cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v2013.6.25.39 par Nicolas Coolman, Update du 25/06/2013
Run by USER at 27/06/2013 12:14:37
WebSite: http://nicolascoolman.webs.com
State :
WhiteList : Disable
High Elevated Privileges : OK
UAC : Deactivate by user


---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16618
MFIE: Mozilla Firefox 21.0 (Defaut)

---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
Avira AntiVir Personal - Free Antivirus v10.2.0.151
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus v3.0.318.3
ZoneAlarm Firewall v10.2.081.000
ZoneAlarm Security v10.2.081.000
Windows Defender W7

---\\ System Optimizer

---\\ Peer To Peer (P2P)

---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.5 MUI
Java 7 Update 21

---\\ System Information
~ Processor: AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3839 MB (45% free)
System Restore: Activ� (Enable)
System drive C: has 364 GB (80%) free of 453 GB

---\\ Logged in mode
~ Computer Name: USER-PC
~ User Name: USER
~ All Users Names: USER, UpdatusUser, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\USER\AppData\Roaming\
~ %Desktop% : C:\Users\USER\Desktop\
~ %Favorites% : C:\Users\USER\Favorites\
~ %LocalAppData% : C:\Users\USER\AppData\Local\
~ %StartMenu% : C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 364 Go of 453 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 453 Go of 453 Go)
E:\ CD-ROM drive (Not Inserted)
G:\ Hard drive, Flash drive, Thumb drive (Free 156 Go of 233 Go)
H:\ Floppy drive, Flash card reader, USB Key (Free 0 Go of 1 Go)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 37 Scanned in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.12716D987D475B051F35895659159705] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17/05/2013 - 01:59:03.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/47
~ Mes musiques (My Musics) : 1/123
~ Mes Videos (My Videos) : 51/317
~ Mes Favoris (My Favorites) : 1/37
~ Mes Documents (My Documents) : 10/3238
~ Mon Bureau (My Desktop) : 1/128
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 02s



---\\ Processus lanc�s
[MD5.2DC64A3446C8C6E020E781456B46573D] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [10240] [PID.1772]
[MD5.7EC8DC9DC08E216E4897C842EF9CE5BB] - (.Acer Corp. - Acer Touch Portal Launcher.) -- C:\Program Files (x86)\Packard Bell\Packard Bell TouchPortal\TouchPortalLauncher.exe [438376] [PID.1888]
[MD5.3F118F458C35E3ABB750882718FEFF5A] - (.Acer Corp. - Acer Touch Portal Button Monitor.) -- C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe [155752] [PID.1956]
[MD5.BD8CF1A88019ACB735D0F958E0711912] - (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\USER\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136] [PID.2508]
[MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.2772]
[MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [10376704] [PID.2864]
[MD5.6B95289B9BDDE92E03A894FD00664FA9] - (.Creative Technology Ltd - THXAudio.) -- C:\Program Files (x86)\Creative\THX TruStudio PRO\THXAudioCP\THXAudio.exe [1346048] [PID.2900]
[MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [10368512] [PID.2940]
[MD5.2EA4B2BC3260CF3D20F6A164B362F6D4] - (.Pas de propri�taire - Hotkey Utility.) -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe [620136] [PID.3036]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.516]
[MD5.EAC29839FC599867196241B41C2B43D1] - (.alch - ClamWin Antivirus.) -- C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [77824] [PID.2840]
[MD5.E8A5904789AE437A86DC1E50381E4223] - (.Check Point Software Technologies LTD - ZoneAlarm.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73392] [PID.2972]
[MD5.05E38DA1F9E84E40E124C710A6E843B4] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [982112] [PID.5432]
[MD5.95110A1C5A1D228AC1DDF6AB67D00BEB] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [920472] [PID.5220]
[MD5.6FC79A950476A5F539EEB65F9097C0A8] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.3792]
[MD5.60B241EFB669D286C9BF636A0334B3BA] - (.Adobe Systems, Inc. - Adobe Flash Player 11.7 r700.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe [1855880] [PID.4660]
[MD5.71542E087B794FFA72354732A99E7EC3] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7566336] [PID.204]
[MD5.5A19667A580B1CE886EAF968B9743F45] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [383264] [PID.896]
[MD5.FEB6282AFF403EBBCA47A503937CB6A1] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2447440] [PID.1252]
[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [136360] [PID.1768]
[MD5.1474F121C3DF1232D3E7239C03691EE6] - (.Adobe Systems Incorporated - Adobe Photoshop Elements 9.0 (component).) -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408] [PID.2828]
[MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [269480] [PID.3024]
[MD5.0191DEE9B9EB7902AF2CF4F67301095D] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584] [PID.2760]
[MD5.6BCEE9C766815BFFF89DE7D81AF34CE1] - (.Acer Incorporated - Updater Service.) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624] [PID.2924]
[MD5.F12A68ED55053940CADD59CA5E3468DD] - (.Pas de propri�taire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904] [PID.2432]
[MD5.808E07BBD5C68BEB844F46F164F8509E] - (.Secunia - Secunia Update Agent.) -- C:\Program Files (x86)\Secunia\PSI\sua.exe [659992] [PID.2740]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.3264]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.4064]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.4296]
[MD5.9D1CCE440552500DED3A62F9D779CDB4] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [503080] [PID.5028]
~ Processes Running: Scanned in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\n2e9u8hv.default-1349085931457\prefs.js
C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\n2e9u8hv.default-1349085931457\user.js
M0 - MFSP: prefs.js [USER - n2e9u8hv.default-1349085931457] http://www.google.fr
M2 - MFEP: prefs.js [USER - n2e9u8hv.default-1349085931457\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}] [] Garmin Communicator v4.0.4 (..)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/VirtualEarth3D,version=4.0] - (...) -- (.not file.)
~ Firefox Browser: 5 Scanned in 00mn 00s



---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.zonealarm.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 16 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: btorbit.com [64Bits] - {000123B4-9B42-4900-B3F7-F4B073EFC214} . (.Orbitdownloader.com - Orbitcth.) -- C:\Program Files (x86)\Orbitdownloader\orbitcth.dll =>Adware.BitDownload
O2 - BHO: MSS+ Identifier [64Bits] - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} . (.McAfee, Inc. - Quick Browser Identifier for MSS+ Tool.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: e-Carte Bleue Browser Helper Object [64Bits] - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\Windows\SysWow64\BhoECart.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar [64Bits] - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft� Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer [64Bits] - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} . (.Cooliris Inc. - Cooliris for Internet Explorer.) -- C:\Program Files (x86)\PicLensIE\cooliris.dll
~ BHO: 9 Scanned in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: ZoneAlarm Security Engine [64Bits] - [HKLM]{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [TouchPortalV3Launcher] . (.Acer Corp. - Acer Touch Portal Launcher.) -- C:\Program Files (x86)\Packard Bell\Packard Bell TouchPortal\TouchPortalLauncher.exe
O4 - HKLM\..\Run: [TouchORB] . (.Acer Corp. - Acer Touch Portal Button Monitor.) -- C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [THXCfg64] . (.Creative Technology Ltd. - Pas de description.) -- C:\Windows\system32\THXCfg64.dll
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [ISW] . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
O4 - HKCU\..\Run: [SkyDrive] . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\USER\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
O4 - HKLM\..\Wow6432Node\Run: [TouchPortalV3Launcher] . (.Acer Corp. - Acer Touch Portal Launcher.) -- C:\Program Files (x86)\Packard Bell\Packard Bell TouchPortal\TouchPortalLauncher.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [THX Audio Control Panel] . (.Creative Technology Ltd - THXAudio.) -- C:\Program Files (x86)\Creative\THX TruStudio PRO\THXAudioCP\THXAudio.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdReg] . (.Creative Technology Ltd. - Creative UpdReg.) -- C:\Windows\UpdReg.exe
O4 - HKLM\..\Wow6432Node\Run: [Hotkey Utility] . (.Pas de propri�taire - Hotkey Utility.) -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [Smart File Advisor] . (.Filefacts.net - Smart File Advisor.) -- C:\Program Files (x86)\Smart File Advisor\sfa.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [ClamWin] . (.alch - ClamWin Antivirus.) -- C:\Program Files (x86)\ClamWin\bin\ClamTray.exe
O4 - HKLM\..\Wow6432Node\Run: [ZoneAlarm] . (.Check Point Software Technologies LTD - ZoneAlarm.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-315041270-964984680-2072123990-1000\..\Run: [SkyDrive] . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\USER\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Internet Explorer (3).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar: Welcome Center.lnk . (.Acer Incorporated - Welcome Center.) -- C:\Program Files (x86)\Packard Bell\Welcome Center\OEMWelcomeCenter.exe
O4 - GS\TaskBar: Windows Explorer (2).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Explorer (3).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player (2).lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\TaskBar: Windows Media Player (3).lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Microsoft SkyDrive.lnk . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\USER\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
O4 - GS\QuickLaunch: Free PDF to Word Converter.lnk . (.Free-PDF-to-Word.com - Free PDF to Word Converter.) -- C:\Program Files (x86)\Free PDF to Word Converter\PDF2Word.exe
O4 - GS\QuickLaunch: Ic@reV2.lnk . (...) -- C:\Program Files (x86)\Ic@reV2\Icare.exe
O4 - GS\QuickLaunch: IsoBuster.lnk . (.Smart Projects - The Ultimate Data Recovery tool.) -- C:\Program Files (x86)\Smart Projects\IsoBuster\IsoBuster.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
O4 - GS\QuickLaunch: Orbit.lnk . (.Orbitdownloader.com - Orbit Downloader.) -- C:\Program Files (x86)\Orbitdownloader\orbitdm.exe =>Adware.BitDownload
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\SendTo: IsoBuster.lnk . (.Smart Projects - The Ultimate Data Recovery tool.) -- C:\Program Files (x86)\Smart Projects\IsoBuster\IsoBuster.exe
O4 - GS\SendTo: Skype.lnk . (...) -- C:\Program Files (x86)\Skype\Phone\Skype.exe (.not file.)
O4 - GS\SendTo: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop: CDex.lnk . (.The CDex Project - http://cdexos.sourceforg - CDex - Open Source Digital Audio CD Extract.) -- C:\Program Files (x86)\CDex\CDex.exe
O4 - GS\Desktop: Continue vDownloader Installation.lnk . (...) -- C:\Users\USER\AppData\Local\Temp\ICReinstall_VDownloaderInstallerIC.exe (.not file.)
O4 - GS\Desktop: Free PDF to Word Converterr.lnk . (.Free-PDF-to-Word.com - Free PDF to Word Converter.) -- C:\Program Files (x86)\Free PDF to Word Converter\PDF2Word.exe
O4 - GS\Desktop: Miranda IM.lnk . (...) -- C:\Program Files (x86)\Miranda IM\miranda32.exe
O4 - GS\Desktop: TubeMaster++.lnk . (.GgSofts - Multimedia Capture Tool.) -- C:\Program Files (x86)\TubeMaster++\tm++.exe
O4 - GS\Desktop: Virtualis.lnk . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\Program Files (x86)\Virtualis\CMB.exe
O4 - GS\Desktop: VSP - Raccourci.lnk . (.Micro Application - Pas de description.) -- C:\Program Files (x86)\Micro Application\7000 Lettres et Courriers Types\VSP.exe
~ Global Startup: Scanned in 00mn 01s



