~ ZDiag report NCDiag v2014.4.9.14 - Copyright ©2014 - Nicolas Coolman, All rights reserved ~ Location Report : C:\Documents and Settings\guessas amar\Application Data\ZHP\NCDiag.txt ~ Run by guessas amar (09/04/2014 - 18:39:53) ~ Web site adress : http://nicolascoolman.webs.com ~ Free support forums for disinfection : http://nicolascoolman.webs.com/apps/links/ ~ Version State : OK ~ White List : Deactivate by Program ~ User Account Control (UAC): System Activation ~ Privilèges Elévation : OK ---\\ Internet Browsers MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox 28.0 (x86 fr) (Default) ---\\ Windows Product Informations ~ Langage: Anglais Microsoft Windows XP Professional Service Pack 3 (build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : KO ---\\ System Informations ~ Operating System: 32 Bits ~ Boot Mode: Normal (Normal boot) System Restore: Activé (Enable) Total RAM: 1014 MB (25% free) ---\\ Connection to the system mode ~ Computer Name: : MY-PC ~ User Name: : guessas amar ~ All Users Names: : ~ Logged in as Administrator ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (System) ( Free 20 Go of 65 Go) D: Hard drive, Flash drive, Thumb drive ( Free 75 Go of 99 Go) E: Hard drive, Flash drive, Thumb drive ( Free 98 Go of 100 Go) F: Hard drive, Flash drive, Thumb drive ( Free 187 Go of 200 Go) H: Hard drive, Flash drive, Thumb drive ( Free 0 Go of 19 Go) I: Hard drive, Flash drive, Thumb drive ( Free 4 Go of 19 Go) J: Hard drive, Flash drive, Thumb drive ( Free 2 Go of 19 Go) K: Hard drive, Flash drive, Thumb drive ( Free 5 Go of 15 Go) L: Hard drive, Flash drive, Thumb drive ( Free 0 Go of 0 Go) ---\\ System protection software Malwarebytes Anti-Malware version 1.75.0.1300 ESET Online Scanner v3 ---\\ Environment variables ~ %SYSTEMDRIVE% = C: ~ %USERPROFILE% = C:\Documents and Settings\guessas amar ~ %APPDATA% = C:\Documents and Settings\guessas amar\Application Data ~ %DESKTOP% = C:\Documents and Settings\guessas amar\Desktop ~ %FAVORITES% = C:\Documents and Settings\guessas amar\Favorites ~ %LOCALAPPDATA% = C:\Documents and Settings\guessas amar\AppData\Local ~ %STARTMENU% = C:\Documents and Settings\guessas amar\Application Data\Microsoft\Windows\Start Menu ~ %WINDIR% = C:\WINDOWS ~ %SYSTEM% = C:\WINDOWS\System32 ~ %PROGRAMFILES% = C:\Program Files ---\\ State of the Windows Security Center |HKLM\SOFTWARE\Microsoft\Security Center| AntiVirusOverride: OK |HKLM\SOFTWARE\Microsoft\Security Center| AntiVirusDisableNotify: OK |HKLM\SOFTWARE\Microsoft\Security Center| FirewallDisableNotify: OK |HKLM\SOFTWARE\Microsoft\Security Center| FirewallOverride: OK |HKLM\SOFTWARE\Microsoft\Security Center| UpdatesDisableNotify: OK |HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings| WarnOnHTTPSToHTTPRedirect: OK |HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL| CheckedValue: OK |HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN| CheckedValue: OK |HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations| Application: OK |HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations| Intl: OK |HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations| XMLLookup: OK |HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp| Type: OK ---\\ Search Generic System Files [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) -- C:\WINDOWS\System32\rundll32.exe [33792] [MD5.E1948B1F45A176FB4A0251446A5AE86D] - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [920064] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows .) -- C:\WINDOWS\System32\Winlogon.exe [512000] [MD5.7618D5218F2A614672EC61A80D854A37] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [138496] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [96512] [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976] [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) -- C:\WINDOWS\System32\drivers\Fips.sys [44672] [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384] [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [54144] [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) -- C:\WINDOWS\System32\drivers\Imapi.sys [42112] [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [152832] [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) -- C:\WINDOWS\System32\drivers\IPSec.sys [75264] [MD5.F3AEFB11ABC521122B67095044169E98] - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [455680] [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [162816] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [574976] [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [80384] [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [196224] [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) -- C:\WINDOWS\System32\drivers\redbook.sys [58752] [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys [53376] ---\\ Process running [MD5.54C7A2002D6E88DA4F8125EC609C9329] - (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe [3298712] [MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe [15360] [MD5.263A715660C2624F75AE5D7365C04FF6] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [141848] [MD5.4AA4DEB55D61BEB851D5A12089E990D3] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [166424] [MD5.30854A339582C70B522FB46B1AF62800] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [137752] [MD5.4CEB109C2B126D6A80FFAA272AE55483] - (...) --C:\Program Files\Fichiers communs\Acronis\Acronis Disk Director\oss_reinstall.exe [2209224] [MD5.7BBE4CF421AECC7F0226EDD75F12079F] - (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952] [MD5.1B17E09C1223F6D17336D2DD7A1AF4F4] - (...) --C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392] [MD5.024DC0F68DF5FD6AE9DD82DFBAF479D6] - (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168] [MD5.024DC0F68DF5FD6AE9DD82DFBAF479D6] - (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168] [MD5.255E405D801CF01247390F38F92D8042] - (...) --D:\Program