}
O43 - CFD: 31/08/2011 - 22:01:56 - [0] ----D- C:\Users\alexandre\AppData\Local\{A059A7B1-4CF7-4B01-BB38-2A273E0DE112}
O43 - CFD: 11/08/2011 - 00:06:34 - [0] ----D- C:\Users\alexandre\AppData\Local\{BDED4DBF-BB08-4BC2-99A7-4ABBCD1CE073}
O43 - CFD: 20/04/2011 - 10:47:12 - [0] ----D- C:\Users\alexandre\AppData\Local\{BEC641D2-A8FC-4886-BAF5-718A30F9C351}
O43 - CFD: 29/08/2011 - 23:50:48 - [0] ----D- C:\Users\alexandre\AppData\Local\{C7E254E0-F657-4857-B4EF-625B5018724C}
O43 - CFD: 02/04/2011 - 21:57:06 - [0] ----D- C:\Users\alexandre\AppData\Local\{CDEB0CB6-47C5-4642-94D3-68D569B99602}
O43 - CFD: 28/07/2011 - 13:17:18 - [0] ----D- C:\Users\alexandre\AppData\Local\{CEB83EC9-8BAA-4504-8B16-06ABFC4CFE83}
O43 - CFD: 17/05/2011 - 21:52:26 - [0] ----D- C:\Users\alexandre\AppData\Local\{D4CD8D64-649C-476F-A313-BBAC8F73ADB2}
O43 - CFD: 07/10/2011 - 10:43:34 - [0] ----D- C:\Users\alexandre\AppData\Local\{E453291E-5BCC-4DA0-AFC2-C8F88AC3617B}
O43 - CFD: 30/09/2011 - 19:45:42 - [0] ----D- C:\Users\alexandre\AppData\Local\{E4A426FC-1090-46F3-A16E-AF77562D18A4}
O43 - CFD: 27/07/2011 - 20:00:18 - [0] ----D- C:\Users\alexandre\AppData\Local\{ECC511C6-CAB9-4AD5-B476-57EC0494252B}
O43 - CFD: 15/09/2011 - 16:40:46 - [308011581] ----D- C:\Program Files (x86)\Activision
O43 - CFD: 10/10/2010 - 13:03:36 - [162903726] ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 09/06/2011 - 18:35:56 - [123382454] ----D- C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 03/07/2010 - 20:54:26 - [117350023] ----D- C:\Program Files (x86)\ArcSoft
O43 - CFD: 26/08/2010 - 22:20:56 - [176055890] ----D- C:\Program Files (x86)\Ashampoo
O43 - CFD: 19/09/2011 - 22:37:32 - [91470357] ----D- C:\Program Files (x86)\ATI Technologies
O43 - CFD: 12/09/2010 - 12:01:38 - [148688113] ----D- C:\Program Files (x86)\Avira
O43 - CFD: 24/06/2011 - 23:52:10 - [67916407] ----D- C:\Program Files (x86)\BoontyGames
O43 - CFD: 07/01/2011 - 19:57:54 - [47618945] ----D- C:\Program Files (x86)\CardDetector
O43 - CFD: 04/07/2010 - 15:43:04 - [2902648] ----D- C:\Program Files (x86)\CCleaner
O43 - CFD: 22/09/2011 - 18:54:28 - [792123175] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 04/06/2011 - 17:19:28 - [1009177614] ----D- C:\Program Files (x86)\Disney Interactive Studios
O43 - CFD: 18/05/2011 - 12:17:02 - [105068699] ----D- C:\Program Files (x86)\DivX
O43 - CFD: 14/08/2010 - 18:34:16 - [255697408] ----D- C:\Program Files (x86)\Downloaded Installations
O43 - CFD: 24/06/2011 - 23:51:52 - [0] ----D- C:\Program Files (x86)\Fluendo
O43 - CFD: 10/08/2010 - 04:41:46 - [3297093] ----D- C:\Program Files (x86)\gamigo
O43 - CFD: 28/06/2011 - 23:04:16 - [11726832] ----D- C:\Program Files (x86)\Google
O43 - CFD: 22/09/2011 - 19:19:32 - [207237907] --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 03/07/2010 - 20:26:36 - [37202937] ----D- C:\Program Files (x86)\Intel
O43 - CFD: 07/01/2011 - 19:59:34 - [102806847] ----D- C:\Program Files (x86)\Internet Everywhere
O43 - CFD: 12/08/2011 - 10:39:42 - [5163806] ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 09/06/2011 - 22:24:44 - [90783834] ----D- C:\Program Files (x86)\Java
O43 - CFD: 02/09/2011 - 19:54:10 - [175532841] ----D- C:\Program Files (x86)\Legend of Edda
O43 - CFD: 09/11/2010 - 23:30:18 - [17] ----D- C:\Program Files (x86)\LimeWire
O43 - CFD: 13/06/2011 - 09:57:56 - [615931954] ----D- C:\Program Files (x86)\LucasArts
O43 - CFD: 08/10/2011 - 16:29:46 - [7065528] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 22/10/2010 - 23:09:40 - [526291] ----D- C:\Program Files (x86)\Microsoft
O43 - CFD: 30/06/2011 - 20:51:22 - [378229159] ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 03/07/2010 - 20:43:16 - [7791801] ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 17/06/2011 - 22:33:24 - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 03/07/2010 - 20:56:56 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 17/12/2010 - 23:03:48 - [146453974] ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 08/07/2010 - 16:34:36 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 30/09/2011 - 20:58:56 - [37635503] ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 06/07/2010 - 03:13:46 - [0] ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 30/09/2011 - 21:02:38 - [32512873] ----D- C:\Program Files (x86)\Mumble
O43 - CFD: 06/09/2010 - 18:25:16 - [8418] ----D- C:\Program Files (x86)\MyAshampoo
O43 - CFD: 09/08/2010 - 19:20:44 - [7466286] ----D- C:\Program Files (x86)\Pando Networks
O43 - CFD: 15/09/2011 - 17:48:02 - [1552834127] ----D- C:\Program Files (x86)\Paraworld MP Demo
O43 - CFD: 03/07/2010 - 20:29:26 - [73284233] ----D- C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:40 - [39159041] ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 03/07/2010 - 20:48:10 - [6936228] ----D- C:\Program Files (x86)\Roxio
O43 - CFD: 06/03/2011 - 04:33:42 - [1080672] ----D- C:\Program Files (x86)\Shareaza
O43 - CFD: 20/11/2010 - 01:42:04 - [28291169] R---D- C:\Program Files (x86)\Skype
O43 - CFD: 09/06/2011 - 16:52:10 - [84140] ----D- C:\Program Files (x86)\softendo.com
O43 - CFD: 14/08/2010 - 18:35:38 - [1031841879] ----D- C:\Program Files (x86)\SONY
O43 - CFD: 03/07/2010 - 20:54:18 - [11727811] ----D- C:\Program Files (x86)\Sony Corporation
O43 - CFD: 17/04/2011 - 00:45:06 - [0] ----D- C:\Program Files (x86)\Steganos Internet Anonym Pro 7
O43 - CFD: 20/05/2011 - 21:02:20 - [12539431] ----D- C:\Program Files (x86)\TeamSpeak 3 Client
O43 - CFD: 08/05/2011 - 23:26:34 - [0] ----D- C:\Program Files (x86)\TelevisionFanaticEI
O43 - CFD: 03/07/2010 - 20:29:58 - [0] --H-D- C:\Program Files (x86)\Temp
O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 01/04/2011 - 00:39:08 - [399736] ----D- C:\Program Files (x86)\uTorrent
O43 - CFD: 03/07/2010 - 20:48:26 - [38315223] ----D- C:\Program Files (x86)\VAIO screensavers
O43 - CFD: 03/09/2011 - 21:30:36 - [4533285] ----D- C:\Program Files (x86)\Ventrilo
O43 - CFD: 07/07/2010 - 18:04:14 - [84718031] ----D- C:\Program Files (x86)\VideoLAN
O43 - CFD: 15/05/2011 - 20:13:10 - [116951] ----D- C:\Program Files (x86)\Widestream6
O43 - CFD: 03/07/2010 - 21:22:38 - [524800] ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 30/03/2011 - 22:01:24 - [154224684] ----D- C:\Program Files (x86)\Windows Live
O43 - CFD: 02/04/2011 - 21:47:50 - [6181376] ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 02/04/2011 - 21:47:50 - [5133857] ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 02/04/2011 - 21:47:50 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 02/04/2011 - 21:47:50 - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 02/04/2011 - 21:47:50 - [8016585] ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 14/02/2011 - 22:59:20 - [4149914] ----D- C:\Program Files (x86)\WinRAR
O43 - CFD: 21/11/2010 - 01:28:56 - [18586766] ----D- C:\Program Files (x86)\Xfire
O43 - CFD: 03/10/2011 - 23:21:56 - [194848] ----D- C:\Program Files (x86)\Yontoo Layers Runtime
O43 - CFD: 08/10/2011 - 16:39:42 - [5449256] ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 01/07/2011 - 11:11:32 - [0] ----D- C:\Program Files (x86)\Zombie Driver Demo
O43 - CFD: 10/10/2010 - 13:03:42 - [6247934] ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 08/10/2011 - 16:30:02 - [20703949] ----D- C:\Program Files (x86)\Common Files\Akamai
O43 - CFD: 03/07/2010 - 20:35:02 - [13059229] ----D- C:\Program Files (x86)\Common Files\ArcSoft
O43 - CFD: 01/07/2011 - 11:16:46 - [1707523] ----D- C:\Program Files (x86)\Common Files\Blizzard Entertainment
O43 - CFD: 21/09/2010 - 19:37:28 - [0] ----D- C:\Program Files (x86)\Common Files\Blizzard Entertainment.temp
O43 - CFD: 03/07/2010 - 20:41:52 - [92976] ----D- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 18/05/2011 - 12:15:32 - [24006656] ----D- C:\Program Files (x86)\Common Files\DivX Shared
O43 - CFD: 15/11/2010 - 16:15:46 - [13772082] ----D- C:\Program Files (x86)\Common Files\France Telecom
O43 - CFD: 09/06/2011 - 18:35:20 - [8332343] ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 30/08/2010 - 10:22:18 - [0] ----D- C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 09/06/2011 - 22:25:06 - [1258951] ----D- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 22/10/2010 - 23:06:42 - [255461108] ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 25/12/2009 - 23:56:08 - [166332] ----D- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 03/07/2010 - 20:48:12 - [4868896] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 03/07/2010 - 20:48:12 - [42450782] ----D- C:\Program Files (x86)\Common Files\Roxio Shared
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/03/2011 - 22:03:08 - [2254216] ----D- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 03/07/2010 - 20:48:12 - [1460254] ----D- C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 03/07/2010 - 23:35:02 - [62559724] ----D- C:\Program Files (x86)\Common Files\Sony Shared
O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 17/05/2011 - 00:35:18 - [0] ----D- C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 03/07/2010 - 21:22:38 - [44257903] ----D- C:\Program Files (x86)\Common Files\System
O43 - CFD: 03/07/2010 - 20:54:46 - [211047928] ----D- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 03/09/2011 - 21:29:14 - [37307904] ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard
~ Scan Program Folder in 00mn 54s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0353A8B94C132DE68F1A8300DCC62358] - 08/10/2011 - 15:34:28 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1633863]
O44 - LFC:[MD5.5216AF028CF3A7C21835E416A7745835] - 08/10/2011 - 15:29:52 ---A- . (...) -- C:\Windows\setupact.log [85985]
O44 - LFC:[MD5.A4DE2C4339E725CE8D3651A869556111] - 08/10/2011 - 15:29:51 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D35094E97B0622D4758AD80CEC5458F6] - 08/10/2011 - 15:28:13 ---A- . (.Pas de propriétaire - Setup/Uninstall.) -- C:\Windows\isRS-000.tmp [709968]
O44 - LFC:[MD5.71C8BE291383C44818AF3D1DABE78BEA] - 08/10/2011 - 15:24:49 ---A- . (...) -- C:\AdwCleaner[S3].txt [1666]
O44 - LFC:[MD5.C7388F6B6F16D735CD6B658EB2B9F59F] - 08/10/2011 - 15:24:42 ---A- . (...) -- C:\AdwCleaner[S2].txt [3153]
O44 - LFC:[MD5.66A3E80D336C89FD4D0D5C28AFA32054] - 08/10/2011 - 15:24:19 ---A- . (...) -- C:\AdwCleaner[R3].txt [2983]
O44 - LFC:[MD5.0F100A817BBE590F427AA1B3A04F2CE7] - 08/10/2011 - 11:01:01 ---A- . (...) -- C:\AdwCleaner[R2].txt [2884]
O44 - LFC:[MD5.A6D15F15A40EDAEBDC626C62CBB41B45] - 07/10/2011 - 20:09:00 ---A- . (...) -- C:\TDSSKiller.2.6.6.0_07.10.2011_20.56.17_log.txt [161402]
O44 - LFC:[MD5.417DCE43A3F4F92B3494FC60D0B31C36] - 07/10/2011 - 17:01:42 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.1723419D201C6CBD9F1B245C290AD7F9] - 07/10/2011 - 12:52:55 ---A- . (...) -- C:\AdwCleaner[S1].txt [57899]
O44 - LFC:[MD5.5FED6CDD98A9621D5E6E8A6C6C1B7B02] - 07/10/2011 - 12:49:56 ---A- . (...) -- C:\AdwCleaner[R1].txt [59892]
O44 - LFC:[MD5.5F23C35073D77C5DC42D870A0A43F193] - 07/10/2011 - 09:36:53 ---A- . (...) -- C:\Windows\PFRO.log [469200]
O44 - LFC:[MD5.23A854450DAB5C9B7A42AB9BE6F2E4BD] - 07/10/2011 - 09:26:12 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25416]
O44 - LFC:[MD5.756EE1F4F8DEC98F7747C1DEB77A33EB] - 04/10/2011 - 08:41:22 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700]
O44 - LFC:[MD5.86BA72DC1A08E65F02D47E28961AF83C] - 04/10/2011 - 08:41:22 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106388]
O44 - LFC:[MD5.B7CE0E41E516B973CDA929ED2FE077DA] - 04/10/2011 - 08:41:22 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130754]
O44 - LFC:[MD5.5966F1F18064AD939C0DB6F032340517] - 04/10/2011 - 08:41:22 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616008]
O44 - LFC:[MD5.B66E859EA71CE9C48A8E29AAE322B6E3] - 04/10/2011 - 08:41:22 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704480]
O44 - LFC:[MD5.756EE1F4F8DEC98F7747C1DEB77A33EB] - 04/10/2011 - 08:41:22 RSHAD . (...) -- C:\Windows\system32\PerfStringBackup.INI [1549700]
O44 - LFC:[MD5.86BA72DC1A08E65F02D47E28961AF83C] - 04/10/2011 - 08:41:22 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [106388]
O44 - LFC:[MD5.B7CE0E41E516B973CDA929ED2FE077DA] - 04/10/2011 - 08:41:22 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [130754]
O44 - LFC:[MD5.5966F1F18064AD939C0DB6F032340517] - 04/10/2011 - 08:41:22 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [616008]
O44 - LFC:[MD5.B66E859EA71CE9C48A8E29AAE322B6E3] - 04/10/2011 - 08:41:22 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [704480]
O44 - LFC:[MD5.4950BEC113AB480076672B7F0B09BBE1] - 15/09/2011 - 16:49:14 ---A- . (...) -- C:\Windows\DirectX.log [359909]
O44 - LFC:[MD5.5B9F347A3CC54CC9EF04132A4674C783] - 11/09/2011 - 10:28:45 ---A- . (...) -- C:\test.xml [37227]
O44 - LFC:[MD5.36932522D014499D7F7B1BB921D05842] - 10/09/2011 - 09:44:25 ---A- . (.InstallShield Software Corporation - InstallShield® unInstaller.) -- C:\Windows\IsUn040c.exe [327168]
~ Scan Files in 00mn 59s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Internet Everywhere\IEWCH_8.0\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA.) -- C:\Program Files (x86)\Internet Everywhere\IEWCH_8.0\Connectivity\ConnectivityManager.exe
~ Scan Keys in 00mn 00s