---\\ Invisibilit� de l'ic�ne d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d�affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft� Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft� Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Winsock: 9 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E8A58C6-8044-449E-B3C4-BF696BA70616}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8E8A58C6-8044-449E-B3C4-BF696BA70616}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{8E8A58C6-8044-449E-B3C4-BF696BA70616}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) . (.Adobe Systems Incorporated - Adobe Photoshop Elements 9.0 (component).) - c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ForceWare Intelligent Application Manage (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propri�taire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: GREGService (GREGService) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) . (.Check Point Software Technologies - ZoneAlarm Browser Security.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Live Updater Service (Live Updater Service) . (.Acer Incorporated - Updater Service.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: ForceWare IP service (nSvcIp) . (.Pas de propri�taire - NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propri�taire - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Secunia Update Agent (Secunia Update Agent) . (.Secunia - Secunia Update Agent.) - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
~ Services: 16 Scanned in 00mn 15s



---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DSite.job [282]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Packard Bell Registration - Data Sending task.job [416]
[MD5.9915504F602D277EE47FD843A677FD15] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [256904]
[MD5.BB7481A1306823D1B6592263F1AB8DD7] [APT] [AdobeAAMUpdater-1.0-USER-PC-USER] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648]
[MD5.518545E8CBD79EBF42891A6066578118] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3591960] =>Piriform Ltd
[MD5.05E38DA1F9E84E40E124C710A6E843B4] [APT] [DeviceDetector] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [982112]
[MD5.EC63F649F7090F885EBD4770FFB92FCB] [APT] [DSite] (...) -- C:\USERs\USER\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.exe [94208]
[MD5.0590E596842B0CCACD6E32D117073D64] [APT] [Packard Bell Registration - Data Sending task] (.Acer Incorporated.) -- C:\Program Files (x86)\Packard Bell\Registration\GREG.exe [835104]
[MD5.00000000000000000000000000000000] [APT] [{2075109B-4019-4637-B0E7-4E754289FA05}] (...) -- C:\USERs\USER\Desktop\FOTOS JLL\SETUPUSB\WinSetupFromUSB_0-2-2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CBD2DCC6-5605-45B5-8352-D5276C680D74}] (...) -- C:\USERs\USER\Downloads\WinSetupFromUSB_0-2-2.exe (.not file.) [0]
~ Scheduled Task: 11 Scanned in 00mn 08s



---\\ Composants install�s (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\Windows\system32\cmd.exe
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - C:\Windows\System32\Drivers\ElbyCDIO.sys
O41 - Driver: (kl2) . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - C:\Windows\System32\DRIVERS\kl2.sys
O41 - Driver: (KLIF) . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64_noagava].) - C:\Windows\System32\DRIVERS\klif.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-syst�me de mise en m�moire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (truecrypt) . (.TrueCrypt Foundation - TrueCrypt Driver.) - C:\Windows\System32\drivers\truecrypt.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\Windows\System32\DRIVERS\vsdatant.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 81 Scanned in 00mn 03s