Files\Unlocker\UnlockerAssistant.exe [17408] [MD5.C34D66D07E67E432E6018756DACE9265] - (.Zbshareware Lab - USB Disk Security.) -- d:\Program Files\USB Disk Security\USBGuard.exe [623520] [MD5.B114DB354D13A21C1AC2B1807EE2F500] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe [273544] [MD5.0AEE5668EB59912F32FF245BFA72465F] - (.Apple Inc. - QuickTime Task.) -- D:\Program Files\QuickTime\qttask.exe [421888] [MD5.3E4C03CEFAD8DE135263236B61A49C90] - (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe [155648] [MD5.C068B74C9CA1A5EB857E83ACF80EEAE4] - (.NiwradSoft - Seven Remix XP Welcome Center.) -- C:\WINDOWS\NiwradSoft Shell Pack\Tools\NS Welcome.exe [243501] [MD5.DE9BA389EB53B8A499FF0C12E8C8ABB4] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5110672] [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254336] [MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.EXE [15360] [MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.EXE [15360] [MD5.70149A8B2A9B171D07C20D5595282550] - (.Apache Software Foundation - Apache HTTP Server.) -- d:\AppServ\Apache2.2\bin\httpd.exe [20539] [MD5.C5A75EB48E2344ABDC162BDA79E16841] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384] [MD5.4CB575D97653FA91FFB02DA3105EB084] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1337752] [MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176] [MD5.3FE5A84FAC62753A20F539BE3E7BFC56] - (.Microsoft Corporation - Services Internet (IIS).) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872] [MD5.499C59A2584F6D4EA41E944DA571D993] - (.Microsoft Corporation - Rpc Locator.) -- C:\WINDOWS\system32\locator.exe [75264] [MD5.50D9949020E02B847CD48F1243FCB895] - (.Skype Technologies - Skype Updater Service.) -- C:\Program Files\Skype\Updater\Updater.exe [172192] [MD5.3FE5A84FAC62753A20F539BE3E7BFC56] - (.Microsoft Corporation - Services Internet (IIS).) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872] [MD5.C32E6295D7D024B2302EFF1A7FEFD720] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [4915040] [MD5.3FE5A84FAC62753A20F539BE3E7BFC56] - (.Microsoft Corporation - Services Internet (IIS).) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872] [MD5.00000000000000000000000000000000] - (...) - J:\xampp\service.exe [0] ---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ 3 Internet Explorer Management found in 0 second(s) ---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) C:\Documents and Settings\guessas amar\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences ~ 1 Google Chrome Management found in 0 second(s) ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (Adobe® Flash® Player 11.9.900.170 Plugin) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll P2 - FPN: [HKLM] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - () -- C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.51.2] - (Java™ Deployment Toolkit) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.51.2] - (Oracle® Java™ Plug-In) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=12.0.1.647] - () -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprjplug;version=12.0.1.647] - () -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll P2 - FPN: [HKLM] [@real.com/nprpchromebrowserrecordext;version=12.0.1.660] - () -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=12.0.1.660] - () -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll P2 - FPN: [HKLM] [@real.com/nprpjplug;version=12.0.1.660] - () -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (Google Update) -- C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (Google Update) -- C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - () -- C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll P2 - FPN: [HKCU] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - () -- C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll ~ 13 Mozilla Firefox Preference found in 0 second(s) ---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com =>.© R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr =>.© R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com =>.© R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com =>.© R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com =>.© R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com =>.© R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) - C:\WINDOWS\system32\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 0 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ 15 Internet Explorer Management found in 0 second(s) ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 ~ 5 Proxy Management found in 0 second(s) ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File Scanned in 0 seconds ~ Nombre de lignes malwares (Malware Number Lines) : 0/1 ---\\ Browser Helper Objects (O2) O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- D:\Program Files\Internet Download Manager\IDMIECC.dll ~ 1 Browser Helper Objects found in 0 second(s) ---\\ Other User Links (O4) O4 - GS\ [AllUsers]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe O4 - GS\ [AllUsers]: NiwradSoft.lnk . (...) -- C:\WINDOWS\NiwradSoft Shell Pack\Links\NiwradSoft.url O4 - GS\ [AllUsers]: Q-Dir.lnk . (.Nenad Hrg (SoftwareOK.com) - Q-Dir.) -- D:\Program Files\Q-Dir\Q-Dir.exe O4 - GS\ [AllUsers]: Recuva.lnk . (.Piriform Ltd - Recuva.) -- C:\Program Files\Recuva\recuva.exe O4 - GS\Program [AllUsers]: RegExr.lnk . (...) -- D:\Program Files\RegExr\RegExr.exe O4 - GS\Program [AllUsers]: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - GS\Program [AllUsers]: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe ~ 7 Browser Shortcut Redirection found in 5 second(s) ---\\ Auto loading programs from Registry and folders (O4) O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKLM\..