cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v1.3.5.16 par Nicolas Coolman, Update du 04/02/2013
Run by Valpham at 06/02/2013 14:49:28
State : Version � jour.
UAC : Deactivate by program


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421

---\\ Windows Product Information
~ Langage: Fran�ais
Windows Vista Home Premium Edition, 64-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 23 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4094 MB (60% free)
System Restore: Activ� (Enable)
System drive C: has 739 GB (80%) free of 918 GB

---\\ Logged in mode
~ Computer Name: PC-DE-VALPHAM
~ User Name: Valpham
~ All Users Names: Valpham, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Valpham\AppData\Roaming\
~ %Desktop% : C:\Users\Valpham\Desktop\
~ %Favorites% : C:\Users\Valpham\Favorites\
~ %LocalAppData% : C:\Users\Valpham\AppData\Local\
~ %StartMenu% : C:\Users\Valpham\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 739 Go of 918 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.6B08E54A451B3F95E4109DBA7E594270] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 00:10:18.) -- C:\Windows\Explorer.exe [3079168]
[MD5.117EA87DF785CA1B9D821F6F213DCE07] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.21/01/2008 - 03:50:23.) -- C:\Windows\System32\Wininit.exe [123904]
[MD5.5121DB613E10A46A3C5085B479026AA7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/01/2013 - 00:49:01.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.6D0773A3A65D28B663F334C90441D01A] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 00:11:10.) -- C:\Windows\System32\Winlogon.exe [405504]
[MD5.C4F6CE6087760AD70960C9EB130E7943] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.03/01/2012 - 15:25:21.) -- C:\Windows\system32\Drivers\AFD.sys [404992]
[MD5.1898FAE8E07D97F2F6C2D5326C633FAC] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:46:50.) -- C:\Windows\system32\Drivers\atapi.sys [22584]
[MD5.B4D787DB8D30793A4D4DF9FEED18F136] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:50:39.) -- C:\Windows\system32\Drivers\Cdfs.sys [90624]
[MD5.C025AA69BE3D0D25C7A2E746EF6F94FC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.10/04/2009 - 22:34:40.) -- C:\Windows\system32\Drivers\Cdrom.sys [79872]
[MD5.8B722BA35205C71E7951CDC4CDBADE19] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 16:14:19.) -- C:\Windows\system32\Drivers\DfsC.sys [97792]
[MD5.F942C5820205F2FB453243EDFEC82A3D] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.10/04/2009 - 22:39:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [948736]
[MD5.CBB597659A2713CE0C9CC20C88C7591F] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:46:59.) -- C:\Windows\system32\Drivers\i8042prt.sys [64000]
[MD5.B7E6212F581EA5F6AB0C3A6CEEEB89BE] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:48:45.) -- C:\Windows\system32\Drivers\IpNat.sys [115712]
[MD5.1485811B320FF8C7EDAD1CAEBB1C6C2B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:39:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [135680]
[MD5.FC2C792EBDDC8E28DF939D6A92C83D61] - (.Microsoft Corporation - MBT Transport driver.) (.10/04/2009 - 22:42:34.) -- C:\Windows\system32\Drivers\netBT.sys [248320]
[MD5.BAC869DFB98E499BA4D9BB1FB43270E1] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.11/04/2009 - 00:15:36.) -- C:\Windows\system32\Drivers\ntfs.sys [1515496]
[MD5.AECD57F94C887F58919F307C35498EA0] - (.Microsoft Corporation - Pilote de port parall�le.) (.02/11/2006 - 10:37:57.) -- C:\Windows\system32\Drivers\Parport.sys [96768]
[MD5.AC7BC4D42A7E558718DFDEC599BBFC2C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.10/04/2009 - 22:43:40.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.C045D1FB111C28DF0D1BE8D4BDA22C06] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:46:51.) -- C:\Windows\system32\Drivers\rdpdr.sys [314368]
[MD5.290B6F6A0EC4FCDFC90F5CB6D7020473] - (.Microsoft Corporation - SMB Transport driver.) (.10/04/2009 - 22:42:20.) -- C:\Windows\system32\Drivers\smb.sys [88064]
[MD5.458919C8C42E398DC4802178D5FFEE27] - (.Microsoft Corporation - TDI Translation Driver.) (.10/04/2009 - 22:43:02.) -- C:\Windows\system32\Drivers\tdx.sys [94720]
[MD5.582F710097B46140F5A89A19A6573D4B] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/08/2012 - 12:50:57.) -- C:\Windows\system32\Drivers\volsnap.sys [267648]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/168
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/62
~ Mes Documents (My Documents) : 1/434
~ Mon Bureau (My Desktop) : 0/4
~ Menu demarrer (Programs) : 1/29
~ Scan Hidden Files in 00mn 01s



---\\ Processus lanc�s
[MD5.731F68141C806BD2359FD878CD05C929] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [182808] [PID.3032]
[MD5.9EC9218D94DB00C67BBB28DC62B8A46B] - (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX1000.exe [762736] [PID.1980]
[MD5.D5D8A5E87D3C32C516E5B5E2BA5B0DBF] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247768] [PID.2736]
[MD5.968340117AAEEB829473C74400B693A8] - (.WinZip Computing, S.L. - WinZip Quick Pick.) -- C:\Program Files\WinZip\WZQKPICK32.exe [685496] [PID.3108]
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.3136]
[MD5.68BB0D0F31DAB67979C24218777F97EA] - (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1152296] [PID.3312]
[MD5.309C7161F58C75EE88B07F55CA858280] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736] [PID.3324]
[MD5.B6F6228AB545E2819A60C0D63A84E52E] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200] [PID.3336]
[MD5.E66532FD491AD5604C36916715FBA092] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [41208] [PID.3376]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3408]
[MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [10376704] [PID.3616]
[MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [10368512] [PID.3692]
[MD5.7853D2AB445C10F97610B2B05FA4CF0A] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [512360] [PID.4084]
[MD5.DDB1C559E36063532ED1CBC101C17DA3] - (.Hewlett-Packard Company - KBD EXE.) -- C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe [94208] [PID.3720]
[MD5.927DC83A2FB5897DE3DDD54DF604EA00] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [5649408] [PID.4884]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\SysWOW64\conime.exe [69120] [PID.4352]
[MD5.D571C606E4391449293A706588CC4BDD] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.3212]
[MD5.1ACAA67676E9E7BDA5E0C41B6E0DECAF] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184] [PID.3904]
[MD5.916B8954AC3E06DC9E898AFFB41F3FB6] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344] [PID.3952]
[MD5.F620772888B6E3EDEF5C3E71E3D447F0] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92632] [PID.1716]
[MD5.1117AF8C53AA278A4C5B7EF1B00E08F4] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.2348]
[MD5.5DAF7081A4BB112FA3F1915819330A3E] - (...) -- C:\Program Files (x86)\ZHPDiag\pv.exe [61440] [PID.0]
~ Scan Processes Running in 00mn 01s