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{4ff14968-8848-11df-a182-0024bebff95b}\AutoRun\command. (...) -- G:\MicroLauncher.exe (.not file.)
O51 - MPSK:{b2b5476b-ec38-11df-b728-0024bebff95b}\AutoRun\command. (...) -- G:\MicroLauncher.exe (.not file.)
O51 - MPSK:{b2b5479e-ec38-11df-b728-0024bebff95b}\AutoRun\command. (...) -- G:\MicroLauncher.exe (.not file.)
O51 - MPSK:{bdcbde47-14ef-11e0-a816-0024bebff95b}\AutoRun\command. (...) -- G:\MicroLauncher.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.XFR1"="xfcodec64.dll" . (.Pas de propriétaire - Xfire Video Codec.) -- C:\Windows\system32\xfcodec64.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"xfcodec64.dll"="Xfire video codec [XFR1]" . (.Pas de propriétaire - Xfire Video Codec.) -- C:\Windows\system32\xfcodec64.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 10/06/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]
O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]
O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]
O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 27/04/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]
O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 10/06/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]
O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 27/04/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]
O58 - SDL:[MD5.1661F9C9E4B0049FA0A5E30264375A87] - 16/11/2009 - 10:59:59 RSHAD . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\system32\drivers\Apfiltr.sys [253488]
O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]
O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]
O58 - SDL:[MD5.C130BC4A51B1382B2BE8E44579EC4C0A] - 03/07/2010 - 13:32:04 RSHAD . (.ArcSoft, Inc. - For X64.) -- C:\Windows\system32\drivers\ArcSoftKsUFilter.sys [19968]
O58 - SDL:[MD5.0ACC06FCF46F64ED4F11E57EE461C1F4] - 25/12/2009 - 21:06:44 RSHAD . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athrx.sys [1542656]
O58 - SDL:[MD5.EA244A8B88DE8B5986BF3B7903B063AF] - 19/09/2011 - 07:55:08 RSHAD . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [6661120]
O58 - SDL:[MD5.DCA6E341A4A7C31EA8A14C6166C9B249] - 19/09/2011 - 07:55:08 RSHAD . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [195584]
O58 - SDL:[MD5.B1224E6B086CD6548315B04AB575A23E] - 12/09/2010 - 11:21:42 RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [88288]
O58 - SDL:[MD5.ED45F12CFA62B83765C9C1496758CC87] - 05/11/2010 - 11:21:42 RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [123784]
O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]
O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]
O58 - SDL:[MD5.6E04458E98DAF28826482E41A7A62DF5] - 25/12/2009 - 05:30:21 RSHAD . (.Broadcom Corporation. - Widcomm Bluetooth USB Filter for Windows XP.) -- C:\Windows\system32\drivers\btusbflt.sys [52264]
O58 - SDL:[MD5.4BDBDB86ABBA924E029FB2683BE7C505] - 25/12/2009 - 05:30:32 RSHAD . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\system32\drivers\btwaudio.sys [98344]
O58 - SDL:[MD5.5C849BD7C78791C5CEE9F4651D7FE38D] - 25/12/2009 - 05:30:32 RSHAD . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\system32\drivers\btwavdt.sys [132648]
O58 - SDL:[MD5.6149301DC3F81D6F9667A3FBAC410975] - 25/12/2009 - 05:23:46 RSHAD . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\system32\drivers\btwl2cap.sys [35104]
O58 - SDL:[MD5.3E1991AFA851A36DC978B0A1B0535C8B] - 25/12/2009 - 05:30:44 RSHAD . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\system32\drivers\btwrchid.sys [21160]
O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]
O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 10/06/2009 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]
O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]
O58 - SDL:[MD5.1F24CF1F7DB6D4461AC65A86DB8E4BC2] - 05/07/2010 - 12:04:26 RSHAD . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbfake.sys [116224]
O58 - SDL:[MD5.4B5C07DB91A0099272FAAE732E1152BD] - 05/07/2010 - 12:04:26 RSHAD . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbmdm.sys [116864]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 14/07/2009 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.B6AC71AAA2B10848F57FC49D55A651AF] - 25/12/2009 - 21:06:07 RSHAD . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\system32\drivers\HECIx64.sys [56344]
O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 01/04/2011 - 14:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]
O58 - SDL:[MD5.073A606333B6F7BBF20AA856DF7F0997] - 25/12/2009 - 00:09:48 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys [537112]
O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 27/04/2011 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]
O58 - SDL:[MD5.31D1AFF484D8A0906CF8D44251EC390F] - 25/12/2009 - 21:03:04 RSHAD . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd64.sys [7778176]
O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 13/07/2009 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]
O58 - SDL:[MD5.36FDF367A1DABFF903E2214023D71368] - 25/12/2009 - 21:08:21 RSHAD . (.Intel Corporation - Intel(R) Turbo Boost Technology Driver.) -- C:\Windows\system32\drivers\Impcd.sys [151936]
O58 - SDL:[MD5.408B401CD7CDB075C7470B0FF7BA8D0B] - 25/12/2009 - 21:03:59 RSHAD . (.Intel(R) Corporation - Intel(R) Display HD Audio driver.) -- C:\Windows\system32\drivers\IntcDAud.sys [244736]
O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]
O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]
O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]
O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]
O58 - SDL:[MD5.23A854450DAB5C9B7A42AB9BE6F2E4BD] - 07/10/2011 - 16:00:50 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25416]
O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 10/06/2009 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]
O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]
O58 - SDL:[MD5.4A1C21576FB7F96F4DBDEA627FFDA775] - 17/02/2010 - 15:52:42 RSHAD . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\system32\drivers\mfeavfk.sys [102472]
O58 - SDL:[MD5.9E0AC52B3232FF8DC65FEE1A9C2FE8D1] - 17/02/2010 - 15:52:42 RSHAD . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) -- C:\Windows\system32\drivers\mfehidk.sys [308296]
O58 - SDL:[MD5.624D717B11E5004F68442B5740F17F21] - 04/07/2010 - 15:45:32 RSHAD . (.McAfee, Inc. - VSCore Code Analysis Driver.) -- C:\Windows\system32\drivers\mferkdk.sys [40904]
O58 - SDL:[MD5.0CD9DE7B96735F33F078C4EA044E8B34] - 17/02/2010 - 15:52:42 RSHAD . (.McAfee, Inc. - System Monitor Filter Driver.) -- C:\Windows\system32\drivers\mfesmfk.sys [49480]
O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 13/07/2009 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]
O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 27/04/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]
O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 27/04/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]
O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 10/06/2009 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]
O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 13/07/2009 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]
O58 - SDL:[MD5.5CA4ABD888B602551B59BAA26941C167] - 25/12/2009 - 21:27:30 RSHAD . (.REDC - RICOH MS Driver.) -- C:\Windows\system32\drivers\rimssne64.sys [93696]
O58 - SDL:[MD5.BB6E138AEB351728959DA5E2731D8140] - 25/12/2009 - 21:09:08 RSHAD . (.REDC - RICOH PCIe SD/MMC Driver.) -- C:\Windows\system32\drivers\risdsne64.sys [75776]
O58 - SDL:[MD5.4E821C740A675F6D040BE41D59A62B1D] - 03/07/2010 - 03:49:48 RSHAD . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RtHDMIVX.sys [213280]
O58 - SDL:[MD5.0F144E5F46CB9043004B5E84AA4BCA6A] - 03/07/2010 - 06:08:00 RSHAD . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2212640]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 14/07/2009 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]
O58 - SDL:[MD5.70F9C476B62DE4F2823E918A6C181ADE] - 25/12/2009 - 21:09:21 RSHAD . (.Sony Corporation - Sony Firmware Extension Parser driver.) -- C:\Windows\system32\drivers\SFEP.sys [11392]
O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 10/06/2009 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]
O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 13/07/2009 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]
O58 - SDL:[MD5.1A006963644C7FDE5BE60036F3A43E68] - 20/10/2010 - 14:33:36 RSHAD . (.EnTech Taiwan - TVicHW32 driver for Windows XP 64-bit edition.) -- C:\Windows\system32\drivers\TVicHW64.sys [21200]
O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]
O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 10/06/2009 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]
O58 - SDL:[MD5.64F88AF327AA74E03658AE32B48CCB8B] - 25/12/2009 - 21:16:19 RSHAD . (...) -- C:\Windows\system32\drivers\yk62x64.sys [395264]
O58 - SDL:[MD5.0905DC0814D738CFF53577A59CCD81E0] - 08/10/2011 - 15:32:02 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys [41272]
O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 12/09/2010 - 09:11:52 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\SysWOW64\drivers\ssmdrv.sys [28520]
~ Scan Drivers in 00mn 03s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 08/10/2010 - C:\Windows\system32\DRIVERS\atikmdag.sys - No object(No service) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 31/08/2011 - C:\Windows\system32\DRIVERS\avgntflt.sys - No object(No service) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 31/08/2011 - C:\Windows\system32\DRIVERS\avipbb.sys - No object(No service) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - ??/??/???? - C:\Windows\system32\drivers\EagleX64.sys (.not file.) - No object (No service) .(...) - LEGACY_EAGLEX64