---\\ Logiciels install�s (O42)
O42 - Logiciel: 7000 Lettres et Courriers Types - (...) [HKLM][64Bits] -- {1AB93ECB-2985-4CA8-807A-913AF340ABE8}
O42 - Logiciel: ABBYY FineReader Standard - (...) [HKLM][64Bits] -- ABBYY FineReader Standard
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A0087DDE-69D0-11E2-AD57-43CA6188709B}
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {F302F4F0-588D-6501-1ACF-BE3FDCC9135D}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop Elements 9 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Photoshop Elements 9
O42 - Logiciel: Adobe Premiere Elements 9 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- PremElem90
O42 - Logiciel: Adobe Premiere Elements 9 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {EB9955F8-467C-47FC-90F8-12CD5DF684C3}
O42 - Logiciel: Adobe Reader 9.5.5 MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}
O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Agatha Christie - 4:50 from Paddington - (.WildTangent.) [HKLM][64Bits] -- WTA-3b40f64e-d2d7-4f3a-b5e0-350092639f0e
O42 - Logiciel: AnyDVD - (.SlySoft.) [HKLM][64Bits] -- AnyDVD
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus v10.2.0.151 - (.Avira GmbH.) [HKLM][64Bits] -- Avira AntiVir Desktop
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-75e882cf-f2e2-4d60-882c-c1cba0945e95
O42 - Logiciel: CDex - Open Source Digital Audio CD Extractor - (.Georgy Berdyshev.) [HKLM][64Bits] -- CDex
O42 - Logiciel: Capital Koala Barre d'aide � l'achat 1.0 - (.Capital Koala SAS.) [HKLM][64Bits] -- {4CA462A2-54C0-41fe-8EF1-08FCA9A40D25}_is1
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-c7ad6a51-a723-4239-ae47-76202bf84fad
O42 - Logiciel: ClamWin Free Antivirus 0.93 - (.alch.) [HKLM][64Bits] -- ClamWin Free Antivirus_is1
O42 - Logiciel: CloneDVD2 - (.Elaborate Bytes.) [HKLM][64Bits] -- CloneDVD2
O42 - Logiciel: Convert VOB to AVI - (.www.convertvobtoavi.com.) [HKLM][64Bits] -- {5FE0C13A-63F1-4394-88A8-2D8722A75FE0}_is1
O42 - Logiciel: Cooliris for Internet Explorer - (.Cooliris Inc..) [HKLM][64Bits] -- {14C52FEF-0236-4D8C-BBE2-E6D7C4F2926D}
O42 - Logiciel: Crazy Chicken Kart 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-956bed02-8760-4410-bc00-5ef3053a55c2
O42 - Logiciel: CyberLink MediaEspresso - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}
O42 - Logiciel: CyberLink MediaEspresso - (.CyberLink Corp..) [HKLM][64Bits] -- {E3739848-5329-48E3-8D28-5BBD6E8BE384}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM][64Bits] -- DVD Shrink_is1
O42 - Logiciel: Dictation Pro - (.Deskshare Inc..) [HKLM][64Bits] -- Dictation Pro_is1
O42 - Logiciel: Diner Dash 2 Free Trial - (.PlayFirst.) [HKLM][64Bits] -- Diner Dash 2 Free Trial_is1
O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM][64Bits] -- WTA-b112a17a-6aba-47ff-86a0-5d83a95e9f7f
O42 - Logiciel: Diner Dash 5 - Boom fr - (.Boonty.) [HKLM][64Bits] -- Diner Dash 5 - Boom_is1
O42 - Logiciel: Elements 9 Organizer - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {433EACD8-4747-4A6A-826A-FFA9F39B0D40}
O42 - Logiciel: Elements STI Installer - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {25175695-4B20-4298-9F34-C2C57CD277B3}
O42 - Logiciel: Elements STI Installer - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}
O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WTA-e6dfac04-9c3e-4a6b-8279-71211a28e930
O42 - Logiciel: FileZilla Client 3.1.3.1 - (...) [HKLM][64Bits] -- FileZilla Client
O42 - Logiciel: Free PDF to Word Converter 2.0 - (.Free-PDF-to-Word.com.) [HKLM][64Bits] -- Free PDF to Word Converter_is1
O42 - Logiciel: Free Video to MP3 Converter version 5.0.13.608 - (.DVDVideoSoft Ltd..) [HKLM][64Bits] -- Free Video to MP3 Converter_is1
O42 - Logiciel: Free YouTube Download version 3.0.22.221 - (.DVDVideoSoft Ltd..) [HKLM][64Bits] -- Free YouTube Download_is1
O42 - Logiciel: Garmin Communicator Plugin - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {E883466C-77EC-44AC-8EC8-417A4A16AB3F}
O42 - Logiciel: Garmin Communicator Plugin x64 - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {D2DB454C-645C-448A-A0B9-B6F6C1D75BA8}
O42 - Logiciel: Hotkey Utility - (.Packard Bell.) [HKLM][64Bits] -- Hotkey Utility
O42 - Logiciel: IZArc 4.1.6 - (.Ivan Zahariev.) [HKLM][64Bits] -- {97C82B44-D408-4F14-9252-47FC1636D23E}_is1
O42 - Logiciel: Ic@reV2 - (.Gendarmerie Nationale.) [HKLM][64Bits] -- Ic@reV2
O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM][64Bits] -- Identity Card
O42 - Logiciel: IsoBuster 3.0 - (.Smart Projects.) [HKLM][64Bits] -- IsoBuster_is1
O42 - Logiciel: Java 7 Update 21 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217017FF}
O42 - Logiciel: Java(TM) 6 Update 45 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216045FF}
O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM][64Bits] -- WTA-660caa48-f0dd-47f0-8638-6aeb844f40cb
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: KeePass Password Safe 1.18 - (.Dominik Reichl.) [HKLM][64Bits] -- KeePass Password Safe_is1
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E}
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM][64Bits] -- {196467F1-C11F-4F76-858B-5812ADC83B94}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan
O42 - Logiciel: MediaShow Espresso - (.CyberLink Corp..) [HKLM][64Bits] -- {4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Primary Interoperability Assemblies 2005 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2C303EE0-A595-3543-A71A-931C7AC40EDE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe
O42 - Logiciel: Microsoft Touch Pack for Windows 7 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FF90DB8-6DED-44A3-B182-244FEC09012F}
O42 - Logiciel: Microsoft XNA Framework Redistributable 3.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {3898934B-05AE-41CD-96BE-70DA9BFBCE1F}
O42 - Logiciel: Miranda IM 0.8.27 - (...) [HKLM][64Bits] -- Miranda IM
O42 - Logiciel: Mises � jour NVIDIA 1.11.3 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Mozilla Firefox 21.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 21.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Mozilla Thunderbird 17.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Thunderbird 17.0 (x86 fr)
O42 - Logiciel: Mystery P.I. - The London Caper - (.WildTangent.) [HKLM][64Bits] -- WTA-e9c9ae36-10a2-4ccc-a0a7-2247659d0a7a
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM][64Bits] -- InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM][64Bits] -- {7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: NVIDIA Pilote 3D Vision 311.06 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Pilote graphique 311.06 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo
O42 - Logiciel: Nero Control Center 10 - (.Nero AG.) [HKLM][64Bits] -- {6DFB899F-17A2-48F0-A533-ED8D6866CF38}
O42 - Logiciel: Nero ControlCenter 10 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
O42 - Logiciel: Nero Core Components 10 - (.Nero AG.) [HKLM][64Bits] -- {2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
O42 - Logiciel: Nero DiscSpeed 10 - (.Nero AG.) [HKLM][64Bits] -- {34490F4E-48D0-492E-8249-B48BECF0537C}
O42 - Logiciel: Nero DiscSpeed 10 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {C18A0418-442A-4186-AF98-D08F5054A2FC}
O42 - Logiciel: Nero Express 10 - (.Nero AG.) [HKLM][64Bits] -- {70550193-1C22-445C-8FA4-564E155DB1A7}
O42 - Logiciel: Nero Express 10 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {33643918-7957-4839-92C7-EA96CB621A98}
O42 - Logiciel: Nero Multimedia Suite 10 Essentials - (.Nero AG.) [HKLM][64Bits] -- {62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}
O42 - Logiciel: Nero StartSmart 10 - (.Nero AG.) [HKLM][64Bits] -- {F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
O42 - Logiciel: Nero StartSmart 10 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
O42 - Logiciel: OpenOffice.org 3.4.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}
O42 - Logiciel: Orbit Downloader - (.www.orbitdownloader.com.) [HKLM][64Bits] -- Orbit_is1 =>Adware.BitDownload
O42 - Logiciel: Packard Bell Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent packardbell Master Uninstall
O42 - Logiciel: Packard Bell Recovery Management - (.Packard Bell.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Packard Bell Registration - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Registration
O42 - Logiciel: Packard Bell ScreenSaver - (.Packard Bell .) [HKLM][64Bits] -- Packard Bell Screensaver
O42 - Logiciel: Packard Bell Software Suite SE - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Software Suite SE
O42 - Logiciel: Packard Bell TouchPortal - (.Packard Bell Incorporated.) [HKLM][64Bits] -- {C652F86F-348A-4A65-8BE8-A3F7A6370D98}
O42 - Logiciel: Packard Bell Updater - (.Packard Bell.) [HKLM][64Bits] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WTA-9ab407d7-daa8-4bdc-b0f3-75ead6bfd2ce
O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WTA-7891a184-f8e6-4e9a-bc09-b20db8dfa730
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-d55a5674-4e63-4f6e-ae91-dddcf88dfe81
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SWF Opener - (.UnH Solutions.) [HKLM][64Bits] -- {01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1
O42 - Logiciel: Skype� 6.3 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: Smart File Advisor 1.1.1 - (.Filefacts.net.) [HKLM][64Bits] -- Smart File Advisor_is1
O42 - Logiciel: THX TruStudio PRO - (.Creative Technology Limited.) [HKLM][64Bits] -- {97BE901A-9940-4ACF-9921-A6FAA284AC03}
O42 - Logiciel: Torchlight - (.WildTangent.) [HKLM][64Bits] -- WTA-7d03dcd4-a34b-4ddc-a9ba-a78d9689b84b
O42 - Logiciel: Touch MVP - (.CyberLink Corp..) [HKLM][64Bits] -- {2637C347-9DAD-11D6-9EA2-00055D0CA761}
O42 - Logiciel: Touch Movie - (.CyberLink Corp..) [HKLM][64Bits] -- {B906C11A-D193-4143-9FA7-E2EE8A5A8F21}
O42 - Logiciel: TouchSettings - (.Packard Bell.) [HKLM][64Bits] -- {75880CD4-9436-4EDD-B7E7-400EBFD60B2C}
O42 - Logiciel: TrueCrypt - (.TrueCrypt Foundation.) [HKLM][64Bits] -- TrueCrypt
O42 - Logiciel: TubeMaster++ 2.7 - (.GgSofts.) [HKLM][64Bits] -- TubeMaster++
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
O42 - Logiciel: Update for Zip Opener - (...) [HKCU][64Bits] -- DSite
O42 - Logiciel: VLC media player 2.0.6 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Virtual Earth 3D (Beta) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6ACE7F46-FACE-4125-AE86-672F4F2A6A28}
O42 - Logiciel: Virtual Villagers - The Secret City - (.WildTangent.) [HKLM][64Bits] -- WTA-98f81080-8e19-47e7-8e9c-5bd9e86bdb26
O42 - Logiciel: Virtualis Cr�dit Mutuel - (...) [HKLM][64Bits] -- Virtualis Cr�dit Mutuel
O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM][64Bits] -- WTA-1d29259e-2952-43db-822d-84eff3cecea5
O42 - Logiciel: Welcome Center - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Welcome Center
O42 - Logiciel: WildTangent Games App (Packard Bell Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell
O42 - Logiciel: WinISO - (.WinISO Computing Inc..) [HKLM][64Bits] -- WinISO
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM][64Bits] -- WinPcapInst
O42 - Logiciel: Youtube Downloader HD v. 2.9.2 - (.YoutubeDownloaderHD.com.) [HKLM][64Bits] -- Youtube Downloader HD_is1 =>PUP.Dealio
O42 - Logiciel: ZoneAlarm Antivirus - (.Check Point Software Technologies Ltd..) [HKLM][64Bits] -- {9532F6E0-ED0A-41A4-87F9-49478E44E8C1}
O42 - Logiciel: ZoneAlarm Firewall - (.Check Point Software Technologies Ltd..) [HKLM][64Bits] -- {075A7877-02CA-4B15-8534-1211712A8E79}
O42 - Logiciel: ZoneAlarm Free Antivirus + Firewall - (.Check Point.) [HKLM][64Bits] -- ZoneAlarm Free Antivirus + Firewall
O42 - Logiciel: ZoneAlarm Security - (.Check Point Software Technologies Ltd..) [HKLM][64Bits] -- {1BD9E24B-DB16-491C-8092-F158664BB9F6}
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-c7e53523-a717-4040-9ad8-b131a9c09360
O42 - Logiciel: aTube Catcher - (.DsNET Corp.) [HKLM][64Bits] -- aTube Catcher
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 245 Scanned in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\ISWVolatile]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\cooliris]
[HKCU\Software\AppDataLow]
[HKCU\Software\Avira]
[HKCU\Software\BITSoft]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\Bitdefender]
[HKCU\Software\Capital Koala]
[HKCU\Software\CheckPoint]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Creative Tech]
[HKCU\Software\CyberLink]
[HKCU\Software\DSS]
[HKCU\Software\DSiteProducts]
[HKCU\Software\DVD Shrink]
[HKCU\Software\DVDVideoSoft]
[HKCU\Software\Elaborate Bytes]
[HKCU\Software\Garmin]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\IZSoftware]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\OEM]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Orbit]
[HKCU\Software\Packard Bell]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\ProgSense]
[HKCU\Software\Qtrax]
[HKCU\Software\Realtek]
[HKCU\Software\Secunia]
[HKCU\Software\Skype]
[HKCU\Software\SlySoft]
[HKCU\Software\Smart File Advisor]
[HKCU\Software\Smart Projects]
[HKCU\Software\SysInternals]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\UnH Solutions]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Winamp]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Xenocode]
[HKCU\Software\Zone Labs]
[HKCU\Software\cooliris]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AcerUtil]
[HKLM\Software\Acer]
[HKLM\Software\CBSTEST]
[HKLM\Software\CheckPoint]
[HKLM\Software\ClamWin]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\Cyberlink]
[HKLM\Software\FileZilla 3]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OOBEOffer]
[HKLM\Software\OemSetup]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\ABBYY]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Avira]
[HKLM\Software\Wow6432Node\Big Fish Games]
[HKLM\Software\Wow6432Node\Boonty]
[HKLM\Software\Wow6432Node\CheckPoint]
[HKLM\Software\Wow6432Node\ClamWin]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Creative Tech]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DVDVideoSoft]
[HKLM\Software\Wow6432Node\ESI]
[HKLM\Software\Wow6432Node\Elaborate Bytes]
[HKLM\Software\Wow6432Node\FileZilla 3]
[HKLM\Software\Wow6432Node\Garmin]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\Jetico]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\KasperskyLab]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\Micro Application]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NVIDIA Corporation]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\OpenOffice.org]
[HKLM\Software\Wow6432Node\Orbit]
[HKLM\Software\Wow6432Node\Packard Bell Incorporated]
[HKLM\Software\Wow6432Node\Packard Bell]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\PowerQuest]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Secunia]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\SlySoft]
[HKLM\Software\Wow6432Node\Smart File Advisor]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\Sonic]
[HKLM\Software\Wow6432Node\SymNRT]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Trad-FR]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\WinPcap]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\X-AVCSD]
[HKLM\Software\Wow6432Node\Zone Labs]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 268 Scanned in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 19/01/2013 - 11:52:43 - [87,485] ----D C:\Program Files (x86)\ABBYY FineReader Standard
O43 - CFD: 23/05/2013 - 20:13:49 - [-1821,498] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 03/11/2012 - 14:07:17 - [147,600] ----D C:\Program Files (x86)\Avira
O43 - CFD: 22/05/2012 - 19:10:19 - [84,742] ----D C:\Program Files (x86)\BoontyGames
O43 - CFD: 21/03/2012 - 23:32:45 - [0,427] ----D C:\Program Files (x86)\Capital Koala Barre
O43 - CFD: 11/11/2012 - 15:59:35 - [12,017] ----D C:\Program Files (x86)\CDex
O43 - CFD: 23/06/2013 - 13:14:06 - [57,526] ----D C:\Program Files (x86)\CheckPoint
O43 - CFD: 05/06/2013 - 19:38:22 - [20,241] ----D C:\Program Files (x86)\ClamWin
O43 - CFD: 03/06/2013 - 15:20:07 - [566,949] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 05/05/2012 - 23:24:46 - [15,141] ----D C:\Program Files (x86)\Convert VOB to AVI
O43 - CFD: 02/03/2012 - 14:00:40 - [5,582] ----D C:\Program Files (x86)\Creative
O43 - CFD: 02/03/2012 - 14:14:45 - [158,459] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 23/09/2012 - 23:29:44 - [7,107] ----D C:\Program Files (x86)\DAEMON Tools Lite
O43 - CFD: 19/05/2013 - 16:57:15 - [28,584] ----D C:\Program Files (x86)\Deskshare
O43 - CFD: 24/05/2012 - 20:22:57 - [12,774] ----D C:\Program Files (x86)\DinerDash2_at
O43 - CFD: 29/09/2012 - 23:02:38 - [38,179] ----D C:\Program Files (x86)\DsNET Corp
O43 - CFD: 29/04/2012 - 23:07:03 - [0,847] ----D C:\Program Files (x86)\DVD Shrink
O43 - CFD: 29/09/2012 - 22:53:01 - [28,584] ----D C:\Program Files (x86)\DVDVideoSoft
O43 - CFD: 29/04/2012 - 22:39:23 - [8,589] ----D C:\Program Files (x86)\Elaborate Bytes
O43 - CFD: 05/06/2013 - 19:37:25 - [12,500] ----D C:\Program Files (x86)\FileZilla FTP Client
O43 - CFD: 14/11/2012 - 16:55:53 - [1,469] ----D C:\Program Files (x86)\Free PDF to Word Converter
O43 - CFD: 10/11/2012 - 14:38:48 - [0] ----D C:\Program Files (x86)\Garmin
O43 - CFD: 10/11/2012 - 14:39:02 - [14,688] ----D C:\Program Files (x86)\Garmin GPS Plugin
O43 - CFD: 31/12/2012 - 19:03:07 - [39,245] ----D C:\Program Files (x86)\Ic@reV2
O43 - CFD: 26/01/2013 - 14:34:06 - [121,712] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 26/06/2013 - 16:59:29 - [4,885] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 26/05/2012 - 22:59:43 - [13,224] ----D C:\Program Files (x86)\IZArc
O43 - CFD: 23/05/2013 - 20:13:00 - [209,400] ----D C:\Program Files (x86)\Java
O43 - CFD: 05/06/2013 - 19:36:53 - [1,936] ----D C:\Program Files (x86)\KeePass Password Safe
O43 - CFD: 23/05/2013 - 18:06:13 - [13,329] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 14/02/2013 - 14:07:28 - [11,498] ----D C:\Program Files (x86)\McAfee Security Scan
O43 - CFD: 26/01/2013 - 14:34:07 - [20,407] ----D C:\Program Files (x86)\Micro Application
O43 - CFD: 01/05/2012 - 15:27:33 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 22/03/2012 - 03:51:36 - [12,399] ----D C:\Program Files (x86)\Microsoft Application Virtualization Client
O43 - CFD: 22/03/2012 - 03:32:45 - [6,425] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 13/03/2013 - 20:11:43 - [40,835] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 02/03/2012 - 14:37:59 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 16/03/2011 - 09:53:19 - [322,885] ----D C:\Program Files (x86)\Microsoft Touch Pack for Windows 7
O43 - CFD: 16/03/2011 - 09:52:38 - [5,405] ----D C:\Program Files (x86)\Microsoft XNA
O43 - CFD: 26/06/2013 - 17:14:52 - [7,816] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 05/06/2013 - 19:37:53 - [4,823] ----D C:\Program Files (x86)\Miranda IM
O43 - CFD: 26/06/2013 - 16:59:29 - [45,996] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 26/06/2013 - 16:59:28 - [0,214] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 27/06/2013 - 09:44:32 - [43,348] ----D C:\Program Files (x86)\Mozilla Thunderbird
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 24/05/2013 - 13:42:19 - [0,147] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 16/03/2011 - 10:32:03 - [324,157] ----D C:\Program Files (x86)\Nero
O43 - CFD: 14/04/2013 - 09:45:32 - [53,990] ----D C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 24/05/2013 - 13:40:56 - [288,773] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 10/07/2012 - 03:10:39 - [14,051] ----D C:\Program Files (x86)\Orbitdownloader =>Adware.BitDownload
O43 - CFD: 02/03/2012 - 14:50:56 - [984,738] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 16/03/2011 - 09:57:20 - [663,834] ----D C:\Program Files (x86)\Packard Bell Games
O43 - CFD: 16/03/2011 - 09:58:09 - [6,067] ----D C:\Program Files (x86)\PicLensIE
O43 - CFD: 02/03/2012 - 13:52:59 - [3,205] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [37,360] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 23/05/2013 - 20:06:27 - [28,263] ----D C:\Program Files (x86)\Secunia
O43 - CFD: 03/06/2013 - 15:20:07 - [0,253] R---D C:\Program Files (x86)\Skype
O43 - CFD: 29/04/2012 - 23:18:26 - [12,331] ----D C:\Program Files (x86)\SlySoft
O43 - CFD: 22/04/2012 - 21:54:37 - [1,526] ----D C:\Program Files (x86)\Smart File Advisor
O43 - CFD: 22/04/2012 - 21:54:37 - [9,978] ----D C:\Program Files (x86)\Smart Projects
O43 - CFD: 16/03/2011 - 10:32:30 - [0,664] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 02/03/2012 - 13:53:14 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 16/03/2011 - 10:34:23 - [0,339] ----D C:\Program Files (x86)\TouchSettings
O43 - CFD: 01/12/2012 - 15:32:55 - [10,211] ----D C:\Program Files (x86)\TubeMaster++