---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Valpham\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Valpham\AppData\Roaming\Mozilla\Firefox\Profiles\3pmxu25x.default\prefs.js
M3 - MFPP: Plugins - [Valpham] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Valpham] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Valpham] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Valpham] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Valpham] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Valpham] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Web Search.xml
M3 - MFPP: Plugins - [Valpham] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Valpham] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.13.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.13.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.13.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.0.1f2.) -- C:\Users\Valpham\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft� Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe (.not file.)
O4 - HKLM\..\Run: [SmartMenu] C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (.not file.)
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [VX1000] . (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [BDAgent] . (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Wow6432Node\Run: [KBD] . (.Microsoft - Kbd Stub.) -- C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Health Check Scheduler] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDIRShortCut] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [TSMAgent] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer for HP TouchSmart] . (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [DVDAgent] . (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-372334955-679749087-3178087233-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-372334955-679749087-3178087233-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Valpham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk . (.CyberLink.) -- C:\Program Files (x86)\Cyberlink\CyberLink DVD Suite Deluxe\PowerStarter.exe
O4 - Global Startup: C:\Users\Valpham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Valpham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Valpham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Valpham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Valpham\Desktop\Format Factory.lnk . (.Free Time.) -- C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
O4 - Global Startup: C:\Users\Valpham\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Valpham\Desktop\Windows mail.lnk - Cl� orpheline
O4 - Global Startup: C:\Users\Valpham\Desktop\Yahoo! Mail.url . (...) -- C:\Users\Valpham\Desktop\Yahoo! Mail.url
O4 - Global Startup: C:\Users\Valpham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk . (...) -- C:\Windows\Installer\{F1568AA6-5982-4AFB-A871-C68E4328BC3B}\_34C89C03D8C334FFDDA6CE.exe
O4 - Global Startup: C:\Users\Valpham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Valpham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Valpham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{F12FD181-1F9E-4BAB-8558-1C833D706983}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{F12FD181-1F9E-4BAB-8558-1C833D706983}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{F12FD181-1F9E-4BAB-8558-1C833D706983}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS3\Services\Tcpip\..\{F12FD181-1F9E-4BAB-8558-1C833D706983}: DhcpNameServer = 89.2.0.1 89.2.0.2
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contr�le ActiveX pour le flux vid�o.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft� InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (...) --
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft� InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (...) --
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (...) --
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (...) --
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contr�le ActiveX pour le flux vid�o.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contr�leur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s



---\\ Cl� de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon [64Bits] - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioth�que de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Norton Internet Security (Norton Internet Security) . (...) - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (.not file.)
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 197.3.) - C:\Windows\System32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: BitDefender Desktop Update Service (UPDATESRV) . (.Bitdefender - Bitdefender Update Service.) - C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) . (.Bitdefender - Bitdefender Security Service.) - C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
O23 - Service: Power Control [2009/02/11 07:10:37] ({55662437-DA8C-40c0-AADA-2C816A897A49}) . (.CyberLink Corp. - Pas de description.) - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
~ Scan Services in 00mn 22s



---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Users\Valpham\Pictures\fond-ecran-animaux-chevaux-075.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Users\Valpham\Pictures\fond-ecran-animaux-chevaux-075.jpg
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForValpham.job
[MD5.74660C1E9139D95F4E006E8E49EA4986] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.0C8A70BC3BAAF7BF69DCA495C1E1AB79] [APT] [HP Health Check] (.Hewlett-Packard.) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
[MD5.43046E9835F9F593EFA37917E240FFB8] [APT] [HPCeeScheduleForValpham] (.Hewlett-Packard.) -- C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe
[MD5.A43FE35BDBC08D72F04F9D974885D359] [APT] [RecoveryCD] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe
[MD5.00000000000000000000000000000000] [APT] [{7AAA513B-E4EF-4458-B39A-01942A8C8261}] (...) -- C:\Users\Valpham\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ED5WLA4R\epson326690eu[1].exe (.not file.)
[MD5.D7C841BE50C6BA2B64217A7BFD825A4C] [APT] [Protected Search] (.Simplygen.) -- C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
~ Scan Scheduled Task in 00mn 04s