O64 - Services: CurCS - 31/08/2011 - C:\Windows\system32\drivers\mbam.sys - No object(No service) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 17/02/2010 - C:\Windows\system32\drivers\mfeavfk.sys - No object(No service) .(.McAfee, Inc. - Anti-Virus File System Filter Driver.) - LEGACY_MFEAVFK
O64 - Services: CurCS - 17/02/2010 - C:\Windows\system32\drivers\mfehidk.sys - No object(No service) .(.McAfee, Inc. - Host Intrusion Detection Link Driver.) - LEGACY_MFEHIDK
O64 - Services: CurCS - 17/02/2010 - C:\Windows\system32\drivers\mfesmfk.sys - No object(No service) .(.McAfee, Inc. - System Monitor Filter Driver.) - LEGACY_MFESMFK
O64 - Services: CurCS - 20/10/2010 - C:\Windows\system32\DRIVERS\TVICHW64.sys - No object(No service) .(.EnTech Taiwan - TVicHW32 driver for Windows XP 64-bit editi.) - LEGACY_TVICHW64
~ Scan Services in 00mn 02s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - http://search.babylon.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {72BC804A-EC86-4BCA-8FE9-2CE37490401D} - (Zinio) - http://www.zinio.com
O69 - SBI: SearchScopes [HKCU] {74A639E4-F5C0-469D-99C7-94E28DD6FDE6} - (eBay) - http://rover.ebay.com
O69 - SBI: SearchScopes [HKCU] {8A96AF9E-4074-43b7-BEA3-87217BDA7406} - (Web Search) - http://www.searchqu.com
O69 - SBI: SearchScopes [HKCU] {a5b9c0f5-5616-47cd-a95f-e43b488faccf} - (My Web Search) - http://search.mywebsearch.com
O69 - SBI: SearchScopes [HKCU] {D541DE62-A717-4370-9637-6F1257D6963C} [DefaultScope] - (Google) - http://www.google.com
~ Scan Keys in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.ED92900BF225E26A4E54C2C14FA1424F] [SPRF][09/09/2011] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\alexandre\AppData\Local\Temp\AskSLib.dll [246440]
~ Scan Files in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{1D1983D5-D795-43E8-B5E9-6398B31884A7}" |In - Private - P6 - TRUE | .(...) -- C:\Users\alexandre\AppData\Local\Temp\Blizzard Installer Bootstrap - 001253f9\Installer.exe (.not file.)
O87 - FAEL: "{44F52119-2FD9-4900-A2D1-A914A28C21F5}" |In - Private - P17 - TRUE | .(...) -- C:\Users\alexandre\AppData\Local\Temp\Blizzard Installer Bootstrap - 001253f9\Installer.exe (.not file.)
O87 - FAEL: "{26C9AB9D-6C45-49C8-A8AD-C3CD12169310}" |In - Public - P6 - TRUE | .(...) -- C:\Users\alexandre\AppData\Local\Temp\Blizzard Installer Bootstrap - 001feb67\Installer.exe (.not file.)
O87 - FAEL: "{98C3C621-3614-4291-84AA-7A7A991447E9}" |In - Public - P17 - TRUE | .(...) -- C:\Users\alexandre\AppData\Local\Temp\Blizzard Installer Bootstrap - 001feb67\Installer.exe (.not file.)
O87 - FAEL: "{CDC5CA40-BAB0-4992-8039-091D6126F1BA}" |In - Public - P6 - TRUE | .(...) -- C:\jeux\World of Warcraft.temp\World of Warcraft\WoW-3.2.0-frFR-downloader.exe (.not file.)
O87 - FAEL: "{02D41E5D-CBE4-4BDB-BD1F-7E2235EB589E}" |In - Public - P17 - TRUE | .(...) -- C:\jeux\World of Warcraft.temp\World of Warcraft\WoW-3.2.0-frFR-downloader.exe (.not file.)
O87 - FAEL: "TCP Query User{04A5BE5F-62C6-4C04-9A78-AD0B51F70441}C:\utilitaire\bittorrent\bittorrent.exe" |In - Private - P6 - TRUE | .(...) -- C:\utilitaire\bittorrent\bittorrent.exe (.not file.)
O87 - FAEL: "UDP Query User{3CAEF869-9447-46FC-947A-0FDB9516CDCA}C:\utilitaire\bittorrent\bittorrent.exe" |In - Private - P17 - TRUE | .(...) -- C:\utilitaire\bittorrent\bittorrent.exe (.not file.)
O87 - FAEL: "TCP Query User{7207A6BD-0EB5-40A2-A420-6B6DABCD87DD}C:\utilitaire\emule\emule.exe" |In - Private - P6 - TRUE | .(...) -- C:\utilitaire\emule\emule.exe (.not file.)
O87 - FAEL: "UDP Query User{E6BDE606-7109-4638-BC13-6C421D1DB330}C:\utilitaire\emule\emule.exe" |In - Private - P17 - TRUE | .(...) -- C:\utilitaire\emule\emule.exe (.not file.)
O87 - FAEL: "TCP Query User{438113C2-775D-4839-983C-5468BA45E2DE}C:\users\public\games\world of warcraft\launcher.exe" | In - Private - P6 - TRUE | .(.Blizzard Entertainment.) -- C:\users\public\games\world of warcraft\launcher.exe
O87 - FAEL: "UDP Query User{5F611698-B85F-4D27-AA69-E8A05C9F213E}C:\users\public\games\world of warcraft\launcher.exe" | In - Private - P17 - TRUE | .(.Blizzard Entertainment.) -- C:\users\public\games\world of warcraft\launcher.exe
O87 - FAEL: "{2F2C8A16-90E3-4D58-92B4-4618F6E1E5D5}" | In - Private - P6 - TRUE | .(.Blizzard Entertainment - Blizzard Downloader.) -- C:\Users\Public\Games\World of Warcraft\WoW-3.2.0-frFR-downloader.exe
O87 - FAEL: "{AD663400-1CAA-4F32-A637-E1887FB76FFD}" | In - Private - P17 - TRUE | .(.Blizzard Entertainment - Blizzard Downloader.) -- C:\Users\Public\Games\World of Warcraft\WoW-3.2.0-frFR-downloader.exe
O87 - FAEL: "TCP Query User{AD14E675-FA91-4F9C-8BEA-D7CCC5F71DC4}C:\users\alexandre\downloads\ptr-installer-4.0.0.12824-frfr-downloader.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\alexandre\downloads\ptr-installer-4.0.0.12824-frfr-downloader.exe
O87 - FAEL: "UDP Query User{ED6A71A6-8AAD-40C0-8147-9505C4AF81F5}C:\users\alexandre\downloads\ptr-installer-4.0.0.12824-frfr-downloader.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\alexandre\downloads\ptr-installer-4.0.0.12824-frfr-downloader.exe
O87 - FAEL: "TCP Query User{611C349E-7176-4584-9C96-B56673B1F7D9}C:\utilitaire\bittorrent\bittorrent.exe" |In - Public - P6 - TRUE | .(...) -- C:\utilitaire\bittorrent\bittorrent.exe (.not file.)
O87 - FAEL: "UDP Query User{5558B03D-941F-426F-B92E-6FA0D2B3004B}C:\utilitaire\bittorrent\bittorrent.exe" |In - Public - P17 - TRUE | .(...) -- C:\utilitaire\bittorrent\bittorrent.exe (.not file.)
O87 - FAEL: "{2C5E5DE6-C4AC-4C32-BB24-AA0C616416E6}" | In - Public - P6 - TRUE | .(.Blizzard Entertainment - Blizzard Launcher.) -- C:\Users\Public\Games\World of Warcraft\Launcher.exe
O87 - FAEL: "{650E007E-CF9D-405B-AC95-5EE85A4E4B41}" | In - Public - P17 - TRUE | .(.Blizzard Entertainment - Blizzard Launcher.) -- C:\Users\Public\Games\World of Warcraft\Launcher.exe
O87 - FAEL: "{B35C7F8D-F5FE-4592-B69B-5AED649F9D2A}" |In - Public - P6 - TRUE | .(...) -- C:\Users\Public\Games\World of Warcraft\Launcher.patch.exe (.not file.)
O87 - FAEL: "{6C9D1CC9-937B-4FA0-AA0B-8632D333EB53}" |In - Public - P17 - TRUE | .(...) -- C:\Users\Public\Games\World of Warcraft\Launcher.patch.exe (.not file.)
O87 - FAEL: "{76580737-279B-4C9F-976A-86316DBBAC31}" |In - Private - P6 - TRUE | .(...) -- C:\Users\Public\Games\World of Warcraft\Launcher.patch.exe (.not file.)
O87 - FAEL: "{EB08B8C2-75AE-4E0C-89B9-6E565DCB234D}" |In - Private - P17 - TRUE | .(...) -- C:\Users\Public\Games\World of Warcraft\Launcher.patch.exe (.not file.)
O87 - FAEL: "{14813F52-F467-4E07-A0A3-949DD138111A}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O87 - FAEL: "{7A71B612-2F7B-4938-A3D1-C8FD070E0686}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{B6EFAAE3-8F50-4AB0-85A5-0C481BC1D992}C:\program files (x86)\limewire\limewire.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\limewire\limewire.exe (.not file.)
O87 - FAEL: "UDP Query User{4AFDF86E-046F-45E9-9D21-FF3E240FB0D5}C:\program files (x86)\limewire\limewire.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\limewire\limewire.exe (.not file.)
O87 - FAEL: "{525CCE4A-6D1A-488D-AE97-A9D787273D32}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O87 - FAEL: "TCP Query User{513068AB-959E-4465-AA5C-8DC0E0853FC9}C:\program files (x86)\xfire\xfire.exe" | In - Private - P6 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\program files (x86)\xfire\xfire.exe
O87 - FAEL: "UDP Query User{9699184C-AB75-40C2-93E5-7D48FB60E650}C:\program files (x86)\xfire\xfire.exe" | In - Private - P17 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\program files (x86)\xfire\xfire.exe
O87 - FAEL: "TCP Query User{70A3FCD6-AB02-4D87-94F4-F046DEC74664}C:\program files (x86)\xfire\xfire.exe" | In - Public - P6 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\program files (x86)\xfire\xfire.exe
O87 - FAEL: "UDP Query User{FD44B265-E8D6-48F2-AD63-1BD03FD07D8B}C:\program files (x86)\xfire\xfire.exe" | In - Public - P17 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\program files (x86)\xfire\xfire.exe
O87 - FAEL: "{86818FE8-1F89-4692-9894-AD33829A8F18}" | In - Domain - P17 - TRUE | .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
O87 - FAEL: "{82ADC85B-9CD7-46C1-A911-69E21D953D94}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\StarCraft II Demo\StarCraft II.exe (.not file.)
O87 - FAEL: "{AB6D6180-2AF3-4DC2-806E-6412D402E352}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\StarCraft II Demo\StarCraft II.exe (.not file.)
O87 - FAEL: "{624378E8-41A7-4848-B96B-640DB144678E}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\SweetIM\Messenger\update\sweetimsetup.exe (.not file.)
O87 - FAEL: "{F8CD753D-F1A3-4C8C-B2D4-FABB37F46F4E}" |In - Public - P17 - TRUE | .(...) -- C:\ProgramData\SweetIM\Messenger\update\sweetimsetup.exe (.not file.)
O87 - FAEL: "{830303F5-851F-4147-B011-138195045305}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\dtUser.exe (.not file.)
O87 - FAEL: "{232DFAA6-3AC0-4348-BC8B-D583B021E121}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\dtUser.exe (.not file.)
O87 - FAEL: "{B17D211B-4D01-4BC3-B336-221A1AAFF4C7}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{4AC2E865-9089-40DF-8174-14320E0EDAB6}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{3ABD31FA-61B3-4AF1-8829-6B7125C5A119}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{A307F4B6-3B61-4C15-837C-80738A87FB16}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{BBB93AA1-7FEB-4271-BAFA-55D4F23426F4}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{CBA7179B-474C-4B90-8AB4-F3037B7DF949}" | In - Public - P6 - TRUE | .(.Flagship Industries, Inc. - Ventrilo Client Program.) -- C:\Program Files (x86)\Ventrilo\Ventrilo.exe
O87 - FAEL: "{B51DE0F4-5B36-4F23-9BCC-6F92CF7F8A4F}" | In - Public - P17 - TRUE | .(.Flagship Industries, Inc. - Ventrilo Client Program.) -- C:\Program Files (x86)\Ventrilo\Ventrilo.exe
~ Scan Firewall in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 8700 - (05/10/2011)
Clés trouvées (Keys found) : 11
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 15
Fichiers trouvés (Files found) : 0