\Run: [RTHDCPL] . (...) -- RTHDCPL.EXE (.not file.) O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [OSSelectorReinstall] . (...) -- C:\Program Files\Fichiers communs\Acronis\Acronis Disk Director\oss_reinstall.exe O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE O4 - HKLM\..\Run: [UnlockerAssistant] . (...) -- D:\Program Files\Unlocker\UnlockerAssistant.exe O4 - HKLM\..\Run: [USB Security] . (.Zbshareware Lab - USB Disk Security.) -- d:\Program Files\USB Disk Security\USBGuard.exe O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- D:\Program Files\QuickTime\qttask.exe O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NiwradSoft Welcome] . (.NiwradSoft - Seven Remix XP Welcome Center.) -- C:\WINDOWS\NiwradSoft Shell Pack\Tools\NS Welcome.exe O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKUS\S-1-5-21-448539723-746137067-1801674531-1003\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe O4 - HKUS\S-1-5-21-448539723-746137067-1801674531-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ~ 21 Running Process found in 0 second(s) ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\WINDOWS\System32\mswsock.dll =>.© Microsoft O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\System32\winrnr.dll =>.© Microsoft O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\WINDOWS\System32\mswsock.dll =>.© Microsoft ~ 3 Winsock hijacker scanned in 0 second(s) ---\\ Extra protocols (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.© Microsoft Corporation O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll =>.© Microsoft Corporation O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll =>.© Microsoft Corporation O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.© Microsoft Corporation O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.© Microsoft Corporation O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll =>.© Microsoft Corporation O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll =>.© Microsoft Corporation O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll =>.© Microsoft Corporation O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.© Microsoft Corporation O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL =>.© Skype Technologies O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.© Microsoft Corporation O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll =>.© Microsoft Corporation O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.© Microsoft Corporation O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll =>.© Microsoft Corporation O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\System32\mscoree.dll =>.© Microsoft Corporation O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\System32\mscoree.dll =>.© Microsoft Corporation O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\System32\mscoree.dll =>.© Microsoft Corporation O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.© Microsoft Corporation O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.© Microsoft Corporation O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.© Microsoft Corporation O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.© Microsoft Corporation O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll =>.© Microsoft Corporation O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL =>.© Microsoft Corporation ~ 31 Protocols scanned in 1 second(s) ---\\ AppInit_DLLs Registry value Autorun (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\System32\crypt32.dll =>.Microsoft O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\System32\cryptnet.dll =>.Microsoft O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\System32\cscdll.dll =>.Microsoft O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll =>.Microsoft O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\System32\igfxdev.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications .) -- C:\WINDOWS\System32\wlnotify.dll =>.Microsoft O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications .) -- C:\WINDOWS\System32\wlnotify.dll =>.Microsoft O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\System32\sclgntfy.dll =>.Microsoft O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications .) -- C:\WINDOWS\System32\WlNotify.dll =>.Microsoft O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications .) -- C:\WINDOWS\System32\wlnotify.dll =>.Microsoft O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications .) -- C:\WINDOWS\System32\wlnotify.dll =>.Microsoft ~ 11 AppInit_DLLs & Winlogon Notify scanned in 0 second(s) ---\\ ShellServiceObjectDelayLoad (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll =>.WebCheck Contrôleur de site Web O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll ~ 4 SSODL/SSO scanned in 0 second(s) ---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) O23 - Service: Apache2.2 (Apache2.2) . (.Apache Software Foundation - Apache HTTP Server.) -- d:\AppServ\Apache2.2\bin\httpd.exe O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Journal des événements (Eventlog) . (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Administration IIS (IISADMIN) . (.Microsoft Corporation - Services Internet (IIS).) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- d:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Plug-and-Play (PlugPlay) . (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe O23 - Service: IPSEC Services (PolicyAgent) . (.Microsoft Corporation - LSA Shell (Export Version).) -- C:\WINDOWS\system32\lsass.exe O23 - Service: Localisateur d'appels de procédure distante (RPC) (RpcLocator) . (.Microsoft Corporation - Rpc Locator.) -- C:\WINDOWS\system32\locator.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) -- C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Simple Mail Transfer Protocol (SMTP) (SMTPSVC) . (.Microsoft Corporation - Services Internet (IIS).) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe O23 - Service: TeamViewer 9 (TeamViewer9) . (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: Publication World Wide Web (W3SVC) . (.Microsoft Corporation - Services Internet (IIS).) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe O23 - Service: XAMPP Service (XAMPP) . (...) - J:\xampp\service.exe (.not file.) ~ 15 Services found in 0 second(s) ---\\ Session Manager Key (AppCertDlls,KnownDLLs) (O36) O36 - KnownDLLs: (advapi32) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\System32\advapi32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (comdlg32) . (.Microsoft Corporation - DLL commune de boîtes de dialogues.) -- C:\WINDOWS\System32\comdlg32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (gdi32) . (.Microsoft Corporation - GDI Client DLL.) -- C:\WINDOWS\System32\gdi32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (imagehlp) . (.Microsoft Corporation - Windows NT Image Helper.) -- C:\WINDOWS\System32\imagehlp.dll =>.© Microsoft Corporation O36 - KnownDLLs: (kernel32) . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\WINDOWS\System32\kernel32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (lz32) . (.Microsoft Corporation - LZ Expand/Compress API DLL.) -- C:\WINDOWS\System32\lz32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (ole32) . (.Microsoft Corporation - Microsoft OLE pour Windows.) -- C:\WINDOWS\System32\ole32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (oleaut32) . (...) -- C:\WINDOWS\System32\oleaut32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (olecli32) . (.Microsoft Corporation - Bibliothèque client OLE.) -- C:\WINDOWS\System32\olecli32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (olecnv32) . (.Microsoft Corporation - Microsoft OLE for Windows.) -- C:\WINDOWS\System32\olecnv32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (olesvr32) . (.Microsoft Corporation - Object Linking and Embedding Server Library.) -- C:\WINDOWS\System32\olesvr32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (olethk32) . (.Microsoft Corporation - Microsoft OLE for Windows.) -- C:\WINDOWS\System32\olethk32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (rpcrt4) . (.Microsoft Corporation - Remote Procedure Call Runtime.) -- C:\WINDOWS\System32\rpcrt4.dll =>.© Microsoft Corporation O36 - KnownDLLs: (shell32) . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\System32\shell32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (url) . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\WINDOWS\System32\url.dll =>.© Microsoft Corporation O36 - KnownDLLs: (urlmon) . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\System32\urlmon.dll =>.© Microsoft Corporation O36 - KnownDLLs: (user32) . (.Microsoft Corporation - DLL client de l'API Utilisateur de Windows .) -- C:\WINDOWS\System32\user32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (version) . (.Microsoft Corporation - Version Checking and File Installation Libr.) -- C:\WINDOWS\System32\version.dll =>.© Microsoft Corporation O36 - KnownDLLs: (wininet) . (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll =>.© Microsoft Corporation O36 - KnownDLLs: (wldap32) . (.Microsoft Corporation - DLL API LDAP Win32.) -- C:\WINDOWS\System32\wldap32.dll =>.© Microsoft Corporation ~ 20 Session Manager Keys scanned in 0 second(s) ---\\ ActiveSetup Installed Components (O40) O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe =>.© Microsoft Corporation O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- C:\WINDOWS\system32\iedkcs32.dll =>.© Microsoft Corporation O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe =>.© Microsoft Corporation O40 - ASIC: Installed Component - S-1-5-21-448539723-746137067-1801674531-1003 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID ~ 4 ActiveSetup scanned in 0 second(s) ---\\ Drivers launched at startup (O41) O41 - Driver: AFD (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\System32\drivers\afd.sys =>.© Microsoft O41 - Driver: Pilote de CD-ROM (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys =>.© Microsoft O41 - Driver: eamon (eamon) . (.ESET - Amon monitor.) - C:\WINDOWS\system32\DRIVERS\eamon.sys O41 - Driver: ehdrv (ehdrv) . (.ESET - ESET Helper driver.) - C:\WINDOWS\system32\DRIVERS\ehdrv.sys O41 - Driver: epfwtdir (epfwtdir) . (.ESET - ESET Antivirus Network Redirector.) - C:\WINDOWS\system32\DRIVERS\epfwtdir.sys O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys O41 - Driver: IDMTDI (IDMTDI) . (.Tonec Inc. - Internet Download Manager TDI Driver.) - C:\WINDOWS\system32\DRIVERS\idmtdi.sys O41 - Driver: Pilote de filtre de gravure CD (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys O41 - Driver: Pilote de processeur Intel (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys O41 - Driver: Pilote IPSEC (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys O41 - Driver: Pilote de la classe Clavier (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys O41 - Driver: Pilote de la classe Souris (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys O41 - Driver: MRXSMB (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys O41 - Driver: Interface NetBIOS (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys =>.© Microsoft O41 - Driver: NetBIOS sur TCP/IP (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys =>.© Microsoft O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys O41 - Driver: Rdbss (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys =>.© Microsoft O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys =>.