O43 - CFD: 10/07/2012 - 03:22:41 - [1,495] ----D C:\Program Files (x86)\UnH Solutions
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 22/03/2012 - 00:26:14 - [105,660] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 16/03/2011 - 09:52:44 - [13,800] ----D C:\Program Files (x86)\Virtual Earth 3D
O43 - CFD: 05/01/2013 - 10:11:09 - [0,303] ----D C:\Program Files (x86)\Virtualis
O43 - CFD: 16/03/2011 - 09:55:20 - [10,041] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 02/03/2012 - 22:43:10 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 01/07/2012 - 20:23:44 - [529,817] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 02/03/2012 - 22:43:10 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 02/03/2012 - 22:43:10 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 02/03/2012 - 22:43:10 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 05:31:38 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 02/03/2012 - 22:43:10 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/04/2012 - 21:47:42 - [22,274] ----D C:\Program Files (x86)\WinISO Computing
O43 - CFD: 22/03/2012 - 01:05:34 - [0,227] ----D C:\Program Files (x86)\WinPcap
O43 - CFD: 25/03/2012 - 03:39:26 - [5,242] ----D C:\Program Files (x86)\Youtube Downloader HD =>PUP.Dealio
O43 - CFD: 27/06/2013 - 12:14:54 - [16,948] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 30/03/2012 - 19:23:49 - [326,209] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 23/05/2013 - 20:13:49 - [45,604] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 22/03/2012 - 03:32:45 - [0,095] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 29/09/2012 - 22:53:06 - [83,124] ----D C:\Program Files (x86)\Common Files\DVDVideoSoft
O43 - CFD: 26/01/2013 - 14:33:20 - [6,401] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 19/04/2013 - 18:29:36 - [1,189] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 18/12/2012 - 21:06:24 - [40,551] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 16/03/2011 - 10:31:25 - [8,209] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 02/03/2012 - 14:20:38 - [4,340] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 03/06/2013 - 15:20:07 - [1,904] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 02/03/2012 - 14:16:46 - [0,356] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 22/03/2012 - 04:24:40 - [9,767] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 02/03/2012 - 14:23:14 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 05/06/2013 - 19:38:22 - [127,444] ----D C:\ProgramData\.clamwin
O43 - CFD: 28/04/2013 - 10:00:29 - [0,000] ----D C:\ProgramData\Acer
O43 - CFD: 15/04/2013 - 19:36:21 - [1637,460] ----D C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 16/03/2011 - 09:53:10 - [206,563] ----D C:\ProgramData\Applications
O43 - CFD: 03/11/2012 - 14:07:17 - [166,952] ----D C:\ProgramData\Avira
O43 - CFD: 02/03/2012 - 20:11:56 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 26/06/2013 - 17:05:07 - [0,571] ----D C:\ProgramData\Capital Koala
O43 - CFD: 23/06/2013 - 13:07:23 - [628,022] ----D C:\ProgramData\CheckPoint
O43 - CFD: 10/07/2012 - 03:22:01 - [0,000] --H-D C:\ProgramData\Common Files
O43 - CFD: 28/04/2012 - 17:38:15 - [0,110] ----D C:\ProgramData\CyberLink
O43 - CFD: 23/09/2012 - 23:07:56 - [0,001] ----D C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 23/09/2012 - 22:57:58 - [0,001] ----D C:\ProgramData\DAEMON Tools Pro
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 29/04/2012 - 23:07:05 - [0,000] ----D C:\ProgramData\DVD Shrink
O43 - CFD: 02/03/2012 - 20:11:56 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 30/09/2012 - 20:10:17 - [15,967] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 19/09/2012 - 19:03:05 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 26/06/2013 - 16:59:26 - [0,001] ----D C:\ProgramData\McAfee Security Scan
O43 - CFD: 02/03/2012 - 20:11:56 - [0] --H-D C:\ProgramData\Menu D�marrer
O43 - CFD: 01/05/2012 - 15:27:33 - [-1780,330] -S--D C:\ProgramData\Microsoft
O43 - CFD: 22/03/2012 - 17:00:14 - [0,048] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 04/07/2012 - 00:56:56 - [0] ----D C:\ProgramData\Microsoft SkyDrive
O43 - CFD: 02/03/2012 - 20:11:56 - [0] --H-D C:\ProgramData\Mod�les
O43 - CFD: 05/05/2012 - 14:27:49 - [0,000] ----D C:\ProgramData\Mozilla
O43 - CFD: 16/03/2011 - 10:32:05 - [2,468] ----D C:\ProgramData\Nero
O43 - CFD: 17/04/2012 - 00:04:29 - [0,016] ----D C:\ProgramData\Norton
O43 - CFD: 01/05/2012 - 15:01:28 - [0,717] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 27/06/2013 - 09:42:20 - [2,587] ----D C:\ProgramData\NVIDIA
O43 - CFD: 18/11/2012 - 07:55:40 - [2,104] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 02/03/2012 - 20:14:42 - [0,001] ----D C:\ProgramData\oem
O43 - CFD: 16/03/2011 - 10:00:28 - [0,927] ----D C:\ProgramData\Packard Bell
O43 - CFD: 24/05/2012 - 20:24:00 - [0] ----D C:\ProgramData\PlayFirst
O43 - CFD: 03/04/2012 - 19:40:15 - [0,002] ----D C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 26/06/2013 - 17:36:16 - [66,238] ----D C:\ProgramData\Skype
O43 - CFD: 29/04/2012 - 23:20:25 - [0,083] ----D C:\ProgramData\SlySoft
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 22/03/2012 - 01:08:23 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 02/03/2012 - 14:48:32 - [1,138] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 19/09/2012 - 21:44:39 - [71,303] ----D C:\ProgramData\VirtualizedApplications
O43 - CFD: 22/03/2012 - 20:10:42 - [864,379] ----D C:\ProgramData\WildTangent
O43 - CFD: 15/04/2012 - 04:02:06 - [0] ----D C:\ProgramData\WinZip
O43 - CFD: 06/06/2013 - 06:08:55 - [0,025] ----D C:\Users\USER\AppData\Roaming\.clamwin
O43 - CFD: 03/04/2012 - 19:40:24 - [18,131] ----D C:\Users\USER\AppData\Roaming\Adobe
O43 - CFD: 03/11/2012 - 14:12:47 - [0] ----D C:\Users\USER\AppData\Roaming\Avira
O43 - CFD: 23/06/2013 - 13:13:49 - [0,018] ----D C:\Users\USER\AppData\Roaming\CheckPoint
O43 - CFD: 21/03/2012 - 18:53:11 - [0] ----D C:\Users\USER\AppData\Roaming\CyberLink
O43 - CFD: 23/09/2012 - 23:37:25 - [0,228] ----D C:\Users\USER\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 19/05/2013 - 11:07:26 - [0,090] ----D C:\Users\USER\AppData\Roaming\DSite
O43 - CFD: 26/06/2013 - 16:59:17 - [0,000] ----D C:\Users\USER\AppData\Roaming\dvdcss
O43 - CFD: 29/09/2012 - 22:53:14 - [2,542] ----D C:\Users\USER\AppData\Roaming\DVDVideoSoft
O43 - CFD: 26/06/2013 - 16:59:17 - [0,000] ----D C:\Users\USER\AppData\Roaming\Free-PDF-to-Word.com
O43 - CFD: 10/11/2012 - 14:38:11 - [0,001] ----D C:\Users\USER\AppData\Roaming\Garmin
O43 - CFD: 10/07/2012 - 03:10:41 - [0] ----D C:\Users\USER\AppData\Roaming\GrabPro
O43 - CFD: 21/11/2010 - 04:51:08 - [0] ----D C:\Users\USER\AppData\Roaming\Identities
O43 - CFD: 27/05/2012 - 00:04:00 - [0,012] ----D C:\Users\USER\AppData\Roaming\Macromedia
O43 - CFD: 30/09/2012 - 20:10:50 - [0,016] ----D C:\Users\USER\AppData\Roaming\Malwarebytes
O43 - CFD: 26/06/2013 - 16:59:15 - [9,785] -S--D C:\Users\USER\AppData\Roaming\Microsoft
O43 - CFD: 17/04/2012 - 00:04:31 - [98,958] ----D C:\Users\USER\AppData\Roaming\Mozilla
O43 - CFD: 21/03/2012 - 18:46:36 - [0] ----D C:\Users\USER\AppData\Roaming\MyJournals
O43 - CFD: 09/04/2012 - 00:50:59 - [0,179] ----D C:\Users\USER\AppData\Roaming\Nero
O43 - CFD: 02/03/2012 - 20:14:58 - [29,922] ----D C:\Users\USER\AppData\Roaming\OEM
O43 - CFD: 22/03/2012 - 17:24:20 - [20,929] ----D C:\Users\USER\AppData\Roaming\OpenOffice.org
O43 - CFD: 26/06/2013 - 16:59:13 - [8,866] ----D C:\Users\USER\AppData\Roaming\Orbit
O43 - CFD: 27/05/2012 - 00:04:00 - [0,111] ----D C:\Users\USER\AppData\Roaming\PlayFirst
O43 - CFD: 26/06/2013 - 16:59:13 - [0,000] ----D C:\Users\USER\AppData\Roaming\pluzzdl
O43 - CFD: 26/06/2013 - 16:59:13 - [0,012] ----D C:\Users\USER\AppData\Roaming\PowerCinema
O43 - CFD: 10/07/2012 - 03:10:46 - [0,000] ----D C:\Users\USER\AppData\Roaming\ProgSense
O43 - CFD: 23/06/2013 - 10:02:11 - [0,052] ----D C:\Users\USER\AppData\Roaming\QuickScan
O43 - CFD: 26/06/2013 - 17:36:11 - [4,734] ----D C:\Users\USER\AppData\Roaming\Skype
O43 - CFD: 26/06/2013 - 21:47:13 - [4,826] ----D C:\Users\USER\AppData\Roaming\SoftGrid Client
O43 - CFD: 26/06/2013 - 16:59:12 - [274,579] ----D C:\Users\USER\AppData\Roaming\Thunderbird
O43 - CFD: 26/06/2013 - 16:59:10 - [0,039] ----D C:\Users\USER\AppData\Roaming\TouchBrowser
O43 - CFD: 26/06/2013 - 16:59:10 - [1,980] ----D C:\Users\USER\AppData\Roaming\TouchGadget
O43 - CFD: 17/03/2012 - 17:56:10 - [0] ----D C:\Users\USER\AppData\Roaming\TouchPortalV3
O43 - CFD: 22/03/2012 - 03:33:47 - [0] ----D C:\Users\USER\AppData\Roaming\TP
O43 - CFD: 06/06/2013 - 06:23:20 - [0,002] ----D C:\Users\USER\AppData\Roaming\TrueCrypt
O43 - CFD: 26/06/2013 - 16:59:10 - [0,078] ----D C:\Users\USER\AppData\Roaming\vlc
O43 - CFD: 21/03/2012 - 18:46:40 - [0,001] ----D C:\Users\USER\AppData\Roaming\WebClip
O43 - CFD: 06/04/2012 - 15:39:15 - [0] ----D C:\Users\USER\AppData\Roaming\Windows Live Writer
O43 - CFD: 26/06/2013 - 16:59:10 - [0,001] ----D C:\Users\USER\AppData\Roaming\WinISO Computing
O43 - CFD: 26/06/2013 - 16:59:10 - [0,000] ----D C:\Users\USER\AppData\Roaming\Youtube Downloader HD =>PUP.Dealio
O43 - CFD: 03/04/2012 - 19:47:34 - [0,894] ----D C:\Users\USER\AppData\Local\Adobe
O43 - CFD: 02/03/2012 - 20:12:11 - [0] ----D C:\Users\USER\AppData\Local\Application Data
O43 - CFD: 16/03/2011 - 09:58:18 - [0,024] ----D C:\Users\USER\AppData\Local\Cooliris
O43 - CFD: 23/06/2013 - 10:00:44 - [1,507] ----D C:\Users\USER\AppData\Local\CrashDumps
O43 - CFD: 21/03/2012 - 18:47:24 - [0,140] ----D C:\Users\USER\AppData\Local\Cyberlink
O43 - CFD: 19/05/2013 - 16:57:23 - [0,016] ----D C:\Users\USER\AppData\Local\DeskShare Data
O43 - CFD: 30/04/2012 - 13:33:58 - [0] ----D C:\Users\USER\AppData\Local\Diagnostics
O43 - CFD: 26/06/2013 - 16:59:24 - [12,797] ----D C:\Users\USER\AppData\Local\Downloaded Installations
O43 - CFD: 07/06/2013 - 21:30:54 - [1,471] ----D C:\Users\USER\AppData\Local\ElevatedDiagnostics
O43 - CFD: 02/03/2012 - 20:12:11 - [0] ----D C:\Users\USER\AppData\Local\Historique
O43 - CFD: 16/03/2011 - 09:52:55 - [0,001] ----D C:\Users\USER\AppData\Local\IsolatedStorage
O43 - CFD: 16/06/2012 - 00:43:42 - [0] ----D C:\Users\USER\AppData\Local\Macromedia
O43 - CFD: 26/06/2013 - 16:59:23 - [392,715] ----D C:\Users\USER\AppData\Local\Microsoft
O43 - CFD: 15/05/2013 - 17:47:13 - [0,521] ----D C:\Users\USER\AppData\Local\Microsoft Games
O43 - CFD: 22/03/2012 - 17:00:10 - [0] ----D C:\Users\USER\AppData\Local\Microsoft Help
O43 - CFD: 17/04/2012 - 00:03:57 - [310,544] ----D C:\Users\USER\AppData\Local\Mozilla
O43 - CFD: 16/03/2011 - 10:37:10 - [0,004] ----D C:\Users\USER\AppData\Local\Packard Bell
O43 - CFD: 21/03/2012 - 18:53:07 - [4,902] ----D C:\Users\USER\AppData\Local\PowerCinema
O43 - CFD: 01/01/2013 - 18:25:31 - [0] ----D C:\Users\USER\AppData\Local\Programs
O43 - CFD: 23/05/2013 - 20:06:35 - [0] ----D C:\Users\USER\AppData\Local\Secunia PSI
O43 - CFD: 22/03/2012 - 03:33:37 - [4,309] ----D C:\Users\USER\AppData\Local\SoftGrid Client
O43 - CFD: 19/05/2013 - 16:57:17 - [0] ----D C:\Users\USER\AppData\Local\Spoon
O43 - CFD: 27/06/2013 - 12:12:40 - [66,061] ----D C:\Users\USER\AppData\Local\Temp
O43 - CFD: 02/03/2012 - 20:12:11 - [0] ----D C:\Users\USER\AppData\Local\Temporary Internet Files
O43 - CFD: 11/06/2013 - 14:50:31 - [26,174] ----D C:\Users\USER\AppData\Local\Thunderbird
O43 - CFD: 02/03/2012 - 20:14:46 - [0] ----D C:\Users\USER\AppData\Local\VirtualStore
O43 - CFD: 21/07/2012 - 12:39:50 - [0,152] ----D C:\Users\USER\AppData\Local\Windows Live
O43 - CFD: 06/04/2012 - 15:39:22 - [0,618] ----D C:\Users\USER\AppData\Local\Windows Live Writer
O43 - CFD: 22/04/2012 - 21:47:50 - [17,514] ----D C:\Users\USER\AppData\Local\WinISO Computing
O43 - CFD: 26/06/2013 - 16:59:14 - [0,014] R---D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 26/06/2013 - 16:59:14 - [0,000] R---D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 26/06/2013 - 16:59:14 - [0,001] ----D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cooliris
O43 - CFD: 26/06/2013 - 16:59:14 - [0,000] ----D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 26/06/2013 - 16:59:14 - [0,001] R---D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 26/06/2013 - 16:59:14 - [0,001] R---D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/06/2013 - 16:59:14 - [0,001] ----D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TubeMaster++
O43 - CFD: 10/07/2012 - 03:22:41 - [0] ----D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnH Solutions
O43 - CFD: 26/06/2013 - 16:59:14 - [0,002] ----D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISO
~ 3 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 223 Scanned in 00mn 31s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.3BFA66E72B9008A82AC9803A80F4D796] - 27/06/2013 - 10:34:26 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1762152]
O44 - LFC:[MD5.82FE32EDE16D6B564B8FFC0507364307] - 27/06/2013 - 09:06:32 ---A- . (...) -- C:\Windows\setupact.log [1848]
O44 - LFC:[MD5.6683DA5E952B2D5E84A5A6A721A361CE] - 27/06/2013 - 08:47:51 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.A171954DE8C2D2F7405379C95BE3FF46] - 26/06/2013 - 16:28:25 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1572990]
O44 - LFC:[MD5.A1EDA5E50D6BB3B1A13511C2804431E1] - 26/06/2013 - 16:28:25 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106598]
O44 - LFC:[MD5.B8124B92D5DDAA79B8039153A139AD4E] - 26/06/2013 - 16:28:25 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130956]
O44 - LFC:[MD5.A814D26875FEE3EC186077CB1B726B9C] - 26/06/2013 - 16:28:25 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616476]
O44 - LFC:[MD5.B7C67EBBDC79F39E76FFBE2BA50EB810] - 26/06/2013 - 16:28:25 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704908]
O44 - LFC:[MD5.A171954DE8C2D2F7405379C95BE3FF46] - 26/06/2013 - 16:28:25 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1572990]
O44 - LFC:[MD5.A1EDA5E50D6BB3B1A13511C2804431E1] - 26/06/2013 - 16:28:25 RSHAD . (...) -- C:\Windows\System32\perfc009.dat [106598]
O44 - LFC:[MD5.B8124B92D5DDAA79B8039153A139AD4E] - 26/06/2013 - 16:28:25 RSHAD . (...) -- C:\Windows\System32\perfc00C.dat [130956]
O44 - LFC:[MD5.A814D26875FEE3EC186077CB1B726B9C] - 26/06/2013 - 16:28:25 RSHAD . (...) -- C:\Windows\System32\perfh009.dat [616476]
O44 - LFC:[MD5.B7C67EBBDC79F39E76FFBE2BA50EB810] - 26/06/2013 - 16:28:25 RSHAD . (...) -- C:\Windows\System32\perfh00C.dat [704908]
O44 - LFC:[MD5.704CB01B81C9CB35CCC43444A427F293] - 23/06/2013 - 16:08:13 ---A- . (...) -- C:\Windows\PFRO.log [1480]
O44 - LFC:[MD5.371E5A11C1B7F027480967C4E79F7833] - 23/06/2013 - 12:17:19 RSHAD . (...) -- C:\Windows\System32\Drivers\vsconfig.xml [415877]
O44 - LFC:[MD5.D865DD8B0448E3F963D68C04C532858F] - 23/06/2013 - 12:14:31 RSHAD . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\Drivers\kl2.sys [11864]
O44 - LFC:[MD5.E656FE10D6D27794AFA08136685A69E8] - 23/06/2013 - 12:14:30 RSHAD . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\Drivers\kl1.sys [460888]
O44 - LFC:[MD5.055790D38D7EC73AEF03E4AA7F67BA03] - 23/06/2013 - 12:14:26 RSHAD . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64_noagava].) -- C:\Windows\System32\Drivers\klif.sys [485680]
O44 - LFC:[MD5.C4B0ECD8F21D0CA5715637950B672D9F] - 23/06/2013 - 12:13:56 ---A- . (...) -- C:\user.js [126]
O44 - LFC:[MD5.6FB5E816CB7294EEBD33FB76A8DEDA56] - 23/06/2013 - 09:14:16 ---A- . (...) -- C:\Windows\ntbtlog.txt [52440]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/06/2013 - 09:35:16 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.14DAE73A3B8599329329ADB2604E62A4] - 15/06/2013 - 20:23:13 ---A- . (.Microsoft Corporation - Microsoft� MSHTML Typelib.) -- C:\Windows\SysNative\mshtml.tlb [2706432]
O44 - LFC:[MD5.14DAE73A3B8599329329ADB2604E62A4] - 15/06/2013 - 20:23:13 ---A- . (.Microsoft Corporation - Microsoft� MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2706432]
O44 - LFC:[MD5.C9152A497D0CA33CE9D729F1179DDB01] - 15/06/2013 - 20:23:12 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysNative\urlmon.dll [1365504]
O44 - LFC:[MD5.C9152A497D0CA33CE9D729F1179DDB01] - 15/06/2013 - 20:23:12 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1365504]
O44 - LFC:[MD5.1BDF694C5BA91A1576DA907DA3077EF8] - 15/06/2013 - 20:23:11 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\SysNative\iertutil.dll [2648064]
O44 - LFC:[MD5.1BDF694C5BA91A1576DA907DA3077EF8] - 15/06/2013 - 20:23:11 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2648064]
O44 - LFC:[MD5.9AD5D9CE1D07B76176615723D1E6217D] - 15/06/2013 - 20:23:10 ---A- . (.Microsoft Corporation - Moteur de l�interface utilisateur d�Interne.) -- C:\Windows\SysNative\ieui.dll [526336]
O44 - LFC:[MD5.9AD5D9CE1D07B76176615723D1E6217D] - 15/06/2013 - 20:23:10 ---A- . (.Microsoft Corporation - Moteur de l�interface utilisateur d�Interne.) -- C:\Windows\System32\ieui.dll [526336]
O44 - LFC:[MD5.AB2F2F56064E8AA8634C790956860A3D] - 15/06/2013 - 20:23:09 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\SysNative\ieframe.dll [15404544]
O44 - LFC:[MD5.AB2F2F56064E8AA8634C790956860A3D] - 15/06/2013 - 20:23:09 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [15404544]
O44 - LFC:[MD5.5C41AF3F4B83340D2783CE8FDE30566A] - 15/06/2013 - 20:23:07 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysNative\mshtml.dll [19233792]
O44 - LFC:[MD5.5C41AF3F4B83340D2783CE8FDE30566A] - 15/06/2013 - 20:23:07 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [19233792]
O44 - LFC:[MD5.394A9DA8A5ED842FC74AC7328B880727] - 12/06/2013 - 18:09:16 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\SysNative\MRT.exe [75825640]
O44 - LFC:[MD5.394A9DA8A5ED842FC74AC7328B880727] - 12/06/2013 - 18:09:16 RSHAD . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [75825640]
O44 - LFC:[MD5.5C9D6C25054683CEEC28935C1DDB03DF] - 12/06/2013 - 18:08:38 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\SysNative\iesysprep.dll [136704]
O44 - LFC:[MD5.5C9D6C25054683CEEC28935C1DDB03DF] - 12/06/2013 - 18:08:38 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll [136704]
O44 - LFC:[MD5.146A64604D96E82B03CD57B214E66632] - 12/06/2013 - 18:08:38 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\SysNative\iesetup.dll [67072]
O44 - LFC:[MD5.146A64604D96E82B03CD57B214E66632] - 12/06/2013 - 18:08:38 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [67072]
O44 - LFC:[MD5.6D1CD9151AC8E10B6B7DBEAAD89A2E56] - 12/06/2013 - 18:08:38 ---A- . (.Microsoft Corporation - Registers custom PKEYs for IE.) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [89600]
O44 - LFC:[MD5.6D1CD9151AC8E10B6B7DBEAAD89A2E56] - 12/06/2013 - 18:08:38 ---A- . (.Microsoft Corporation - Registers custom PKEYs for IE.) -- C:\Windows\System32\RegisterIEPKEYs.exe [89600]
O44 - LFC:[MD5.8C42F591EA3D14004C0684ADD177941B] - 12/06/2013 - 18:08:38 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\SysNative\iernonce.dll [39936]
O44 - LFC:[MD5.8C42F591EA3D14004C0684ADD177941B] - 12/06/2013 - 18:08:38 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [39936]
O44 - LFC:[MD5.D575B8A1E28747D8562A7EB0D95AAD74] - 12/06/2013 - 18:08:38 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\SysNative\ie4uinit.exe [51712]
O44 - LFC:[MD5.D575B8A1E28747D8562A7EB0D95AAD74] - 12/06/2013 - 18:08:38 RSHAD . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [51712]
O44 - LFC:[MD5.C928E6CC4DF7ED4620BAB3CE96262632] - 12/06/2013 - 18:08:37 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\SysNative\jscript.dll [855552]
O44 - LFC:[MD5.C928E6CC4DF7ED4620BAB3CE96262632] - 12/06/2013 - 18:08:37 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [855552]
O44 - LFC:[MD5.4A420CB5E499E484B1E5E1CE010E6896] - 12/06/2013 - 18:08:37 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\SysNative\msfeeds.dll [603136]
O44 - LFC:[MD5.4A420CB5E499E484B1E5E1CE010E6896] - 12/06/2013 - 18:08:37 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [603136]
O44 - LFC:[MD5.396D851E3B6ECB9990718C25567ABBB9] - 12/06/2013 - 18:08:36 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\SysNative\jscript9.dll [3958784]
O44 - LFC:[MD5.396D851E3B6ECB9990718C25567ABBB9] - 12/06/2013 - 18:08:36 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [3958784]
O44 - LFC:[MD5.5AD28C210D17029694554420022E1074] - 12/06/2013 - 18:08:34 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\SysNative\jsproxy.dll [53248]
O44 - LFC:[MD5.5AD28C210D17029694554420022E1074] - 12/06/2013 - 18:08:34 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [53248]
O44 - LFC:[MD5.12716D987D475B051F35895659159705] - 12/06/2013 - 18:08:33 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\SysNative\wininet.dll [2241024]
O44 - LFC:[MD5.12716D987D475B051F35895659159705] - 12/06/2013 - 18:08:33 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2241024]
~ Files: 55 Scanned in 00mn 50s