---\\ Composants install�s (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d�IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (bdftdif) . (.BitDefender LLC - BitDefender Firewall TDI Filter Driver.) - C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys
O41 - Driver: (BDVEDISK) . (.BitDefender - FileVault Disk Driver.) - C:\Windows\System32\DRIVERS\bdvedisk.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: (PCTSD) . (.PC Tools - PC Tools SD Driver.) - C:\Windows\System32\Drivers\PCTSD64.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: (SRTSP) . (. - .) - C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.sys (.not file.)
O41 - Driver: (SRTSPX) . (. - .) - C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.sys (.not file.)
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels install�s (O42)
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 9.5.3 - Fran�ais - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A95000000001}
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Bitdefender Antivirus Plus 2012 - (.Bitdefender.) [HKLM][64Bits] -- Bitdefender
O42 - Logiciel: Bitdefender Antivirus Plus 2012 - (.Bitdefender.) [HKLM][64Bits] -- {2AB9289D-6432-4CC0-8869-A195C3F0CFCC}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: D�sinstaller l'imprimante EPSON SX125 Series - (.SEIKO EPSON Corporation.) [HKLM][64Bits] -- EPSON SX125 Series
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM][64Bits] -- EPSON Scanner
O42 - Logiciel: FormatFactory 3.0.1 - (.Free Time.) [HKLM][64Bits] -- FormatFactory
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {0295F89F-F698-4101-9A7D-49F407EC2D82}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {E1591139-8B44-411B-A81B-D35F83A0565A}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM][64Bits] -- {B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart SmartMenu - (.Hewlett-Packard.) [HKLM][64Bits] -- {F1568AA6-5982-4AFB-A871-C68E4328BC3B}
O42 - Logiciel: HP Picasso Media Center Add-In - (.Hewlett-Packard Development Company, L.P..) [HKLM][64Bits] -- {03BF5CB1-B72E-4CA6-A278-F65680F05420}
O42 - Logiciel: HP Recovery Manager RSS - (.Hewlet Packard Company.) [HKLM][64Bits] -- {A0640EC2-B97E-4FC1-AD14-227C9E386BB4}
O42 - Logiciel: HP Total Care Advisor - (.Hewlett-Packard.) [HKLM][64Bits] -- {154A4184-1A3D-4BF9-A5AE-4FA1660445F3}
O42 - Logiciel: HP Total Care Setup - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {95A747E0-DF19-46CB-A622-20A0107201BD}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: Intel� Matrix Storage Manager - (.Intel Corporation.) [HKLM][64Bits] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java 7 Update 13 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417013FF}
O42 - Logiciel: K-Lite Codec Pack 9.6.5 (Full) - (.Pas de propri�taire.) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LightScribe System Software 1.14.32.1 - (.LightScribe.) [HKLM][64Bits] -- {CF3D8718-EF21-4408-AE38-A6DA98E1E2B6}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Corporation - (.Microsoft Corporation.) [HKLM][64Bits] -- {9C5A08BF-BB99-4998-81BD-F6CC32483B34}
O42 - Logiciel: Microsoft Corporation - (.Microsoft Corporation.) [HKLM][64Bits] -- {B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}
O42 - Logiciel: Microsoft LifeCam - (.Microsoft Corporation.) [HKLM][64Bits] -- {6965A8D2-465D-4F98-9FAA-0E9E2348F329}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Mozilla Firefox 18.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 18.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: My HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Drivers
O42 - Logiciel: OpenOffice.org 3.4.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}
O42 - Logiciel: Outils de diagnostic du mat�riel - (.PC-Doctor, Inc..) [HKLM][64Bits] -- PC-Doctor for Windows
O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM][64Bits] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: Python 2.6 pywin32-212 - (.Python Software Foundation.) [HKLM][64Bits] -- pywin32-py2.6
O42 - Logiciel: Python 2.6.1 - (.Python Software Foundation.) [HKLM][64Bits] -- {9CC89170-000B-457D-91F1-53691F85B223}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM][64Bits] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Skype� 6.1 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: Solution de clavier multim�dia am�lior� - (.Hewlett-Packard.) [HKLM][64Bits] -- KBD
O42 - Logiciel: TomTom HOME - (.Nom de votre soci�t�.) [HKLM][64Bits] -- {9017CEAF-BE5A-4F73-8A0E-C87E26971E55}
O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM][64Bits] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer
O42 - Logiciel: WinZip 17.0 - (.WinZip Computing, S.L. .) [HKLM][64Bits] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}
O42 - Logiciel: calibre 64bit - (.Kovid Goyal.) [HKLM][64Bits] -- {5A5FADCD-34CB-4F23-9940-ED1FD8AB3DA5}
O42 - Logiciel: muvee Reveal - (.muvee Technologies Pte Ltd.) [HKLM][64Bits] -- {D722CF4B-4B06-BF11-FDEA-BD1B319FEA57}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\AOL]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Simplytech]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\BitDefender]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\EPSON]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\Icaros]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Muvee)]
[HKCU\Software\MainConcept (Muvee2)]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaInfo]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Nico Mak Computing]
[HKCU\Software\Norton]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\ProtectedSearch]
[HKCU\Software\RatioMaster.NET]
[HKCU\Software\Skype]
[HKCU\Software\SweetIM]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\Unity]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinZip Computing]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\madshi]
[HKLM\Software\AVC3]
[HKLM\Software\BitDefender]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\EPSON]
[HKLM\Software\EasyBits]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nico Mak Computing]
[HKLM\Software\ODBC]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Volatile]
[HKLM\Software\WildTangent]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\America Online]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\AviSynth]
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\CLSID]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Debug]
[HKLM\Software\Wow6432Node\EPSON]
[HKLM\Software\Wow6432Node\GNU]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HaaliMkx]
[HKLM\Software\Wow6432Node\Hewlett-Packard Company]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\KLCodecPack]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\LAV]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\LightScribe]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nico Mak Computing]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OpenOffice.org]
[HKLM\Software\Wow6432Node\PC-Doctor]
[HKLM\Software\Wow6432Node\PCTools]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\SweetIM]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Wilson WindowWare]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
[HKLM\Software\calibre 64bit]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 31/12/2012 - 12:35:16 - [109,836] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 25/01/2013 - 17:18:59 - [448,125] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 11/02/2009 - 07:07:57 - [870,820] ----D C:\Program Files (x86)\Cyberlink
O43 - CFD: 11/02/2009 - 07:28:51 - [72,538] ----D C:\Program Files (x86)\EasyBits For Kids
O43 - CFD: 31/12/2012 - 19:03:24 - [7,951] ----D C:\Program Files (x86)\epson
O43 - CFD: 20/01/2013 - 17:11:58 - [135,748] ----D C:\Program Files (x86)\FreeTime
O43 - CFD: 31/12/2012 - 01:33:27 - [25,352] ----D C:\Program Files (x86)\Google