© Microsoft O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys O41 - Driver: Pilote de port série (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys O41 - Driver: Pilote du protocole TCP/IP (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: Pilote de périphérique terminal (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys =>.© Microsoft O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\System32\drivers\vga.sys =>.© Microsoft O41 - Driver: Windows Socket 2.0 Non-IFS Service Provider Support Environment (WS2IFSL) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\WINDOWS\System32\drivers\ws2ifsl.sys ~ 24 Running Drivers scanned in 0 second(s) ---\\ Software installed (O42) O42 - Logiciel: Acronis Disk Director Suite 10 build 2160 - (...) [HKLM]-- Acronis Disk Director Suite 10 build 2160 O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM]-- Adobe AIR =>.© Adobe Systems Inc. O42 - Logiciel: Adobe Flash Player 12 ActiveX - (.Adobe Systems Incorporated.) [HKLM]-- Adobe Flash Player ActiveX =>.© Adobe Systems Incorporated O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM]-- Adobe Flash Player Plugin =>.© Adobe Systems Incorporated O42 - Logiciel: Adobe Photoshop CS2 - (.Adobe Systems, Inc..) [HKLM]-- Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D} =>.© Adobe Systems, Inc. O42 - Logiciel: AppServ 2.5.9 (remove only) - (...) [HKLM]-- AppServ O42 - Logiciel: CCleaner - (.Piriform.) [HKLM]-- CCleaner =>.© Piriform O42 - Logiciel: Cisco ConfigMaker v2.6 - (...) [HKLM]-- Cisco ConfigMaker v2.6 O42 - Logiciel: Compil' de Ti Version 1.0 - (...) [HKLM]-- Compil' de Ti Version 1.0 O42 - Logiciel: ESET Online Scanner v3 - (...) [HKLM]-- ESET Online Scanner O42 - Logiciel: Falco CheckersII 1.0 - (.Falco Software, Inc..) [HKLM]-- Falco CheckersII_is1 O42 - Logiciel: FileZilla Client 3.5.0 - (...) [HKLM]-- FileZilla Client O42 - Logiciel: FreeFileSync 5.11 - (.Zenju.) [HKLM]-- FreeFileSync O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (...) [HKLM]-- HDMI O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM]-- ie8 =>.© Microsoft Corporation O42 - Logiciel: Internet Download Manager - (...) [HKLM]-- Internet Download Manager O42 - Logiciel: K-Lite Mega Codec Pack 6.9.0 - (...) [HKLM]-- KLiteCodecPack_is1 O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM]-- Malwarebytes' Anti-Malware_is1 =>.© Malwarebytes Corporation O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM]-- Microsoft .NET Framework 4 Client Profile =>.© Microsoft Corporation O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM]-- Microsoft .NET Framework 4 Client Profile FRA Language Pack =>.© Microsoft Corporation O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM]-- Microsoft .NET Framework 4 Extended =>.© Microsoft Corporation O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Extended FRA - (.Microsoft Corporation.) [HKLM]-- Microsoft .NET Framework 4 Extended FRA Language Pack =>.© Microsoft Corporation O42 - Logiciel: Microsoft Help Viewer 1.0 - (.Microsoft Corporation.) [HKLM]-- Microsoft Help Viewer 1.0 =>.© Microsoft Corporation O42 - Logiciel: Module linguistique de la visionneuse d'aide Microsoft 1.0 - FRA - (.Microsoft Corporation.) [HKLM]-- Microsoft Help Viewer 1.0 Language Pack - FRA =>.© Microsoft Corporation O42 - Logiciel: MindSoft Utilities 2011 - (.MindSoft.) [HKLM]-- MindSoft Utilities 201111.00.2011.15 O42 - Logiciel: Mozilla Firefox 28.0 (x86 fr) - (.Mozilla.) [HKLM]-- Mozilla Firefox 28.0 (x86 fr) =>.© Mozilla O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM]-- MozillaMaintenanceService =>.© Mozilla O42 - Logiciel: Microsoft VM for Java - (...) [HKLM]-- MsJavaVM O42 - Logiciel: MSN - (...) [HKLM]-- MSNINST O42 - Logiciel: Nero 6 Demo - (...) [HKLM]-- Nero - Burning Rom!UninstallKey O42 - Logiciel: Notepad++ - (...) [HKLM]-- Notepad++ O42 - Logiciel: Pack Vista Inspirat 2 1.0 - (.Bricomix.) [HKLM]-- Pack Vista Inspirat 2 O42 - Logiciel: phpDesigner 7 version 7.2.5 - (.MPSOFTWARE.) [HKLM]-- phpDesigner7_is1 O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM]-- PROPLUS =>.© Microsoft Corporation O42 - Logiciel: Q-Dir - (...) [HKLM]-- Q-Dir O42 - Logiciel: Rapid PHP 2010 v10.2 - (.Karlis Blumentals.) [HKLM]-- Rapid PHP 2010_is1 O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM]-- RealPlayer 12.0 =>.© RealNetworks O42 - Logiciel: Recuva - (.Piriform.) [HKLM]-- Recuva =>.© Piriform O42 - Logiciel: RegExr - (.gskinner.com, inc..) [HKLM]-- RegExr.8CE3EE8FC37F7781C562DFF80977CFBA322DD1EF.1 O42 - Logiciel: Registry Reviver - (.ReviverSoft LLC.) [HKLM]-- Registry Reviver O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM]-- Revo Uninstaller O42 - Logiciel: Seven Remix XP 2.5 - (.NiwradSoft.) [HKLM]-- Seven Remix XP O42 - Logiciel: Smart Indenter v3.5 for Office 2000-2003 - (...) [HKLM]-- Smart Indenter v3.5 for Office 2000-2003 O42 - Logiciel: OstroSoft Winsock Component - (...) [HKLM]-- ST6UNST #1 O42 - Logiciel: TeamViewer 9 - (.TeamViewer.) [HKLM]-- TeamViewer 9 O42 - Logiciel: Total Validator Java 1.6 - (.Total Validator.) [HKLM]-- Total Validator Java 1.6 O42 - Logiciel: Total Validator Tool - (.Total Validator.) [HKLM]-- Total Validator Tool O42 - Logiciel: Unlocker 1.9.0 - (.Cedrick Collomb.) [HKLM]-- Unlocker O42 - Logiciel: USB Disk Security - (...) [HKLM]-- USB Disk Security_is1 O42 - Logiciel: Microsoft Visual Studio 6.0 Édition Entreprise (Français) - (...) [HKLM]-- Visual Studio 6.0 Édition Entreprise (fra) O42 - Logiciel: Assistant Publication de sites Web Microsoft 1.53 - (...) [HKLM]-- WebPost O42 - Logiciel: WhoCrashed 5.00 - (.Resplendence Software Projects Sp..) [HKLM]-- WhoCrashed_is1 O42 - Logiciel: WinHTTrack Website Copier 3.44-1 - (.HTTrack.) [HKLM]-- WinHTTrack Website Copier_is1 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM]-- WinLiveSuite_Wave3 =>.© Microsoft Corporation O42 - Logiciel: WinRAR archiver - (...) [HKLM]-- WinRAR archiver O42 - Logiciel: Microsoft SQL Server System CLR Types - (.Microsoft Corporation.) [HKLM]-- {0266CCBE-BBD8-416C-A48F-7FC47C6DB566} =>.