---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" [Enabled] .(.Orbitdownloader.com.) -- C:\Program Files (x86)\Orbitdownloader\orbitdm.exe =>Adware.BitDownload
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" [Enabled] .(.Orbitdownloader.com.) -- C:\Program Files (x86)\Orbitdownloader\orbitnet.exe =>Adware.BitDownload
~ Keys Export: 2 Scanned in 00mn 01s



---\\ D�ni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package�v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l��diteur de configuration de s�curit� Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de s�curit� Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package�v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\AnyDVD [Key] . (.SlySoft, Inc. - AnyDVD Application.) -- C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
O53 - SMSR:HKLM\...\startupreg\MDS_Menu [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Packard Bell\Packard Bell TouchPortal\MediaShow Espresso\MUITransfer\MUIStartMenu.exe
O53 - SMSR:HKLM\...\startupreg\Software Suite SE [Key] . (.Acer Incorporated - Packard Bell Software Suite SE.) -- C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe
O53 - SMSR:HKLM\...\startupreg\TouchMovieService [Key] . (.CyberLink Corp. - Touch Movie Resident Program.) -- C:\Program Files (x86)\Packard Bell\Packard Bell TouchPortal\Touch Movie\TouchMovieService.exe
O53 - SMSR:HKLM\...\startupreg\YouCam Mirage [Key] . (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Packard Bell\Packard Bell TouchPortal\YouCam\YCMMirage.exe
O53 - SMSR:HKLM\...\startupreg\YouCam Tray [Key] . (.CyberLink Corp. - CyberLink YouCam Tray.) -- C:\Program Files (x86)\Packard Bell\Packard Bell TouchPortal\YouCam\YouCamTray.exe
~ SMSR Keys: 6 Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ MWPS: 18 Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 4 Scanned in 00mn 00s