O43 - CFD: 11/02/2009 - 07:23:21 - [359,027] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 11/02/2009 - 07:22:05 - [0] ----D C:\Program Files (x86)\Hewlett-Packard Company
O43 - CFD: 31/12/2012 - 18:50:51 - [3,985] ----D C:\Program Files (x86)\HP
O43 - CFD: 11/02/2009 - 07:28:27 - [364,346] ----D C:\Program Files (x86)\HP Games
O43 - CFD: 30/12/2012 - 17:20:42 - [78,037] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 30/12/2012 - 17:03:46 - [46,337] ----D C:\Program Files (x86)\Intel
O43 - CFD: 01/01/2013 - 01:42:42 - [5,313] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 02/01/2013 - 10:57:10 - [67,689] ----D C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 04/02/2013 - 20:22:02 - [12,170] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 30/12/2012 - 18:55:42 - [28,015] ----D C:\Program Files (x86)\Microsoft LifeCam
O43 - CFD: 30/12/2012 - 17:08:45 - [52,115] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 02/01/2013 - 10:38:15 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 01/01/2013 - 00:32:45 - [137,975] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 31/12/2012 - 09:03:35 - [0,015] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 29/01/2013 - 11:23:41 - [44,645] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 01/02/2013 - 10:10:16 - [0,212] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 02/11/2006 - 16:07:27 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 30/12/2012 - 18:10:17 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 11/02/2009 - 07:15:39 - [58,729] ----D C:\Program Files (x86)\muvee Technologies
O43 - CFD: 30/12/2012 - 17:20:42 - [0,305] R---D C:\Program Files (x86)\Online Services
O43 - CFD: 02/01/2013 - 13:37:29 - [288,773] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 02/01/2013 - 13:36:11 - [122,805] ----D C:\Program Files (x86)\OpenOffice.org 3.4.1 (fr) Installation Files
O43 - CFD: 25/01/2013 - 18:48:25 - [0,054] ----D C:\Program Files (x86)\Protected Search
O43 - CFD: 11/02/2009 - 06:32:49 - [61,949] ----D C:\Program Files (x86)\Python
O43 - CFD: 11/02/2009 - 06:52:03 - [73,916] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 02/11/2006 - 16:07:27 - [36,906] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 18/01/2013 - 15:33:49 - [18,093] R---D C:\Program Files (x86)\Skype
O43 - CFD: 25/01/2013 - 17:58:03 - [35,405] ----D C:\Program Files (x86)\SMINST
O43 - CFD: 11/02/2009 - 06:52:12 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 12/01/2013 - 13:42:21 - [47,885] ----D C:\Program Files (x86)\TomTom HOME 2
O43 - CFD: 12/01/2013 - 13:41:31 - [0,021] ----D C:\Program Files (x86)\TomTom International B.V
O43 - CFD: 20/01/2013 - 13:08:02 - [0] ----D C:\Program Files (x86)\TornTV.com
O43 - CFD: 02/11/2006 - 16:36:07 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 31/12/2012 - 21:49:09 - [0,970] ----D C:\Program Files (x86)\Windows Calendar
O43 - CFD: 21/01/2008 - 04:09:47 - [0,051] ----D C:\Program Files (x86)\Windows Collaboration
O43 - CFD: 11/02/2009 - 14:26:31 - [0,481] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 18/01/2013 - 15:33:58 - [32,189] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 01/01/2013 - 01:42:45 - [8,522] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 31/12/2012 - 21:49:08 - [2,874] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 02/11/2006 - 16:07:27 - [7,589] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 31/12/2012 - 21:49:08 - [12,902] ----D C:\Program Files (x86)\Windows Photo Gallery
O43 - CFD: 01/01/2013 - 01:42:47 - [0,128] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 31/12/2012 - 21:49:09 - [6,225] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 06/02/2013 - 14:49:44 - [11,441] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 31/12/2012 - 12:35:18 - [6,316] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 31/12/2012 - 09:02:50 - [4,667] ----D C:\Program Files (x86)\Common Files\Bitdefender
O43 - CFD: 11/02/2009 - 06:52:01 - [3,805] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 11/02/2009 - 07:15:20 - [28,744] ---AD C:\Program Files (x86)\Common Files\LightScribe
O43 - CFD: 11/02/2009 - 07:14:41 - [0,054] ---AD C:\Program Files (x86)\Common Files\LS Getting Started
O43 - CFD: 01/01/2013 - 02:39:41 - [253,396] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 11/02/2009 - 07:15:41 - [93,564] ----D C:\Program Files (x86)\Common Files\muvee Technologies
O43 - CFD: 25/01/2013 - 17:18:59 - [7,990] ----D C:\Program Files (x86)\Common Files\PC Tools
O43 - CFD: 02/11/2006 - 14:33:53 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 18/01/2013 - 15:33:49 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 02/11/2006 - 14:33:53 - [39,198] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 01/01/2013 - 01:42:37 - [8,333] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 01/01/2013 - 02:37:56 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 31/12/2012 - 12:37:02 - [124,936] ----D C:\ProgramData\Adobe
O43 - CFD: 30/12/2012 - 16:57:38 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 31/12/2012 - 09:24:42 - [83,434] ----D C:\ProgramData\BDLogging
O43 - CFD: 31/12/2012 - 09:24:43 - [0,191] ----D C:\ProgramData\Bitdefender
O43 - CFD: 30/12/2012 - 16:57:38 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 30/12/2012 - 17:12:42 - [0,119] ----D C:\ProgramData\CyberLink
O43 - CFD: 30/12/2012 - 16:57:38 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 31/12/2012 - 19:00:57 - [8,835] ----D C:\ProgramData\EPSON
O43 - CFD: 30/12/2012 - 16:57:38 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 31/12/2012 - 01:33:31 - [1,163] ----D C:\ProgramData\Google
O43 - CFD: 30/12/2012 - 16:52:34 - [35,684] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 04/02/2013 - 20:22:01 - [6,682] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 30/12/2012 - 16:57:38 - [0] --H-D C:\ProgramData\Menu D�marrer
O43 - CFD: 01/01/2013 - 02:40:03 - [201,426] -S--D C:\ProgramData\Microsoft
O43 - CFD: 30/12/2012 - 16:57:38 - [0] --H-D C:\ProgramData\Mod�les
O43 - CFD: 31/12/2012 - 01:27:51 - [0,007] ----D C:\ProgramData\Mozilla
O43 - CFD: 29/01/2013 - 17:00:31 - [0,000] ----D C:\ProgramData\Norton
O43 - CFD: 11/02/2009 - 07:29:49 - [4,380] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 31/12/2012 - 10:05:32 - [0,258] ----D C:\ProgramData\NVIDIA
O43 - CFD: 25/01/2013 - 17:18:38 - [244,110] ----D C:\ProgramData\PC Tools
O43 - CFD: 11/02/2009 - 07:18:21 - [0,001] ----D C:\ProgramData\PC-Doctor
O43 - CFD: 11/02/2009 - 07:18:21 - [2,680] ----D C:\ProgramData\PC-Doctor for Windows
O43 - CFD: 18/01/2013 - 15:33:54 - [20,612] ----D C:\ProgramData\Skype
O43 - CFD: 29/01/2013 - 16:05:40 - [0] ----D C:\ProgramData\Symantec
O43 - CFD: 11/02/2009 - 07:09:43 - [0,277] ----D C:\ProgramData\Temp
O43 - CFD: 12/01/2013 - 13:43:05 - [0,254] ----D C:\ProgramData\TomTom
O43 - CFD: 11/02/2009 - 07:28:28 - [1787,879] ----D C:\ProgramData\WildTangent
O43 - CFD: 02/01/2013 - 16:04:06 - [2,308] ----D C:\ProgramData\WinZip
O43 - CFD: 31/12/2012 - 12:36:42 - [3,386] ----D C:\Users\Valpham\AppData\Roaming\Adobe
O43 - CFD: 31/12/2012 - 09:21:33 - [0,103] ----D C:\Users\Valpham\AppData\Roaming\Bitdefender
O43 - CFD: 03/01/2013 - 11:55:43 - [0,303] ----D C:\Users\Valpham\AppData\Roaming\calibre
O43 - CFD: 31/12/2012 - 01:34:50 - [0,001] ----D C:\Users\Valpham\AppData\Roaming\Google
O43 - CFD: 30/12/2012 - 17:13:26 - [0,292] ----D C:\Users\Valpham\AppData\Roaming\hewlett-packard
O43 - CFD: 30/12/2012 - 17:05:19 - [0,041] ----D C:\Users\Valpham\AppData\Roaming\HP TCS
O43 - CFD: 04/02/2013 - 21:16:32 - [0,003] ----D C:\Users\Valpham\AppData\Roaming\HpUpdate
O43 - CFD: 30/12/2012 - 17:12:01 - [0] ----D C:\Users\Valpham\AppData\Roaming\Identities
O43 - CFD: 30/12/2012 - 17:03:30 - [0] ----D C:\Users\Valpham\AppData\Roaming\InstallShield
O43 - CFD: 30/12/2012 - 17:35:54 - [0,002] ----D C:\Users\Valpham\AppData\Roaming\Macromedia