© Microsoft Corporation O42 - Logiciel: Microsoft .NET Framework 4 Extended FRA Language Pack - (.Microsoft Corporation.) [HKLM]-- {043F86B7-EE12-3399-B2CA-D0B603D87963} =>.© Microsoft Corporation O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM]-- {0A0CADCF-78DA-33C4-A350-CD51849B9702} =>.© Microsoft Corporation O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM]-- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E} =>.© Microsoft Corporation O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM]-- {133742BA-6F46-4D3E-85AF-78631D9AD8B8} =>.© Microsoft Corporation O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM]-- {205C6BDD-7B73-42DE-8505-9A093F35A238} =>.© Microsoft Corporation O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM]-- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} =>.© Microsoft O42 - Logiciel: Acronis Disk Director Suite - (.Acronis.) [HKLM]-- {2300EE96-0A41-4FAB-BD03-989EC44577A0} O42 - Logiciel: Adobe Photoshop CS2 - (.Adobe Systems, Inc..) [HKLM]-- {236BB7C4-4419-42FD-0409-1E257A25E34D} =>.© Adobe Systems, Inc. O42 - Logiciel: Java(TM) 6 Update 29 - (.Oracle.) [HKLM]-- {26A24AE4-039D-4CA4-87B4-2F83216024FF} =>.© Oracle O42 - Logiciel: Java 7 Update 51 - (.Oracle.) [HKLM]-- {26A24AE4-039D-4CA4-87B4-2F83217051FF} =>.© Oracle O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM]-- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} =>.© RealNetworks, Inc. O42 - Logiciel: MZ-Tools 3.0 pour VBA - (.MZTools Software.) [HKLM]-- {2B69AD59-FA30-47fc-B950-FA27E7D16A73}_is1 O42 - Logiciel: Debugging Tools for Windows (x86) - (.Microsoft Corporation.) [HKLM]-- {300A2961-B2B5-4889-9CB9-5C2A570D08AD} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM]-- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1} =>.© Microsoft Corporation O42 - Logiciel: WebFldrs XP - (.Microsoft Corporation.) [HKLM]-- {350C940c-3D7C-4EE8-BAA9-00BCB3D54227} =>.© Microsoft Corporation O42 - Logiciel: Outils Microsoft Visual Studio 2010 ADO.NET Entity Framework - (.Microsoft Corporation.) [HKLM]-- {3BA7E387-9401-3371-9464-5E224D243FC5} =>.© Microsoft Corporation O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM]-- {3C3901C5-3455-3E0A-A214-0B093A5070A6} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM]-- {445B183D-F4F1-45C8-B9DB-F11355CA657B} =>.© Microsoft Corporation O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM]-- {46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB} =>.© Adobe Systems Inc. O42 - Logiciel: Microsoft Help Viewer 1.0 - (.Microsoft Corporation.) [HKLM]-- {47C39E4A-28F2-33B1-B9B7-97F24E52D917} =>.© Microsoft Corporation O42 - Logiciel: Java Auto Updater - (.Sun Microsystems, Inc..) [HKLM]-- {4A03706F-666A-4037-7777-5F2748764D10} =>.© Sun Microsystems, Inc. O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM]-- {57752979-A1C9-4C02-856B-FBB27AC4E02C} =>.© Apple Inc. O42 - Logiciel: HUAWEI Wireless Modem - (...) [HKLM]-- {704D5D04-E867-4CFE-869C-6061E93F513F} O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime - (.RealNetworks, Inc.) [HKLM]-- {7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA} =>.© RealNetworks, Inc O42 - Logiciel: Adobe Stock Photos 1.0 - (.Adobe Systems.) [HKLM]-- {786C5747-1033-0000-B58E-000000000001} =>.© Adobe Systems O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM]-- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.© Apple Inc. O42 - Logiciel: Skype™ 6.13 - (.Skype Technologies S.A..) [HKLM]-- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7} =>.© Skype Technologies S.A. O42 - Logiciel: Adobe Common File Installer - (.Adobe System Incorporated.) [HKLM]-- {8EDBA74D-0686-4C99-BFDD-F894678E5101} =>.© Adobe System Incorporated O42 - Logiciel: Microsoft Software Update for Web Folders (French) 12 - (.Microsoft Corporation.) [HKLM]-- {90120000-0010-040C-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-0011-0000-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-0015-040C-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-0016-040C-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-0018-040C-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-0019-040C-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-001A-040C-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-001B-040C-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-001F-0401-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-001F-0407-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-001F-0409-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-001F-040C-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-001F-0413-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-001F-0C0A-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-002C-040C-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-0044-040C-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]-- {90120000-006E-040C-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM]-- {95120000-00B9-0409-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM]-- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} =>.© Microsoft Corp O42 - Logiciel: PDF-Viewer - (.Tracker Software Products Ltd.) [HKLM]-- {A278382D-4F1B-4D47-9885-8523F7261E8D}_is1 O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM]-- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.© Google Inc. O42 - Logiciel: Microsoft SQL Server Compact 3.5 SP2 FRA - (.Microsoft Corporation.) [HKLM]-- {AF6919D0-5691-4F35-9D65-54F981013514} =>.© Microsoft Corporation O42 - Logiciel: Objets de gestion Microsoft SQL Server 2008 R2 - (.Microsoft Corporation.) [HKLM]-- {B01A7AFC-0356-43AF-A333-C65912AEA8DC} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM]-- {B3B487E7-6171-4376-9074-B28082CEB504} =>.