[HKLM\Software\Classes\Applications\iMeshV10.exe] =>PUP.iMesh
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}] =>Toolbar.Babylon
[HKCU\Software\Ask.com.tmp] =>Toolbar.Ask
[HKCU\Software\DataMngr_Toolbar] =>Toolbar.Agent
[HKCU\Software\AppDataLow\Software\Fun Web Products] =>Adware.MyWebSearch
[HKCU\Software\FunWebProducts] =>Adware.MyWebSearch
[HKCU\Software\AppDataLow\Software\FunWebProducts] =>Adware.MyWebSearch
[HKCU\Software\ilivid] =>Adware.Bandoo
[HKCU\Software\Spointer] =>Adware.SPointer
[HKCU\Software\SweetIM] =>Toolbar.SweetIM
[HKCU\Software\WideStream] =>Adware.SPointer
C:\Program Files\Babylon =>Toolbar.Babylon
C:\ProgramData\Media Get LLC =>PUP.MediaGet
C:\Users\alexandre\AppData\Roaming\teamspeak2 =>Toolbar.Conduit
C:\Users\alexandre\AppData\Roaming\Widestream =>Adware.SPointer
C:\Users\alexandre\AppData\Local\MediaGet2 =>PUP.MediaGet
C:\Users\alexandre\AppData\Local\moovida air =>Adware.SPointer
C:\Users\alexandre\AppData\Local\widestream6 Air =>Adware.SPointer
C:\Users\alexandre\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon
C:\Users\alexandre\AppData\LocalLow\FunWebProducts =>Adware.MyWebSearch
C:\Users\alexandre\AppData\LocalLow\MyWebSearch =>Adware.MyWebSearch
C:\Users\alexandre\AppData\LocalLow\SweetIM =>Toolbar.SweetIM
C:\Program Files (x86)\Widestream6 =>Adware.SPointer
~ Scan Additionnel in 00mn 42s