O43 - CFD: 04/02/2013 - 20:22:16 - [0] ----D C:\Users\Valpham\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 16:07:25 - [0] ----D C:\Users\Valpham\AppData\Roaming\Media Center Programs
O43 - CFD: 06/02/2013 - 08:38:51 - [0] ----D C:\Users\Valpham\AppData\Roaming\Media Player Classic
O43 - CFD: 20/01/2013 - 16:13:52 - [17,093] -S--D C:\Users\Valpham\AppData\Roaming\Microsoft
O43 - CFD: 31/12/2012 - 01:27:58 - [14,375] ----D C:\Users\Valpham\AppData\Roaming\Mozilla
O43 - CFD: 02/01/2013 - 13:43:25 - [20,491] ----D C:\Users\Valpham\AppData\Roaming\OpenOffice.org
O43 - CFD: 31/12/2012 - 09:05:51 - [0] ----D C:\Users\Valpham\AppData\Roaming\QuickScan
O43 - CFD: 31/01/2013 - 21:38:49 - [5,198] ----D C:\Users\Valpham\AppData\Roaming\Skype
O43 - CFD: 25/01/2013 - 17:18:37 - [0,005] ----D C:\Users\Valpham\AppData\Roaming\TestApp
O43 - CFD: 12/01/2013 - 13:42:58 - [0,473] ----D C:\Users\Valpham\AppData\Roaming\TomTom
O43 - CFD: 16/01/2013 - 10:46:01 - [0,093] ----D C:\Users\Valpham\AppData\Local\Adobe
O43 - CFD: 30/12/2012 - 17:01:32 - [0] ----D C:\Users\Valpham\AppData\Local\Application Data
O43 - CFD: 31/12/2012 - 01:32:58 - [2,297] ----D C:\Users\Valpham\AppData\Local\Apps
O43 - CFD: 29/01/2013 - 14:37:07 - [0] ----D C:\Users\Valpham\AppData\Local\Deployment
O43 - CFD: 12/01/2013 - 13:41:02 - [25,967] ----D C:\Users\Valpham\AppData\Local\Downloaded Installations
O43 - CFD: 01/02/2013 - 23:02:01 - [0,027] ----D C:\Users\Valpham\AppData\Local\Google
O43 - CFD: 30/12/2012 - 17:13:29 - [4,645] ----D C:\Users\Valpham\AppData\Local\Hewlett-Packard
O43 - CFD: 30/12/2012 - 17:01:32 - [0] ----D C:\Users\Valpham\AppData\Local\Historique
O43 - CFD: 03/01/2013 - 22:25:55 - [224,348] ----D C:\Users\Valpham\AppData\Local\Microsoft
O43 - CFD: 18/01/2013 - 18:34:57 - [0,316] ----D C:\Users\Valpham\AppData\Local\Microsoft Games
O43 - CFD: 31/12/2012 - 01:27:53 - [5,143] ----D C:\Users\Valpham\AppData\Local\Mozilla
O43 - CFD: 06/02/2013 - 14:48:25 - [0,324] ----D C:\Users\Valpham\AppData\Local\Temp
O43 - CFD: 30/12/2012 - 17:01:32 - [0] ----D C:\Users\Valpham\AppData\Local\Temporary Internet Files
O43 - CFD: 12/01/2013 - 13:42:58 - [1,990] ----D C:\Users\Valpham\AppData\Local\TomTom
O43 - CFD: 29/01/2013 - 14:37:09 - [0,208] ----D C:\Users\Valpham\AppData\Local\Unity
O43 - CFD: 30/12/2012 - 17:12:53 - [0] ----D C:\Users\Valpham\AppData\Local\VirtualStore
O43 - CFD: 11/01/2013 - 08:16:08 - [0,035] ----D C:\Users\Valpham\AppData\Local\Windows Live
O43 - CFD: 31/12/2012 - 20:25:39 - [0,016] ----D C:\Users\Valpham\AppData\Local\WindowsUpdate
O43 - CFD: 11/01/2013 - 08:16:31 - [0] ----D C:\Users\Valpham\AppData\Local\{4C1F6C79-A22D-4E80-89DC-3344D3279E08}
O43 - CFD: 11/01/2013 - 20:16:40 - [0] ----D C:\Users\Valpham\AppData\Local\{A2A4F48A-4446-4FAE-BA84-5F425E52E360}
O43 - CFD: 18/01/2013 - 15:32:34 - [0] ----D C:\Users\Valpham\AppData\Local\{D5944A72-6CC4-4773-8085-28DA3C4CF20F}
O43 - CFD: 03/01/2013 - 14:19:59 - [0] ----D C:\Users\Valpham\AppData\Local\{DBE05F33-FD98-41B9-BE6E-A7658CA31B4F}
O43 - CFD: 01/01/2013 - 02:54:40 - [0] ----D C:\Users\Valpham\AppData\Local\{E6FE8B89-9E1E-4E6A-8340-7C5C5CBD130B}
O43 - CFD: 21/01/2008 - 04:20:45 - [0,015] R---D C:\Users\Valpham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 30/12/2012 - 17:12:09 - [0,000] R---D C:\Users\Valpham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 20/01/2013 - 17:12:08 - [0,004] ----D C:\Users\Valpham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 21/01/2008 - 04:20:45 - [0,001] R---D C:\Users\Valpham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 02/01/2013 - 13:43:36 - [0,001] R---D C:\Users\Valpham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Scan Program Folder in 00mn 23s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.C73CE515CDD283C100A90D4B09408ECA] - 06/02/2013 - 14:46:11 ---A- . (...) -- C:\Windows\SysNative\spsys.log [18216]
O44 - LFC:[MD5.96FD18EEF2F1071964C60B48B5F14F6C] - 06/02/2013 - 14:45:45 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.1D5E5590D37B763713F30B1E61C7C230] - 06/02/2013 - 11:35:11 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1734540]
O44 - LFC:[MD5.F46874CEAB32F8A8AFE32DF9D6092370] - 06/02/2013 - 11:35:11 ---A- . (...) -- C:\bdlog.txt [73426]
O44 - LFC:[MD5.9DC094987BD3A32C7B67A676BC4D9CE5] - 06/02/2013 - 11:34:49 ---A- . (...) -- C:\AdwCleaner[S1].txt [1494]
O44 - LFC:[MD5.C1C05AF02E606A19E3FA1C8C61E2CF76] - 06/02/2013 - 11:34:49 ---A- . (...) -- C:\Windows\DeleteOnReboot.bat [107]
O44 - LFC:[MD5.AF6F020A31BF46E2C0EBE0584B5453BA] - 06/02/2013 - 11:34:01 ---A- . (...) -- C:\AdwCleaner[R1].txt [1422]
O44 - LFC:[MD5.A768D621E8B2A600BBA78BC89C98DC40] - 05/02/2013 - 16:57:59 ---A- . (.Oracle Corporation - Pas de description.) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [108448]
O44 - LFC:[MD5.70DAA34AEC2C760622521C9EF15347A2] - 05/02/2013 - 16:57:58 . (...) -- C:\Windows\System32\java.exe []
O44 - LFC:[MD5.E48EA241F5428F413F1942A555B6066A] - 05/02/2013 - 16:57:58 . (...) -- C:\Windows\System32\javaw.exe []
O44 - LFC:[MD5.E1B7A4AE2E09C159BE286B7183D2167D] - 05/02/2013 - 16:57:58 . (...) -- C:\Windows\System32\javaws.exe []
O44 - LFC:[MD5.70DAA34AEC2C760622521C9EF15347A2] - 05/02/2013 - 16:57:58 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\SysNative\java.exe [188320]
O44 - LFC:[MD5.E48EA241F5428F413F1942A555B6066A] - 05/02/2013 - 16:57:58 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\SysNative\javaw.exe [188832]
O44 - LFC:[MD5.E1B7A4AE2E09C159BE286B7183D2167D] - 05/02/2013 - 16:57:58 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\SysNative\javaws.exe [310688]
O44 - LFC:[MD5.BE38073D2710DDAEFDBB8389FBB85AC5] - 05/02/2013 - 16:57:56 . (...) -- C:\Windows\System32\deployJava1.dll []
O44 - LFC:[MD5.BE38073D2710DDAEFDBB8389FBB85AC5] - 05/02/2013 - 16:57:56 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\SysNative\deployJava1.dll [963488]
O44 - LFC:[MD5.1E51B9ED66558F33EA094C9799310FA3] - 05/02/2013 - 16:57:56 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\SysNative\npDeployJava1.dll [1085344]
O44 - LFC:[MD5.D9198DAF94E00C97993E29F081465739] - 01/02/2013 - 20:06:11 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1495948]
O44 - LFC:[MD5.9C871F1A785D96C923C71B59691AD7E5] - 01/02/2013 - 20:06:11 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [103872]
O44 - LFC:[MD5.B70BC55C838932053F6CAA301AE58C0D] - 01/02/2013 - 20:06:11 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [126420]
O44 - LFC:[MD5.2E5BB0372EA3BCA735E2B306BDA44B95] - 01/02/2013 - 20:06:11 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [595798]
O44 - LFC:[MD5.E5684590E9A74C4A59A5B7F03597DEC1] - 01/02/2013 - 20:06:11 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [678804]
O44 - LFC:[MD5.E5CD5045C3A42853E16704FF6A4ADD9D] - 25/01/2013 - 18:06:49 ----- . (...) -- C:\bootex.log [16026]
O44 - LFC:[MD5.98F6B5E8769A02CA4318954D97A9D5FB] - 24/01/2013 - 18:05:58 . (...) -- C:\Windows\System32\checkdnsid.xml []
O44 - LFC:[MD5.98F6B5E8769A02CA4318954D97A9D5FB] - 24/01/2013 - 18:05:58 ---A- . (...) -- C:\Windows\SysNative\checkdnsid.xml [240]
O44 - LFC:[MD5.A65BA863A4E5B660CB139C0087D6F7AE] - 20/01/2013 - 13:02:29 ---A- . (.Pas de propri�taire - Toolbar_Exe_Launcher_Form.) -- C:\Windows\Launcher.exe [15360]
O44 - LFC:[MD5.BE6F0BD2B114DFACDE10666811F48131] - 20/01/2013 - 13:02:28 ---A- . (...) -- C:\SetSearchAndHomepageInBrowserLog.txt [137]
O44 - LFC:[MD5.2B604CD4E57DE6434E8FD0459DD61B8E] - 11/01/2013 - 17:43:15 . (...) -- C:\Windows\System32\bdsandbox.txt []
O44 - LFC:[MD5.2B604CD4E57DE6434E8FD0459DD61B8E] - 11/01/2013 - 17:43:15 ---A- . (...) -- C:\Windows\SysNative\bdsandbox.txt [1640]
O44 - LFC:[MD5.DEF748E54B76F8579CC963DFBB177B8E] - 09/01/2013 - 03:29:48 . (...) -- C:\Windows\System32\FNTCACHE.DAT []
O44 - LFC:[MD5.DEF748E54B76F8579CC963DFBB177B8E] - 09/01/2013 - 03:29:48 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [323280]
~ Scan Files in 00mn 47s