---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.30682A098E12E2C85FA65518E1618195] - 27/03/2012 - 00:42:14 ---A- . (.SlySoft, Inc. - AnyDVD Filter Driver.) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys [138360]
~ Drivers: Scanned in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 28/12/2011 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 21/07/2011 - C:\Windows\System32\DRIVERS\avgntflt.sys (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 21/07/2011 - C:\Windows\System32\DRIVERS\avipbb.sys (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - 25/03/2013 - C:\Windows\System32\DRIVERS\avkmgr.sys (avkmgr) .(.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - LEGACY_AVKMGR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d�ordinateurs.) - LEGACY_BOWSER
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - 10/04/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 16/12/2010 - C:\Windows\System32\Drivers\ElbyCDIO.sys (ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - LEGACY_ELBYCDIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat) .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de syst�me de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 30/08/2012 - C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (ISWKL) .(.Check Point Software Technologies - ZoneAlarm Browser Security.) - LEGACY_ISWKL
O64 - Services: CurCS - 09/01/2012 - C:\Windows\System32\DRIVERS\kl1.sys (KL1) .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - LEGACY_KL1
O64 - Services: CurCS - 09/01/2012 - C:\Windows\System32\DRIVERS\kl2.sys (kl2) .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - LEGACY_KL2
O64 - Services: CurCS - 09/01/2012 - C:\Windows\System32\DRIVERS\klif.sys (KLIF) .(.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64_noagava].) - LEGACY_KLIF
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - Pilote d�E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 25/06/2010 - C:\Windows\System32\drivers\npf.sys (NPF) .(.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) - LEGACY_NPF
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 18/04/2013 - C:\Windows\System32\DRIVERS\psi_mf_amd64.sys (PSI) .(.Secunia - Secunia PSI Driver.) - LEGACY_PSI
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 01/10/2011 - C:\Windows\System32\DRIVERS\Sftfslh.sys (Sftfs) .(.Microsoft Corporation - Microsoft Application Virtualization File S.) - LEGACY_SFTFS
O64 - Services: CurCS - 01/10/2011 - C:\Windows\System32\DRIVERS\Sftplaylh.sys (Sftplay) .(.Microsoft Corporation - Microsoft Application Virtualization System.) - LEGACY_SFTPLAY
O64 - Services: CurCS - 01/10/2011 - C:\Windows\System32\DRIVERS\Sftredirlh.sys (Sftredir) .(.Microsoft Corporation - Microsoft Application Virtualization System.) - LEGACY_SFTREDIR
O64 - Services: CurCS - 01/10/2011 - C:\Windows\System32\DRIVERS\Sftvollh.sys (Sftvol) .(.Microsoft Corporation - Microsoft Application Virtualization Volume.) - LEGACY_SFTVOL
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du r�seau.) - LEGACY_TCPIP
O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du r�seau.) - LEGACY_TDX
O64 - Services: CurCS - 06/06/2013 - C:\Windows\System32\drivers\truecrypt.sys (truecrypt) .(.TrueCrypt Foundation - TrueCrypt Driver.) - LEGACY_TRUECRYPT
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\DRIVERS\udfs.sys (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d�extension du gestionnaire de volum.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de clich� instantan� du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 07/05/2011 - C:\Windows\System32\DRIVERS\vsdatant.sys (Vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (vwififlt) .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l�infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF
O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\WudfPf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF
~ Legacy: 90 Scanned in 00mn 02s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
~ FASS Keys: 19 Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {9021C5D9-3BAE-4F26-B1C4-E58A98C233C7} [DefaultScope] - (Search By ZoneAlarm) - http://search.zonealarm.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche des services d�marr�s par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Exp�rience d�application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de strat�gie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de num�rotation automatique d�acc�s distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d�acc�s distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d�interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d��v�nements syst�me (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l�application d�assistance � Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de t�l�phonie Microsoft� Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur h�te de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise � jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arri�re-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivit� IPv6 sur un r�seau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d�ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d�application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de d�couverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multim�dias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau � distance.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d�ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de t�ches.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des cl�s.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux probl�mes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des th�mes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
~ Services: 32 Scanned in 00mn 01s