---\\ Recherche détournement de DNS routeur (O89)
Serveur : UnKnown
Address: 192.168.2.1
Nom : www.l.google.com
Addresses: 74.125.39.104
74.125.39.105
74.125.39.103
74.125.39.106
74.125.39.99
74.125.39.147
Aliases: www.google.fr
www.google.com
~ Scan DNS in 00mn 02s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 21/03/2011 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 19/09/2011 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe
SR - | Auto 12/09/2010 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 12/09/2010 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 25/12/2009 873248 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 07/01/2011 90112 | (FTRTSVC) . (.France Telecom SA.) - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
SR - | Auto 25/12/2009 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SS - | Demand 09/06/2011 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Auto 25/12/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 08/10/2011 366152 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 03/07/2010 360224 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
SS - | Demand 03/07/2010 313840 | (Roxio UPnP Renderer 10) . (.Sonic Solutions.) - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
SS - | Auto 03/07/2010 362992 | (Roxio Upnp Server 10) . (.Sonic Solutions.) - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
SS - | Demand 03/07/2010 120104 | (SOHCImp) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
SS - | Demand 03/07/2010 70952 | (SOHDBSvr) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
SS - | Demand 03/07/2010 427304 | (SOHDms) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
SS - | Demand 03/07/2010 75048 | (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Demand 03/07/2010 91432 | (SOHPlMgr) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
SR - | Auto 03/07/2010 104960 | (uCamMonitor) . (.ArcSoft, Inc..) - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
SR - | Auto 25/12/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Demand 03/07/2010 69632 | (VAIO Entertainment TV Device Arbitration Service) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResour
SR - | Auto 09/08/2010 205168 | (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
SR - | Demand 03/07/2010 571248 | (VAIO Power Management) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
SR - | Auto 03/07/2010 642416 | (VCFw) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SR - | Auto 03/07/2010 529776 | (VcmIAlzMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
SS - | Demand 03/07/2010 361840 | (VcmINSMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
SS - | Demand 03/07/2010 115568 | (VcmXmlIfHelper) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
SR - | Demand 08/06/2011 44736 | (VCService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCService.exe
SR - | Auto 19/09/2010 845312 | (VSNService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
SR - | Demand 17/06/2011 1021840 | (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
SR - | Auto 03/07/2010 206336 | (VzCdbSvc) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe
~ Scan Services in 00mn 04s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by alexandre at 08/10/2011 16:42:57