---\\ D�ni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'�diteur de configuration de s�curit� Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de s�curit� Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ Scan Keys in 00mn 00s



---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{e0e47420-67a1-11e2-b8c1-00248c2ea545}\AutoRun\command. (...) -- L:\LaunchU3.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53) (None)

---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.F14215E37CF124104575073F782111D2] - 21/01/2008 - 03:46:53 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [486456]
~ Scan Drivers in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.3.5 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 10/10/2012 - C:\Windows\System32\DRIVERS\avc3.sys (avc3) .(.BitDefender - Active Virus Control filter driver.) - LEGACY_AVC3
O64 - Services: CurCS - 10/10/2012 - C:\Windows\System32\DRIVERS\avckf.sys (avckf) .(.BitDefender - Active Virus Control Kernel Filtering drive.) - LEGACY_AVCKF
O64 - Services: CurCS - 31/12/2012 - C:\Windows\System32\DRIVERS\bdfsfltr.sys (bdfsfltr) .(.BitDefender - BitDefender AntiVirus FS filter driver.) - LEGACY_BDFSFLTR
O64 - Services: CurCS - 14/11/2011 - C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys (bdftdif) .(.BitDefender LLC - BitDefender Firewall TDI Filter Driver.) - LEGACY_BDFTDIF
O64 - Services: CurCS - 17/11/2011 - C:\Windows\system32\drivers\bdsandbox.sys - bdsandbox (bdsandbox) .(...) - LEGACY_BDSANDBOX
O64 - Services: CurCS - 19/01/2010 - C:\Windows\System32\DRIVERS\bdvedisk.sys (BDVEDISK) .(.BitDefender - FileVault Disk Driver.) - LEGACY_BDVEDISK
O64 - Services: CurCS - 14/12/2012 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 28/02/2012 - C:\Windows\System32\drivers\pctDS64.sys (pctDS) .(.PC Tools - PC Tools Data Store.) - LEGACY_PCTDS
O64 - Services: CurCS - 28/02/2012 - C:\Windows\System32\drivers\pctEFA64.sys (pctEFA) .(.PC Tools - PC Tools Extended File Attributes.) - LEGACY_PCTEFA
O64 - Services: CurCS - 01/11/2012 - C:\Windows\System32\Drivers\PCTSD64.sys (PCTSD) .(.PC Tools - PC Tools SD Driver.) - LEGACY_PCTSD
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 31/12/2012 - C:\Windows\System32\DRIVERS\trufos.sys (trufos) .(.BitDefender S.R.L. - Trufos Kernel Module.) - LEGACY_TRUFOS
O64 - Services: CurCS - 28/11/2008 - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl ({55662437-DA8C-40c0-AADA-2C816A897A49}) .(.CyberLink Corp. - Pas de description.) - LEGACY_{55662437-DA8C-40C0-AADA-2C816A897A49}
~ Scan Services in 00mn 27s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'�v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'�v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\system32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\system32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\system32\ie4uinit.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {A72D3B4C-2CF5-4A8A-AD36-DA5FF0AD4633} - (Yahoo!) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {D2BA566D-545B-47D9-98B9-07F966871716} - (Kelkoo) - http://fr.kelkoopartners.net
O69 - SBI: SearchScopes [HKCU] {D51DF043-7144-45C2-BBDE-E78307664823} - (AOL Recherche) - http://slirsredirect.search.aol.com
~ Scan Keys in 00mn 00s