© Microsoft Corporation O42 - Logiciel: Adobe Bridge 1.0 - (.Adobe Systems.) [HKLM]-- {B74D4E10-6884-0000-0000-000000000101} =>.© Adobe Systems O42 - Logiciel: Microsoft Help Viewer 1.0 Language Pack - FRA - (.Microsoft Corporation.) [HKLM]-- {BC398BE9-C1DC-374B-90B1-460CB70C7CDD} =>.© Microsoft Corporation O42 - Logiciel: REALTEK GbE & FE Ethernet PCI-E NIC Driver - (.Realtek.) [HKLM]-- {C9BED750-1211-4480-B1A5-718A3BE15525} =>.© Realtek O42 - Logiciel: Microsoft .NET Framework 4 Multi-Targeting Pack - (.Microsoft Corporation.) [HKLM]-- {CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE} =>.© Microsoft Corporation O42 - Logiciel: Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 FRA - (.Microsoft Corporation.) [HKLM]-- {D60023FA-3DF1-4537-93DD-13024CC4E366} =>.© Microsoft Corporation O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM]-- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7} =>.© Microsoft Corporation O42 - Logiciel: Adobe Help Center 1.0 - (.Adobe Systems.) [HKLM]-- {E9787678-119F-4D52-B551-6739B2B22101} =>.© Adobe Systems O42 - Logiciel: RegExr - (.gskinner.com, inc..) [HKLM]-- {EA1B6EBB-B623-22ED-B5EB-7D574DCAD521} O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM]-- {EE6097DD-05F4-4178-9719-D3170BF098E8} =>.© Apple Inc. O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM]-- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM]-- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} =>.© Microsoft Corporation O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM]-- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.© Realtek Semiconductor Corp. O42 - Logiciel: ESET NOD32 Antivirus - (.ESET, spol s r. o..) [HKLM]-- {F640C9B5-1E08-4E6B-8A74-A6B36A2CEC78} ~ 121 Softwares scanned in 1 second(s) ---\\ HKCU & HKLM Software Registry Keys HKLM\SOFTWARE\Acronis HKLM\SOFTWARE\Adobe =>.© Adobe HKLM\SOFTWARE\Adobe Systems =>.© Adobe Systems HKLM\SOFTWARE\Ahead HKLM\SOFTWARE\Apple Computer, Inc. =>.© Apple Computer, Inc. HKLM\SOFTWARE\Apple Inc. =>.© Apple Inc. HKLM\SOFTWARE\ASUS =>.© ASUS HKLM\SOFTWARE\Bricomix.net HKLM\SOFTWARE\C07ft5Y HKLM\SOFTWARE\CDDB HKLM\SOFTWARE\Cisco Systems Inc. HKLM\SOFTWARE\Codec Tweak Tool HKLM\SOFTWARE\Creative Tech HKLM\SOFTWARE\Cygwin HKLM\SOFTWARE\dlQUE HKLM\SOFTWARE\Eset HKLM\SOFTWARE\FileZilla 3 HKLM\SOFTWARE\FileZilla Client HKLM\SOFTWARE\FreeFileSync HKLM\SOFTWARE\Gabest HKLM\SOFTWARE\Gemplus HKLM\SOFTWARE\GNU HKLM\SOFTWARE\Google =>.© Google HKLM\SOFTWARE\HaaliMkx HKLM\SOFTWARE\HUAWEI TECHNOLOGIES HKLM\SOFTWARE\iColorFolder HKLM\SOFTWARE\IM Providers HKLM\SOFTWARE\Intel =>.© Intel HKLM\SOFTWARE\Internet Download Manager HKLM\SOFTWARE\InterVideo HKLM\SOFTWARE\JavaSoft =>.© JavaSoft HKLM\SOFTWARE\JreMetrics HKLM\SOFTWARE\KLCodecPack HKLM\SOFTWARE\Macromedia =>.© Macromedia HKLM\SOFTWARE\Macrovision =>.© Macrovision HKLM\SOFTWARE\Malwarebytes' Anti-Malware =>.© Malwarebytes' Anti-Malware HKLM\SOFTWARE\Microsoft =>.© Microsoft HKLM\SOFTWARE\Mozilla =>.© Mozilla HKLM\SOFTWARE\mozilla.org =>.© mozilla.org HKLM\SOFTWARE\MozillaPlugins =>.© MozillaPlugins HKLM\SOFTWARE\NiwradSoft Shell Pack HKLM\SOFTWARE\Notepad++ HKLM\SOFTWARE\ODBC HKLM\SOFTWARE\Piriform =>.© Piriform HKLM\SOFTWARE\Program Groups HKLM\SOFTWARE\RealNetworks =>.© RealNetworks HKLM\SOFTWARE\Realtek =>.© Realtek HKLM\SOFTWARE\Realtek Semiconductor Corp. =>.© Realtek Semiconductor Corp. HKLM\SOFTWARE\RegistryReviver HKLM\SOFTWARE\Revenger inc. HKLM\SOFTWARE\RTLSetup HKLM\SOFTWARE\Schlumberger HKLM\SOFTWARE\Secure HKLM\SOFTWARE\Skype =>.© Skype HKLM\SOFTWARE\TeamViewer HKLM\SOFTWARE\Total Validator Java 1.6 HKLM\SOFTWARE\Total Validator Tool HKLM\SOFTWARE\Windows 3.1 Migration Status HKLM\SOFTWARE\WinHTTrack Website Copier HKLM\SOFTWARE\WinRAR HKLM\SOFTWARE\Xing Technology Corp. =>.© Xing Technology Corp. HKCU\Software\Adobe =>.© Adobe HKCU\Software\Ahead HKCU\Software\Apple Computer, Inc. =>.© Apple Computer, Inc. HKCU\Software\AppServ HKCU\Software\ASUS =>.© ASUS HKCU\Software\BasicScript Program Settings HKCU\Software\Cisco Systems Inc. HKCU\Software\Cygwin HKCU\Software\DeepDefragoVista HKCU\Software\DemoRACLang HKCU\Software\DownloadManager HKCU\Software\DScaler5 HKCU\Software\Dual2011 HKCU\Software\ESET HKCU\Software\Gabest HKCU\Software\GNU HKCU\Software\Google =>.© Google HKCU\Software\Haali HKCU\Software\IM Providers HKCU\Software\Intel =>.© Intel HKCU\Software\InterTrust HKCU\Software\JavaSoft =>.© JavaSoft HKCU\Software\Karlis Blumentals HKCU\Software\Macromedia =>.© Macromedia HKCU\Software\madFlac HKCU\Software\Malwarebytes' Anti-Malware =>.© Malwarebytes' Anti-Malware HKCU\Software\Media Research Group HKCU\Software\MediaInfo HKCU\Software\Microsoft =>.© Microsoft HKCU\Software\MindSoft HKCU\Software\MindSoftLang HKCU\Software\MONOGRAM HKCU\Software\Mozilla =>.© Mozilla HKCU\Software\MozillaPlugins =>.© MozillaPlugins HKCU\Software\Netscape =>.© Netscape HKCU\Software\NirSoft HKCU\Software\ODBC HKCU\Software\Piriform =>.© Piriform HKCU\Software\QuickDefragoVista HKCU\Software\RealNetworks =>.© RealNetworks HKCU\Software\Realtek =>.© Realtek HKCU\Software\Revenger inc. HKCU\Software\RocketDock HKCU\Software\Skype =>.© Skype HKCU\Software\SoftwareOK.de HKCU\Software\Sysinternals =>.© Sysinternals HKCU\Software\TeamViewer HKCU\Software\UberIcon-v1.0.0 HKCU\Software\VB and VBA Program Settings HKCU\Software\VSRevoGroup HKCU\Software\Wget HKCU\Software\WinHTTrack Website Copier HKCU\Software\WinRAR HKCU\Software\WinRAR SFX ~ 115 Software Keys scanned in 0 second(s) ---\\ Contents of the Common Files folders (O43) O43 - CFD: 04/02/2011 - 22:53:52 - [] ----D- C:\Program Files\Acronis =>.© O43 - CFD: 04/02/2011 - 22:50:00 - [] ----D- C:\Program Files\Acronis Disk Director Suite 10 build 2160 =>.© O43 - CFD: 05/01/2011 - 13:57:48 - [] ----D- C:\Program Files\Adobe =>.