device: opened successfully
user: error reading MBR

Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ Scan MBR in 00mn 06s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by alexandre at 08/10/2011 16:42:59

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 08s



End of the scan (1560 lines in 03mn 34s)(0)


s est le derniere

Il reste encore de belles traces d'infection sur ce PC

Attention le temps de téléchargement du script a été limité à 4 jours

• Clique sur sugus71
• Sur la page qui s'ouvre clic droit et Tout sélectionner
• Refais un clic droit et Copier
• Double clique sur ZHPFix qui est sur le bureau.
  
  • Pour Vista et Seven fais un clic droit sur le raccourci de ZHPFix et Exécuter en tant qu'adminstrateur
  • Clique maintenant sur le (coller les lignes helper)
  • Le texte copié dans le presse papiers s'affichera dans la fenêtre de ZHPFix
  • Clique sur patiente le temps du traitement
• Un rapport nommé ZHPFix[R1].txt sera créé et sauvegardé sur le bureau poste son contenu dans ta prochaine réponse
• Ce rapport se trouve aussi ici C:\ZHP\ZHPFix[R1].txt
• Redémarre ton PC et poste le rapport de ZHPFix

# AdwCleaner v1.310 - Rapport créé le 09/10/2011 à 18:50:21
# Mis à jour le 07/10/11 à 19h par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : alexandre - ALEXANDRE-VAIO (Administrateur)
# Exécuté depuis : C:\Users\alexandre\Downloads\adwcleaner.exe
# Option [Suppression]


***** [KillNav] *****

# firefox.exe [PID:5892] -> Tué

***** [Processus] *****


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Users\alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\5gnfjeww.default\SweetIMToolbarData

***** [Registre] *****


***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v7.0.1 (fr)

Profil : 5gnfjeww.default
Fichier : C:\Users\alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\5gnfjeww.default\prefs.js

Supprimée : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");
Supprimée : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Supprimée : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Supprimée : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Supprimée : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Supprimée : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Supprimée : user_pref("sweetim.toolbar.mode.debug", "false");
Supprimée : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Supprimée : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");
Supprimée : user_pref("sweetim.toolbar.search.history.capacity", "10");
Supprimée : user_pref("sweetim.toolbar.simapp_id", "{40430D54-F79E-11DF-9273-0024BEBFF95B}");

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\alexandre\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [59892 octets] - [07/10/2011 13:49:55]
AdwCleaner[S1].txt - [57899 octets] - [07/10/2011 13:52:28]
AdwCleaner[R2].txt - [2884 octets] - [08/10/2011 12:01:01]
AdwCleaner[R3].txt - [2983 octets] - [08/10/2011 16:24:18]
AdwCleaner[S2].txt - [3153 octets] - [08/10/2011 16:24:31]
AdwCleaner[S3].txt - [1666 octets] - [08/10/2011 16:24:45]
AdwCleaner[S4].txt - [2954 octets] - [09/10/2011 18:50:21]

*************************

Dossier Temporaire : 6 dossier(s) et 6 fichier(s) supprimé(s)