---\\ Recherche des services d�marr�s par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Exp�rience d�application.) -- C:\Windows\System32\aelupsvc.dll [26624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux probl�mes.) -- C:\Windows\System32\wercplsupport.dll [85504]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [302080]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [49664]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [49664]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [179712]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de strat�gie de groupe.) -- C:\Windows\System32\gpsvc.dll [719360]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [454656]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [446464]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de num�rotation automatique d�acc�s distant.) -- C:\Windows\System32\rasauto.dll [98304]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'acc�s distant.) -- C:\Windows\System32\rasmans.dll [309760]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d�interface dynamique.) -- C:\Windows\System32\mprdim.dll [88064]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d��v�nements syst�me (SENS).) -- C:\Windows\System32\sens.dll [61952]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance � Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [342016]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de t�l�phonie Microsoft� Windows(TM).) -- C:\Windows\System32\tapisrv.dll [318976]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [547328]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise � jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arri�re-plan.) -- C:\Windows\System32\qmgr.dll [1081856]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [302080]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivit� IPv6 sur un r�seau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [225280]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [28672]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d�application.) -- C:\Windows\System32\appinfo.dll [45056]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de d�couverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [154112]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multim�dias.) -- C:\Windows\System32\mmcss.dll [37888]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des cl�s.) -- C:\Windows\System32\kmsvc.dll [86528]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [74752]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de t�ches.) -- C:\Windows\System32\schedsvc.dll [855040]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [221696]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll [74752]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d�ordinateurs.) -- C:\Windows\System32\browser.dll [103424]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [178176]
~ Scan Services in 00mn 00s



---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.3B4019A594C942F81593289A161B41F7] [SPRF][31/12/2012] (...) -- C:\ProgramData\1356941061.2596.bin [3780]
[MD5.34D598B5D6AFB17DA47FB16FD877DAFD] [SPRF][31/12/2012] (...) -- C:\ProgramData\1356941061.3024.bin [1936]
[MD5.96412E75ADEA7FDF2E07F3C3BB17D653] [SPRF][31/12/2012] (...) -- C:\ProgramData\1356941061.3140.bin [20954]
[MD5.953D9744BA5B7F703B117DC8F6BE3C83] [SPRF][31/12/2012] (...) -- C:\ProgramData\1356941061.3744.bin [1204]
[MD5.8154A53780137CC4D91AE1CD2EB9BFE3] [SPRF][31/12/2012] (...) -- C:\ProgramData\1356941061.4412.bin [19645]
[MD5.942B034AFD1A221FE5347513945E925C] [SPRF][31/12/2012] (...) -- C:\ProgramData\1356941061.4636.bin [116]
[MD5.506DD423DC1699D87358FA92DE601525] [SPRF][31/12/2012] (...) -- C:\ProgramData\1356941061.4640.bin [783]
[MD5.FD4E2B36A9EFE8A06DD3282531AFD0F7] [SPRF][31/12/2012] (...) -- C:\ProgramData\1356941061.4676.bin [7924]
[MD5.7494F21C51E31ADEA4BC9799F69A6326] [SPRF][31/12/2012] (...) -- C:\ProgramData\1356941917.bdinstall.bin [193459]
[MD5.B593AE4C9C2D8C89B683E830EE699991] [SPRF][06/02/2013] (...) -- C:\ProgramData\nvModes.dat [35845]
~ Scan Files in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "WinCollab-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: "WinCollab-In-UDP" |In - Domain - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: "WinCollab-Out-TCP" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: "WinCollab-In-TCP" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{A9D06F4C-2CA1-4D0D-973F-D17DC5E33BCB}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\TV\QP.exe (.not file.)
O87 - FAEL: "{ADC0C4A5-1AE8-45C9-86F4-1B1893B164A1}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\TV\QPService.exe (.not file.)
O87 - FAEL: "{2F0C1E65-073C-4E33-AA3D-C84AD95988EA}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
O87 - FAEL: "{4A17B962-7533-4C8F-AE54-DAAA0F2B519B}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Music Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
O87 - FAEL: "{684687FC-F983-4D07-9A8E-5EF96F55EC02}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Photo Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
O87 - FAEL: "{7D1EE4F4-3E80-4F68-B8B7-8989833B3812}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Video Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
O87 - FAEL: "{7933EFDF-762A-46CD-AB12-C153501338FB}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O87 - FAEL: "{C34AD789-EB9E-4D90-BAB2-7CDF5A801917}" | In - None - P6 - TRUE | .(.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O87 - FAEL: "{F1FC0482-3179-4B3A-9E02-01A5C21BBBC2}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe (.not file.)
O87 - FAEL: "{1C67B2B5-0DDB-43DD-9F17-CBFFDCB3C4D5}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe (.not file.)
O87 - FAEL: "{7329B65A-9B69-406E-8286-6C677F1D04DF}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe (.not file.)
O87 - FAEL: "{A4E2FC34-A7AC-4310-BFBD-299CFA3FF047}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe (.not file.)
O87 - FAEL: "{34FB3138-E1BA-4EDC-B08E-8F3D21D02126}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe (.not file.)
O87 - FAEL: "{62958A32-D929-42FD-A130-27A54B1EAC06}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
O87 - FAEL: "{922DA64F-7770-4DA1-8BBC-194162B8D0C1}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O87 - FAEL: "TCP Query User{2116520C-0013-4FCE-9CA2-1A51039AB2AD}C:\users\valpham\documents\ratiomaster.net\ratiomaster.net.exe" | In - Private - P6 - TRUE | .(.Nikolay.IT.) -- C:\users\valpham\documents\ratiomaster.net\ratiomaster.net.exe
O87 - FAEL: "UDP Query User{66BF5A06-692B-45ED-ACBD-6D35C699EA68}C:\users\valpham\documents\ratiomaster.net\ratiomaster.net.exe" | In - Private - P17 - TRUE | .(.Nikolay.IT.) -- C:\users\valpham\documents\ratiomaster.net\ratiomaster.net.exe
O87 - FAEL: "TCP Query User{ABF902F2-553C-4717-BC9C-9708AF18B96D}C:\users\valpham\desktop\ratiomaster.net.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\valpham\desktop\ratiomaster.net.exe (.not file.)
O87 - FAEL: "UDP Query User{26592664-42AA-439F-AC8F-59A047D2427F}C:\users\valpham\desktop\ratiomaster.net.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\valpham\desktop\ratiomaster.net.exe (.not file.)
O87 - FAEL: "{F4914C5B-29C9-496A-9ECE-8E9463D4ABF6}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O87 - FAEL: "{25F6EBB4-06BB-4EA7-A9B6-4461C356B50D}" | In - None - P17 - TRUE | .(.Simplygen - ProtectedSearch.) -- C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
O87 - FAEL: "{149118B5-FAE5-48FC-970D-DD6922755205}" | Out - None - P17 - TRUE | .(.Simplygen - ProtectedSearch.) -- C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
~ Scan Firewall in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.10515 - (04/02/2013)
Cl�s trouv�es (Keys found) : 4
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 2
Fichiers trouv�s (Files found) : 0