---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.B28C334C03CEE7C5E829C43AE75DAE5A] [SPRF][28/01/2013] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\USER\AppData\Local\Temp\AskSLib.dll [248008]
[MD5.D81C2A6642A98B9826A25BA23CD3CB3F] [SPRF][23/05/2013] (.Pas de propri�taire - Nettoyage des fichiers temporaires.) -- C:\Users\USER\Desktop\SFTGC.exe [1051218]
[MD5.A703ACC9B3BBBFDBCFEEA1A81FB628DD] [SPRF][27/06/2013] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\USER\Desktop\ZHPDiag2.exe [5688220]
~ Files: Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d�assistance � distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d�assistance � distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contr�leur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contr�leur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-syst�me spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-syst�me spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage imm�diat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage imm�diat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage imm�diat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage imm�diat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{9E5CA734-590A-4AC0-B4A7-B2B0F8ADA2FC}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
O87 - FAEL: "{4D98D1C7-33F5-47B7-B07F-5D2D8A21A108}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Mesh Operating Environment.) -- C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
O87 - FAEL: "{A12CA9AA-D6AC-4BB8-8F21-48A127650181}" | In - None - P6 - TRUE | .(.Acer Incorporated - Touch Music.) -- C:\Program Files (x86)\Packard Bell\Packard Bell TouchPortal\Touch MVP\TouchMusic.exe
O87 - FAEL: "{7E0E5DD6-5B83-41BF-85D4-4479002B5A63}" | In - None - P6 - TRUE | .(.Acer Incorporated - Touch Video.) -- C:\Program Files (x86)\Packard Bell\Packard Bell TouchPortal\Touch MVP\TouchVideo.exe
O87 - FAEL: "{7488F07E-08EC-4329-9C4D-86F350FD202E}" | In - None - P6 - TRUE | .(.Acer Incorporated - Touch Photo.) -- C:\Program Files (x86)\Packard Bell\Packard Bell TouchPortal\Touch MVP\TouchPhoto.exe
O87 - FAEL: "{D06B8586-0E5B-41C2-B9F6-3DA175986704}" | In - None - P6 - TRUE | .(.CyberLink Corp. - Touch Movie Resident Program.) -- C:\Program Files (x86)\Packard Bell\Packard Bell TouchPortal\Touch Movie\TouchMovieService.exe
O87 - FAEL: "{0F5BC7F1-41B7-4155-869D-6AA006C2CF01}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "{DC630020-83AE-452B-87D2-3A1138FB3CFE}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{933994DD-9D56-4021-9B08-85E1A6CA9372}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{0A7CBC50-0587-4AD5-B66C-1AC74AEA3C48}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{E060A826-5A6F-4219-8038-4C5A8A36964A}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{9C1B48C9-3895-4186-97DD-388CC4CB1CB5}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{7FCBA8FF-2DCD-418C-91C6-D0BBB1DDEAE8}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{D65CE970-2352-4C65-AAF3-73EE0AA3D810}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{BB506591-50A7-426F-8D76-A914B301C508}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{5B5CAE85-5913-481B-A79A-CB62C5D65418}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{F4F82B0E-50D8-4089-A5AB-9C8D9BE30FEE}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{5AD1F858-397A-42D5-A7A2-DE579E184F95}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{5375A385-CED4-4148-A363-C131FFDE406C}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{8B28A032-B841-4B59-B1DC-5DEEB5AA6F88}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{93153747-7FB7-44FB-80AE-6DD7862FB6F4}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{040FF23C-FE55-40BE-9B77-6F712DEFA76D}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{D59F3BC1-A58B-49E7-90CD-081AC849DE0D}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{8DCC2072-F7D3-47FB-8227-28A166EFB29F}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{E9E1283E-BAD7-43AD-9188-8603BE3E993C}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-syst�me spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{8A17BEB0-8C8A-4B79-AE04-B787BD916D8F}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{91597C31-5AFD-4BEA-A56D-8E4A56F78C9D}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{2452394D-B4A9-48C6-A4D1-096683E2DC6F}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "{DDA2BA85-9457-4370-8C2C-FFC6C0B90332}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "{4E763C54-1085-42B7-BDD5-20D9B864E886}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{67D669AE-ABE0-40B3-AA35-78871FB3A003}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{5191F1F2-54CC-45A2-9EF8-40111CC03A95}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{AF83B56F-01A5-48F2-AF24-97DE1089582C}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{1D004224-2CCB-45E5-9DA4-55D1E10FF117}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{932C3EC0-6C53-43E1-8C29-1F1CE43A8B76}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{745D9ED7-473E-47AF-B786-8BDD4AE994E3}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\USER\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
O87 - FAEL: "{36185786-0ED5-4990-A440-37647FD42BC5}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\USER\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
O87 - FAEL: "TCP Query User{DDE9A17C-780E-444E-86DD-E0E0EE2494EB}C:\program files (x86)\orbitdownloader\orbitnet.exe" | In - Private - P6 - TRUE | .(.Orbitdownloader.com.) -- C:\program files (x86)\orbitdownloader\orbitnet.exe =>Adware.BitDownload
O87 - FAEL: "UDP Query User{0E8A290D-FB3A-4579-AEF4-EC1A5116AC45}C:\program files (x86)\orbitdownloader\orbitnet.exe" | In - Private - P17 - TRUE | .(.Orbitdownloader.com.) -- C:\program files (x86)\orbitdownloader\orbitnet.exe =>Adware.BitDownload
O87 - FAEL: "TCP Query User{F19FBD3E-333D-4F4B-BB4A-E7B1F75BEF43}C:\program files (x86)\orbitdownloader\orbitnet.exe" | In - Public - P6 - TRUE | .(.Orbitdownloader.com.) -- C:\program files (x86)\orbitdownloader\orbitnet.exe =>Adware.BitDownload
O87 - FAEL: "UDP Query User{63BC750B-3D39-45A3-8BCA-6FED5B5AF59D}C:\program files (x86)\orbitdownloader\orbitnet.exe" | In - Public - P17 - TRUE | .(.Orbitdownloader.com.) -- C:\program files (x86)\orbitdownloader\orbitnet.exe =>Adware.BitDownload
O87 - FAEL: "{F4BF8898-E269-4ED5-A4BF-91B5BD8D8F44}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O87 - FAEL: "{36CAD624-3054-40FB-911D-26B63EF38A1C}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O87 - FAEL: "{94359670-BA92-460D-B81E-45D83521A65F}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Skype\Phone\Skype.exe (.not file.)
~ Firewall: 205 Scanned in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.12583 - (25/06/2013)
Cl�s trouv�es (Keys found) : 18
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 0