########## EOF - C:\AdwCleaner[S4].txt - [3176 octets] ##########

M3 - MFPP: Plugins - [alexandre] -- C:\Users\alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\5gnfjeww.default\searchplugins\mywebsearch.xml
M2 - MFEP: prefs.js [alexandre - 5gnfjeww.default\{4daac69c-cba7-45e2-9bc8-1044483d3352}] [] Softonic_France Community Toolbar v3.7.0.6 (.Conduit Ltd..)
M2 - MFEP: prefs.js [alexandre - 5gnfjeww.default\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}] [] XfireXO v3.7.0.6 (.Conduit Ltd..)
M2 - MFEP: prefs.js [alexandre - 5gnfjeww.default\{707db484-2428-402d-afb5-d85b387544c7}] [] Mario Forever Toolbar v2.1.0.15 (.Conduit Ltd..)
M2 - MFEP: prefs.js [alexandre - 5gnfjeww.default\foxyproxy@eric.h.jung] [] FoxyProxy Basic v2.2 (.LeahScape, Inc..)
R3 - URLSearchHook: (no name) [64Bits] - {4daac69c-cba7-45e2-9bc8-1044483d3352} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} . (...) (No version) -- (.not file.)
O2 - BHO: SWEETIE [64Bits] - {EEE6C35C-6118-11DC-9C72-001320C79847} . (...) -- C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (.not file.)
O2 - BHO: (no name) [64Bits] - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} Clé orpheline
O20 - AppInit_DLLs: . (...) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll (.not file.)
[MD5.00000000000000000000000000000000] [APT] [iMeshNAG] (...) -- C:\Users\alexandre\AppData\Local\Temp\iMesh_setup.exe (.not file.)
O42 - Logiciel: Windows iLivid Toolbar - (.Bandoo Media, Inc.) [HKLM] -- Searchqu 406 MediaBar
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
O42 - Logiciel: SweetIM Toolbar for Internet Explorer 3.9 - (.SweetIM Technologies Ltd..) [HKLM] -- {A6CC2CA2-2779-4F10-88BF-A3C9EB874C24}
[HKCU\Software\AppDataLow\Software\uTorrentBar]
[HKCU\Software\Ask.com.tmp]
[HKCU\Software\DataMngr_Toolbar]
[HKCU\Software\SweetIM]
[HKCU\Software\AppDataLow\Software\Fun Web Products]
[HKCU\Software\AppDataLow\Software\FunWebProducts]
[HKCU\Software\AppDataLow\Software\MyWebSearch]
[HKCU\Software\FunWebProducts]
[HKCU\Software\Spointer]
[HKCU\Software\WideStream]
[HKCU\Software\ilivid]
O43 - CFD: 24/06/2011 - 23:53:28 - [0] ----D- C:\Program Files\Babylon
O43 - CFD: 20/05/2011 - 21:08:02 - [57398395] ----D- C:\ProgramData\Media Get LLC
O43 - CFD: 16/12/2010 - 19:12:16 - [638418] ----D- C:\Users\alexandre\AppData\Roaming\moovida-1
O43 - CFD: 15/05/2011 - 11:47:50 - [593] ----D- C:\Users\alexandre\AppData\Roaming\widestream
O43 - CFD: 20/05/2011 - 21:08:06 - [271] ----D- C:\Users\alexandre\AppData\Local\MediaGet2
O43 - CFD: 29/05/2011 - 09:33:38 - [16798] ----D- C:\Users\alexandre\AppData\Local\moovida Air
O43 - CFD: 15/05/2011 - 11:47:48 - [11808] ----D- C:\Users\alexandre\AppData\Local\widestream6 Air
O43 - CFD: 24/06/2011 - 23:51:52 - [0] ----D- C:\Program Files (x86)\Fluendo
O43 - CFD: 15/05/2011 - 20:13:10 - [116951] ----D- C:\Program Files (x86)\Widestream6
O43 - CFD: 20/05/2011 - 21:09:48 - [7765] ----D- C:\Users\alexandre\AppData\Roaming\teamspeak2
O43 - CFD: 06/09/2010 - 18:25:16 - [8418] ----D- C:\Program Files (x86)\MyAshampoo
[MD5.ED92900BF225E26A4E54C2C14FA1424F] [SPRF][09/09/2011] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\alexandre\AppData\Local\Temp\AskSLib.dll [246440]
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - http://search.babylon.com
O69 - SBI: SearchScopes [HKCU] {8A96AF9E-4074-43b7-BEA3-87217BDA7406} - (Web Search) - http://www.searchqu.com
O69 - SBI: SearchScopes [HKCU] {a5b9c0f5-5616-47cd-a95f-e43b488faccf} - (My Web Search) - http://search.mywebsearch.com
O87 - FAEL: "{830303F5-851F-4147-B011-138195045305}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\dtUser.exe (.not file.)
O87 - FAEL: "{232DFAA6-3AC0-4348-BC8B-D583B021E121}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\dtUser.exe (.not file.)
[HKCU\Software\Ask.com.tmp]
[HKCU\Software\DataMngr_Toolbar]
[HKCU\Software\SweetIM]
[HKLM\Software\Classes\Applications\iMeshV10.exe]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}]
[HKCU\Software\AppDataLow\Software\Fun Web Products]
[HKCU\Software\FunWebProducts]
[HKCU\Software\AppDataLow\Software\FunWebProducts]
[HKCU\Software\ilivid]
[HKCU\Software\Spointer]
[HKCU\Software\WideStream]
C:\Program Files\Babylon
C:\ProgramData\Media Get LLC
C:\Users\alexandre\AppData\Roaming\Widestream
C:\Users\alexandre\AppData\Local\MediaGet2
C:\Users\alexandre\AppData\Local\moovida air
C:\Users\alexandre\AppData\Local\widestream6 Air
C:\Users\alexandre\AppData\LocalLow\BabylonToolbar
C:\Users\alexandre\AppData\LocalLow\FunWebProducts
C:\Users\alexandre\AppData\LocalLow\MyWebSearch
C:\Program Files (x86)\Widestream6
C:\Users\alexandre\AppData\Roaming\teamspeak2
C:\Users\alexandre\AppData\LocalLow\SweetIM

Rapport de ZHPFix 1.12.3363 par Nicolas Coolman, Update du 05/10/2011
Fichier d'export Registre :
Run by alexandre at 09.10.2011 18:56:32
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Web site : http://www.premiumorange.com/zeb-help-p ... hpfix.html

========== Logiciel(s) ==========
ABSENT Software Key: Searchqu 406 MediaBar
ABSENT Software Key: {CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
ABSENT Software Key: {A6CC2CA2-2779-4F10-88BF-A3C9EB874C24}

========== Clé(s) du Registre ==========
ABSENT Key: CLSID BHO: {EEE6C35C-6118-11DC-9C72-001320C79847}
SUPPRIME Key**: CLSID BHO: {A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
SUPPRIME Key: HKCU\Software\AppDataLow\Software\uTorrentBar
SUPPRIME Key: HKCU\Software\Ask.com.tmp
SUPPRIME Key: HKCU\Software\DataMngr_Toolbar
SUPPRIME Key: HKCU\Software\SweetIM
SUPPRIME Key: HKCU\Software\AppDataLow\Software\Fun Web Products
SUPPRIME Key: HKCU\Software\AppDataLow\Software\FunWebProducts
SUPPRIME Key: HKCU\Software\AppDataLow\Software\MyWebSearch
SUPPRIME Key: HKCU\Software\FunWebProducts
SUPPRIME Key: HKCU\Software\Spointer
SUPPRIME Key: HKCU\Software\WideStream
SUPPRIME Key: HKCU\Software\ilivid
SUPPRIME Key: SearchScopes :{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SUPPRIME Key: SearchScopes :{8A96AF9E-4074-43b7-BEA3-87217BDA7406}
SUPPRIME Key: SearchScopes :{a5b9c0f5-5616-47cd-a95f-e43b488faccf}
SUPPRIME Key: HKLM\Software\Classes\Applications\iMeshV10.exe
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}

========== Valeur(s) du Registre ==========
SUPPRIME URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352}
SUPPRIME URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}
SUPPRIME {830303F5-851F-4147-B011-138195045305}
SUPPRIME {232DFAA6-3AC0-4348-BC8B-D583B021E121}

========== Elément(s) de donnée du Registre ==========
SUPPRIME AppInit: \PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll

========== Dossier(s) ==========
SUPPRIME Folder: C:\Users\alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\5gnfjeww.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}
SUPPRIME Folder: C:\Users\alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\5gnfjeww.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
SUPPRIME Folder: C:\Users\alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\5gnfjeww.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}
SUPPRIME Folder: C:\Users\alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\5gnfjeww.default\extensions\foxyproxy@eric.h.jung
SUPPRIME Folder: C:\Program Files\Babylon
SUPPRIME Folder: C:\ProgramData\Media Get LLC
SUPPRIME Folder: C:\Users\alexandre\AppData\Roaming\moovida-1
SUPPRIME Folder: C:\Users\alexandre\AppData\Roaming\widestream
SUPPRIME Folder: C:\Users\alexandre\AppData\Local\MediaGet2
SUPPRIME Folder: C:\Users\alexandre\AppData\Local\moovida Air
SUPPRIME Folder: C:\Users\alexandre\AppData\Local\widestream6 Air
SUPPRIME Folder: C:\Program Files (x86)\Fluendo
SUPPRIME Folder: C:\Program Files (x86)\Widestream6
SUPPRIME Folder: C:\Users\alexandre\AppData\Roaming\teamspeak2
SUPPRIME Folder: C:\Program Files (x86)\MyAshampoo
SUPPRIME Folder: c:\users\alexandre\appdata\locallow\babylontoolbar
SUPPRIME Folder: c:\users\alexandre\appdata\locallow\funwebproducts
SUPPRIME Folder: c:\users\alexandre\appdata\locallow\mywebsearch
SUPPRIME Folder: c:\users\alexandre\appdata\locallow\sweetim

========== Fichier(s) ==========
SUPPRIME File: c:\users\alexandre\appdata\roaming\mozilla\firefox\profiles\5gnfjeww.default\searchplugins\mywebsearch.xml
ABSENT File: c:\program files (x86)\sweetim\toolbars\internet explorer\mgtoolbarie.dll
ABSENT File: \progra~2\wi3c8a~1\datamngr\x64\datamngr.dll
ABSENT Folder/File: c:\users\alexandre\appdata\local\temp\askslib.dll
ABSENT Folder/File: c:\program files\babylon
ABSENT Folder/File: c:\programdata\media get llc
ABSENT Folder/File: c:\users\alexandre\appdata\roaming\widestream
ABSENT Folder/File: c:\users\alexandre\appdata\local\mediaget2
ABSENT Folder/File: c:\users\alexandre\appdata\local\moovida air
ABSENT Folder/File: c:\users\alexandre\appdata\local\widestream6 air
ABSENT Folder/File: c:\program files (x86)\widestream6
ABSENT Folder/File: c:\users\alexandre\appdata\roaming\teamspeak2

========== Tache planifiée ==========
SUPPRIME Task: iMeshNAG


========== Récapitulatif ==========
18 : Clé(s) du Registre
4 : Valeur(s) du Registre
1 : Elément(s) de donnée du Registre
19 : Dossier(s)
12 : Fichier(s)
3 : Logiciel(s)
1 : Tache planifiée


End of clean in 00mn 35s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 09.10.2011 18:56:32 [4671]

voila j espere que tu vas comprendre merci j attends de tes nouvelle
merci

Bonjour sugus71

Oui je comprends soit rassuré sur ce point
Quels problèmes rencontre tu encore sur ce PC ?

alors il me semble plus mais comme je t ai envoyer les rapport en retard je ne savais pas le resultat final si tu trouvais que tout etais redevenu normal
si oui merci pour votre job

Parfait

On va maintenant procéder au nettoyage des outils téléchargés.

• Télécharge (d'Xplode) sur ton bureau.
  
  Lance le et clique sur
  
  Le scan fini clique sur
  
  [b]Relance DelFix clique sur

=====================================================================================================

Je te donne quelques consignes de sécurité :

• Windows Update ( http://www.windowsupdate.com/ ) parfaitement à jour (catégories critique, Services Pack et Services Release)
• Antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut).
• Une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, sexe...) et vis à vis de la messagerie (fichiers joints aux messages doivent être scannés avant d'être ouverts)
• Une attitude vigilante (être à l'affût d'un fonctionnement inhabituel de son système)
• Scan hebdomadaire antimalware
  
• Verifie si ta console Java est à jour:
  Java Sun http://www.java.com/fr/download/manual.jsp et télécharge la dernière version (si ta version actuelle n'est pas à jour)
• Après installation et redémarrage (toujours si elle n'etait pas à jour), va dans panneau de configuration/Ajouter-Supprimer des programmes afin de désinstaller l'ancienne version, ceci pour récupérer de l'espace disque et éventuellement pour virer les failles présentes dans cette ancienne version.
• Retourne ensuite chez Java ci-dessus et clique sur le bouton "Vérifier l'installation" pour t'assurer que tout est en ordre.
  En cas de problèmes chez Sun, tu peux aller télécharger la dernière version chez File Hippo http://www.filehippo.com/download_jre_32/

Edite ton premier post et mets après le titre de ton sujet (Résolu) comme ceci
mon pc rame quand d' autres programmes sont ouverts (Résolu)

# DelFix v8.5 - Rapport créé le 10/10/2011 à 15:20:48
# Mis à jour le 25/09/11 à 11h par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : alexandre - ALEXANDRE-VAIO (Administrateur)
# Exécuté depuis : C:\Users\alexandre\Downloads\delfix0.exe
# Option [Recherche]


~~~~~~ Dossiers(s) ~~~~~~

Présent : C:\TDSSKiller
Présent : C:\ZHP
Présent : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
Présent : C:\Program Files (x86)\ZHPDiag

~~~~~~ Fichier(s) ~~~~~~

Présent : C:\AdwCleaner[R1].txt
Présent : C:\AdwCleaner[R2].txt
Présent : C:\AdwCleaner[R3].txt
Présent : C:\AdwCleaner[S1].txt
Présent : C:\AdwCleaner[S2].txt
Présent : C:\AdwCleaner[S3].txt
Présent : C:\AdwCleaner[S4].txt
Présent : C:\PhysicalDisk0_MBR.bin
Présent : C:\TDSSKiller.2.6.6.0_07.10.2011_20.56.17_log.txt
Présent : C:\Users\alexandre\Desktop\ZHPDiag.txt
Présent : C:\Users\alexandre\Desktop\ZHPFixReport.txt
Présent : C:\Users\alexandre\Downloads\adwcleaner.exe
Présent : C:\Users\alexandre\Downloads\adwcleaner0.exe
Présent : C:\Users\alexandre\Downloads\Load_tdsskiller.exe
Présent : C:\Users\alexandre\Downloads\Scooby.Doo.And.The.Robots.2011.FRENCH.DVDRIP.XviD.FUZION.avi[quebec-partage.com](1).torrent
Présent : C:\Users\alexandre\Downloads\Scooby.Doo.And.The.Robots.2011.FRENCH.DVDRIP.XviD.FUZION.avi[quebec-partage.com].torrent
Présent : C:\Users\alexandre\Downloads\ZHPDiag2.exe
Présent : C:\Users\Public\Desktop\ZHPDiag.lnk
Présent : C:\Users\Public\Desktop\ZHPFix.lnk
Présent : C:\Users\Public\Desktop\MBRCheck.lnk

~~~~~~ Registre ~~~~~~

Clé Présente : HKLM\SOFTWARE\AdwCleaner
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

~~~~~~ Autres ~~~~~~


*************************

DelFix[R1].txt - [1810 octets] - [10/10/2011 15:20:48]

########## EOF - C:\DelFix[R1].txt - [1934 octets] ##########

Bonjour

Edite ton premier post et mets après le titre de ton sujet (Résolu) comme ceci
mon pc rame quand d' autres programmes sont ouverts (Résolu)