[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Agent
C:\Program Files (x86)\Protected Search =>Spyware.ProtectedSearch
C:\Program Files (x86)\torntv.com =>Hijacker.TornTV
~ Scan Additionnel in 00mn 14s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "000021090200C0400000000000F01FEC" . (.Module de compatibilit� pour Microsoft Office System 2007.) -- C:\Windows\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe
O90 - PUC: "00002159FA00C0400000000000F01FEC" . (.Microsoft Office PowerPoint Viewer 2007 (French).) -- C:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe,0
O90 - PUC: "098990BCF5D15D11E99A0005AB3E711E" . (.PowerDirector.) -- c:\Windows\Installer\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\ARPPRODUCTICON.exe
O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe
O90 - PUC: "168061B30527E1545BEEB829FB037A01" . (.Microsoft Works.) -- C:\Windows\Installer\{3B160861-7250-451E-B5EE-8B92BF30A710}\MSWorks.exe
O90 - PUC: "2CE0460AE79B1CF4DA4122C7E983B64B" . (.HP Recovery Manager RSS.) -- C:\Windows\Installer\{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}\ARPPRODUCTICON.exe
O90 - PUC: "2D8A5696D56489F4F9AAE0E932843F92" . (.Microsoft LifeCam.) -- C:\Windows\Installer\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}\LifeCamIcon.ico
O90 - PUC: "38E1FB04BE028D11795C00905C206085" . (.Power2Go.) -- c:\Windows\Installer\{40BF1E83-20EB-11D8-97C5-0009C5020658}\ARPPRODUCTICON.exe
O90 - PUC: "42C6FBF1DF1C10144AB2C065F4E9E897" . (.PowerStarter.) -- c:\Windows\Installer\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe
O90 - PUC: "4814A451D3A19FB45AEAF41A6640543F" . (.HP Total Care Advisor.) -- C:\Windows\Installer\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA76301B7449A0500000010" . (.Adobe Reader 9.5.3 - Fran�ais.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-A95000000001}\SC_Reader.ico
O90 - PUC: "6AA8651F2895BFA48A176CE83482CBB3" . (.HP MediaSmart SmartMenu.) -- c:\Windows\Installer\{F1568AA6-5982-4AFB-A871-C68E4328BC3B}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "7C43C21609E58D74B9C5F017D78D7262" . (.swMSM.) -- C:\Windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe
O90 - PUC: "8178D3FC12FE8044EA836AAD891E2E6B" . (.LightScribe System Software 1.14.32.1.) -- c:\Windows\Installer\{CF3D8718-EF21-4408-AE38-A6DA98E1E2B6}\ARPPRODUCTICON.exe
O90 - PUC: "970DACCDC29FAD442B8526F46C15A7A5" . (.MediaSmart DVD.) -- c:\Windows\Installer\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\ARPPRODUCTICON.exe
O90 - PUC: "9B52EE2B00B5FCA4490F2934C3823CE9" . (.HP.) -- c:\Windows\Installer\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\ARPPRODUCTICON.exe
O90 - PUC: "B4FC227D60B411FBDFAEDBB113F9AE75" . (.muvee Reveal.) -- C:\Windows\Installer\{D722CF4B-4B06-BF11-FDEA-BD1B319FEA57}\muveeapp.ico
O90 - PUC: "C4E4AFE2F5B77F841A0CA18A287B9A3C" . (.HP Update.) -- C:\Windows\Installer\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}\ARPPRODUCTICON.exe
O90 - PUC: "C971C95CD8669A946BAE1012CCCF2134" . (.LabelPrint.) -- c:\Windows\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe
O90 - PUC: "D366E3D3E7E477545A06E7DCDD5445A8" . (.PVSonyDll.) -- C:\Windows\Installer\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "DCDAF5A5BC4332F49904DEF18DBAD35A" . (.calibre 64bit.) -- C:\Windows\Installer\{5A5FADCD-34CB-4F23-9940-ED1FD8AB3DA5}\main_icon
O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype� 6.1.) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O90 - PUC: "F60C1AD7319C7C64A8F0ADC2AB71AED1" . (.OpenOffice.org 3.4.1.) -- C:\Windows\Installer\{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}\soffice.ico
O90 - PUC: "F98F5920896F1014A9D7944F70CED228" . (.HP Active Support Library.) -- c:\Windows\Installer\{0295F89F-F698-4101-9A7D-49F407EC2D82}\ARPPRODUCTICON.exe
O90 - PUC: "FAEC7109A5EB37F4A8E08CE76279E155" . (.TomTom HOME.) -- C:\Windows\Installer\{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}\ARPPRODUCTICON.exe
~ Scan Files in 00mn 00s



---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 21/01/2008 27648 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SS - | Demand 23/06/2008 164600 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
SS - | Auto 31/12/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 31/12/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 31/12/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 04/12/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Auto 03/11/2008 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SR - | Auto 22/10/2008 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 14/12/2012 398184 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 14/12/2012 682344 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 29/01/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 0 | (Norton Internet Security) . (...) - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
SR - | Auto 24/03/2010 151144 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SS - | Demand 0 | (PCD5SRVC{8AAF211B-043E02A9-05040000}) . (...) - C:\Program Files (x86)\PC-DOC~1\PCD5SRVC_x64.pkms
SS - | Auto 08/01/2013 161536 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 05/12/2012 92632 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SS - | Demand 14/10/2011 466736 | (Update Server) . (.BitDefender.) - C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
SR - | Auto 28/05/2012 67904 | (UPDATESRV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
SR - | Auto 21/11/2012 1957912 | (VSSERV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
SS - | Auto 21/01/2008 27648 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 21/01/2008 27648 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 28/11/2008 146928 | ({55662437-DA8C-40c0-AADA-2C816A897A49}) . (.CyberLink Corp..) - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
~ Scan Services in 00mn 01s



End of the scan (1123 lines in 02mn 46s)(0)

Publicité


Signaler le contenu de ce document

Publicité