[HKLM\Software\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}] =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}] =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}] =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}] =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}] =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}] =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}] =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}] =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}] =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}] =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}] =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}] =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protection_ZoneAlarm Toolbar] =>Toolbar.ZoneAlarm
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
~ Additionnel Scan: 278719 Items scanned in 00mn 25s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "00004159070000000000000000F01FEC" . (.Microsoft Office 2010.) -- C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "0EE303C2595A34537AA139C1A74CE0ED" . (.Microsoft Primary Interoperability Assemblies 2005.) -- C:\Windows\Installer\{2C303EE0-A595-3543-A71A-931C7AC40EDE}\[SystemFolder]msiexec.exe
O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe
O90 - PUC: "121E2D80A6F7BE3479DF26B944094330" . (.Microsoft_VC90_CRT_x86.) -- c:\Windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "20B91A1DE71869244AB57058F37DD475" . (.Microsoft_VC80_MFC_x86.) -- c:\Windows\Installer\{D1A19B02-817E-4296-A45B-07853FD74D57}\ARPPRODUCTICON.exe
O90 - PUC: "25BBB29DFF28DE24A8C3E460F249A47B" . (.Microsoft_VC80_MFCLOC_x86.) -- c:\Windows\Installer\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}\ARPPRODUCTICON.exe
O90 - PUC: "3910550722C1C544F84A65E451D51B7A" . (.Nero Express 10.) -- C:\Windows\Installer\{70550193-1C22-445C-8FA4-564E155DB1A7}\ARPPRODUCTICON.exe
O90 - PUC: "3DB4FB266F1B2AF43888CC6074CAFB68" . (.Nero Multimedia Suite 10 Essentials.) -- C:\Windows\Installer\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}\ARPPRODUCTICON.exe
O90 - PUC: "3E64AFC7F2CC553428EA0621CD6333DF" . (.NVIDIA ForceWare Network Access Manager.) -- C:\Windows\Installer\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\ARPPRODUCTICON.exe
O90 - PUC: "64F7ECA6ECAF5214EA6876F2F4A2A682" . (.Virtual Earth 3D (Beta).) -- C:\Windows\Installer\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}\SpacelandIcon
O90 - PUC: "68AB67CA7DA7FFFFB7449A0100000010" . (.Adobe Reader 9.5.5 MUI.) -- C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\SC_Reader.ico
O90 - PUC: "7040BB568CC47CD459E2E3FEFD5006A2" . (.Nero Update.) -- C:\Windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe
O90 - PUC: "743C7362DAD96D11E92A0050D5C07A16" . (.PowerCinema.) -- C:\Windows\Installer\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\ARPPRODUCTICON.exe
O90 - PUC: "7C43C21609E58D74B9C5F017D78D7262" . (.swMSM.) -- C:\Windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe
O90 - PUC: "8140A81CA2446814FA890DF805452ACF" . (.Nero DiscSpeed 10 Help (CHM).) -- C:\Windows\Installer\{C18A0418-442A-4186-AF98-D08F5054A2FC}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "8193463375979384297CAE69BC26A189" . (.Nero Express 10 Help (CHM).) -- C:\Windows\Installer\{33643918-7957-4839-92C7-EA96CB621A98}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "8489373E92353E84D882B5DBE6B83E48" . (.MediaEspresso.) -- C:\Windows\Installer\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\ARPPRODUCTICON.exe
O90 - PUC: "8994BF104C33134458DE70E9E3FE7ED5" . (.YouCam.) -- C:\Windows\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\ARPPRODUCTICON.exe
O90 - PUC: "8BD09FF8DED63A441B2842F4CE9010F2" . (.Microsoft Touch Pack for Windows 7.) -- C:\Windows\Installer\{8FF90DB8-6DED-44A3-B182-244FEC09012F}\AppSuiteIcon
O90 - PUC: "8DCAE3347474A6A428A6FF9A3FB9D004" . (.Elements 9 Organizer.) -- c:\Windows\Installer\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}\ARPPRODUCTICON.exe
O90 - PUC: "8F5599BEC764CF74098F21DCD56F483C" . (.Adobe Premiere Elements 9.) -- c:\Windows\Installer\{EB9955F8-467C-47FC-90F8-12CD5DF684C3}\ARPPRODUCTICON.exe
O90 - PUC: "91785D291CBB3CC40AB8659C8E48CCC2" . (.Microsoft_VC80_CRT_x86.) -- c:\Windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe
O90 - PUC: "A11C609B391D3414F97A2EEEA8A5F812" . (.TouchMovie.) -- C:\Windows\Installer\{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}\ARPPRODUCTICON.exe
O90 - PUC: "A2268694F3D4E984A9ECF5CEC40CDB3E" . (.MediaShow Espresso.) -- C:\Windows\Installer\{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}\ARPPRODUCTICON.exe
O90 - PUC: "B1B2B325BD8D14B409FF4C7D992E57A8" . (.Nero ControlCenter 10 Help (CHM).) -- C:\Windows\Installer\{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "B4398983EA50DC1469EB07ADB9BFECF1" . (.Microsoft XNA Framework Redistributable 3.0.) -- C:\Windows\Installer\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}\ProductIcon
O90 - PUC: "C454BD2DC546A8440A9B6B6F1C7DB58A" . (.Garmin Communicator Plugin x64.) -- C:\Windows\Installer\{D2DB454C-645C-448A-A0B9-B6F6C1D75BA8}\GarminSetup.ico
O90 - PUC: "C664388ECE77CA44E88C14A7A461BAF3" . (.Garmin Communicator Plugin.) -- C:\Windows\Installer\{E883466C-77EC-44AC-8EC8-417A4A16AB3F}\GarminSetup.ico
O90 - PUC: "C9F7116F5BDA0954B94E217CEB2C7820" . (.Nero StartSmart 10 Help (CHM).) -- C:\Windows\Installer\{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "E4F094430D84E29428944BB8CE0F35C7" . (.Nero DiscSpeed 10.) -- C:\Windows\Installer\{34490F4E-48D0-492E-8249-B48BECF0537C}\ARPPRODUCTICON.exe
O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype� 6.3.) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O90 - PUC: "E984D16F44C6CA94DA20D78ACA7AA356" . (.Nero StartSmart 10.) -- C:\Windows\Installer\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}\ARPPRODUCTICON.exe
O90 - PUC: "F60C1AD7319C7C64A8F0ADC2AB71AED1" . (.OpenOffice.org 3.4.1.) -- C:\Windows\Installer\{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}\soffice.ico
O90 - PUC: "F998BFD62A710F845A33DED88666FC83" . (.Nero Control Center 10.) -- C:\Windows\Installer\{6DFB899F-17A2-48F0-A533-ED8D6866CF38}\ARPPRODUCTICON.exe
~ Update Products: 465 Scanned in 00mn 00s



---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 30/09/2010 169408 | (AdobeActiveFileMonitor9.0) . (.Adobe Systems Incorporated.) - c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
SS - | Demand 12/06/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 21/04/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 21/07/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 626208 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SR - | Auto 08/01/2010 23584 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
SR - | Auto 30/08/2012 827560 | (IswSvc) . (.Check Point Software Technologies.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
SR - | Auto 31/01/2011 244624 | (Live Updater Service) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
SS - | Demand 05/02/2013 235216 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
SS - | Demand 19/05/2013 117144 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 04/05/2010 503080 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 206880 | (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
SR - | Auto 18/01/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SS - | Auto 25/02/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 244904 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SS - | Demand 25/06/2010 117264 | (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe
SS - | Demand 18/04/2013 1227800 | (Secunia PSI Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
SR - | Auto 18/04/2013 659992 | (Secunia Update Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\sua.exe
SS - | Auto 19/04/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 18/01/2013 383264 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 09/10/2012 2447440 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by USER at 27/06/2013 12:19:46

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Malicius Software Information
http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ MSI: Scanned in 00mn 04s



End of the scan (1637 lines in 05mn 09s)(0)

Publicité


Signaler le contenu de ce document

Publicité