© O43 - CFD: 05/01/2011 - 21:34:22 - [] ----D- C:\Program Files\Alwil Software O43 - CFD: 03/10/2011 - 19:10:25 - [] ----D- C:\Program Files\Apple Software Update =>.© O43 - CFD: 19/02/2011 - 16:05:28 - [] ----D- C:\Program Files\CCleaner O43 - CFD: 08/04/2011 - 14:22:00 - [?] -SH-D- C:\Program Files\Common Files O43 - CFD: 05/01/2011 - 13:36:18 - [0] ----D- C:\Program Files\ComPlus Applications =>.© O43 - CFD: 21/02/2014 - 07:09:14 - [] ----D- C:\Program Files\Debugging Tools for Windows (x86) O43 - CFD: 25/03/2014 - 14:51:52 - [] ----D- C:\Program Files\ESET O43 - CFD: 28/10/2013 - 22:03:47 - [] ----D- C:\Program Files\Falco CheckersII O43 - CFD: 05/01/2011 - 14:29:48 - [] ----D- C:\Program Files\Fichiers communs O43 - CFD: 06/10/2012 - 10:08:18 - [] ----D- C:\Program Files\FreeFileSync O43 - CFD: 05/01/2011 - 21:34:49 - [] ----D- C:\Program Files\Google O43 - CFD: 05/01/2011 - 13:55:01 - [] ----D- C:\Program Files\InstallShield Installation Information =>.© O43 - CFD: 05/01/2011 - 13:36:46 - [] ----D- C:\Program Files\Internet Explorer =>.© O43 - CFD: 11/03/2011 - 17:21:44 - [] ----D- C:\Program Files\Java O43 - CFD: 31/12/2011 - 23:21:32 - [] ----D- C:\Program Files\merg O43 - CFD: 05/01/2011 - 13:36:00 - [] ----D- C:\Program Files\Messenger O43 - CFD: 11/03/2011 - 01:02:23 - [] ----D- C:\Program Files\Microsoft =>.© Microsoft O43 - CFD: 05/01/2011 - 13:39:12 - [] ----D- C:\Program Files\microsoft frontpage =>.© O43 - CFD: 03/03/2013 - 09:32:17 - [] ----D- C:\Program Files\Microsoft Help Viewer =>.© Microsoft O43 - CFD: 04/02/2011 - 23:26:37 - [] ----D- C:\Program Files\Microsoft Office =>.© Microsoft O43 - CFD: 03/03/2013 - 09:32:17 - [] ----D- C:\Program Files\Microsoft SDKs =>.© Microsoft O43 - CFD: 03/03/2013 - 09:41:48 - [] ----D- C:\Program Files\Microsoft SQL Server =>.© Microsoft O43 - CFD: 03/03/2013 - 09:41:34 - [] ----D- C:\Program Files\Microsoft SQL Server Compact Edition =>.© Microsoft O43 - CFD: 03/03/2013 - 09:41:36 - [] ----D- C:\Program Files\Microsoft Synchronization Services =>.© Microsoft O43 - CFD: 17/04/2012 - 19:05:19 - [] ----D- C:\Program Files\Microsoft Visual Studio =>.© Microsoft O43 - CFD: 04/02/2011 - 23:32:09 - [] ----D- C:\Program Files\Microsoft Works =>.© Microsoft O43 - CFD: 22/04/2011 - 19:17:56 - [] ----D- C:\Program Files\MindSoft Utilities 2011 O43 - CFD: 05/01/2011 - 13:37:20 - [] ----D- C:\Program Files\Movie Maker O43 - CFD: 08/04/2014 - 23:39:42 - [] ----D- C:\Program Files\Mozilla Firefox =>.© O43 - CFD: 08/04/2014 - 23:39:45 - [] ----D- C:\Program Files\Mozilla Maintenance Service =>.© O43 - CFD: 17/04/2012 - 19:06:03 - [] ----D- C:\Program Files\MSBuild =>.© O43 - CFD: 05/01/2011 - 13:35:24 - [] ----D- C:\Program Files\MSN O43 - CFD: 05/01/2011 - 13:35:57 - [] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 25/04/2013 - 19:59:52 - [] ----D- C:\Program Files\MZTools3VBA O43 - CFD: 05/01/2011 - 13:36:56 - [] ----D- C:\Program Files\NetMeeting O43 - CFD: 25/11/2011 - 17:49:06 - [] ----D- C:\Program Files\Office Automation O43 - CFD: 05/01/2011 - 13:36:06 - [] ----D- C:\Program Files\Online Services O43 - CFD: 10/04/2013 - 22:41:00 - [] ----D- C:\Program Files\OSWINSCK O43 - CFD: 05/01/2011 - 13:36:53 - [] ----D- C:\Program Files\Outlook Express =>.© O43 - CFD: 06/03/2013 - 19:28:08 - [] ----D- C:\Program Files\Publication Web O43 - CFD: 14/07/2011 - 23:48:03 - [] ----D- C:\Program Files\Real O43 - CFD: 05/01/2011 - 13:55:01 - [] ----D- C:\Program Files\Realtek =>.© O43 - CFD: 05/02/2014 - 19:14:16 - [] ----D- C:\Program Files\Recuva O43 - CFD: 03/03/2013 - 09:31:06 - [] ----D- C:\Program Files\Reference Assemblies =>.© O43 - CFD: 07/12/2012 - 23:44:12 - [] ----D- C:\Program Files\ReviverSoft =>.© O43 - CFD: 05/01/2011 - 13:38:05 - [] ----D- C:\Program Files\Services en ligne O43 - CFD: 11/02/2014 - 22:11:00 - [] R---D- C:\Program Files\Skype =>.© O43 - CFD: 16/02/2014 - 20:20:02 - [] ----D- C:\Program Files\TeamViewer =>.© O43 - CFD: 12/09/2012 - 23:47:28 - [] ----D- C:\Program Files\Test O43 - CFD: 03/03/2014 - 19:54:35 - [] ----D- C:\Program Files\Tracker Software O43 - CFD: 05/01/2011 - 13:51:59 - [0] ----D- C:\Program Files\Uninstall Information O43 - CFD: 19/02/2014 - 20:44:26 - [] ----D- C:\Program Files\WhoCrashed =>.© O43 - CFD: 11/03/2011 - 01:01:02 - [] ----D- C:\Program Files\Windows Live =>.© O43 - CFD: 11/03/2011 - 01:01:56 - [] ----D- C:\Program Files\Windows Live SkyDrive =>.© O43 - CFD: 05/01/2011 - 13:36:05 - [] ----D- C:\Program Files\Windows Media Player =>.© O43 - CFD: 05/01/2011 - 13:35:22 - [] ----D- C:\Program Files\Windows NT O43 - CFD: 05/01/2011 - 13:38:08 - [0] ----D- C:\Program Files\WindowsUpdate O43 - CFD: 05/01/2011 - 21:26:33 - [] ----D- C:\Program Files\WinRAR =>.© O43 - CFD: 05/01/2011 - 13:39:12 - [] ----D- C:\Program Files\xerox =>.© O43 - CFD: 04/02/2011 - 22:53:52 - [] ----D- C:\Program Files\Fichiers communs\Acronis =>.© O43 - CFD: 05/01/2011 - 13:57:48 - [] ----D- C:\Program Files\Fichiers communs\Adobe =>.© O43 - CFD: 20/02/2011 - 17:58:40 - [] ----D- C:\Program Files\Fichiers communs\Adobe AIR =>.© O43 - CFD: 02/03/2011 - 23:16:32 - [] ----D- C:\Program Files\Fichiers communs\Adobe Systems Shared =>.© O43 - CFD: 08/04/2012 - 13:50:35 - [] ----D- C:\Program Files\Fichiers communs\Ahead O43 - CFD: 18/09/2011 - 17:51:37 - [] ----D- C:\Program Files\Fichiers communs\Apple =>.© O43 - CFD: 17/04/2012 - 19:05:16 - [] ----D- C:\Program Files\Fichiers communs\DESIGNER =>.© O43 - CFD: 05/01/2011 - 13:55:26 - [] ----D- C:\Program Files\Fichiers communs\InstallShield =>.© O43 - CFD: 09/04/2014 - 01:52:30 - [] ----D- C:\Program Files\Fichiers communs\Java O43 - CFD: 05/01/2011 - 14:29:48 - [] ----D- C:\Program Files\Fichiers communs\Microsoft Shared =>.© Microsoft O43 - CFD: 05/01/2011 - 13:37:33 - [] ----D- C:\Program Files\Fichiers communs\MSSoap O43 - CFD: 05/01/2011 - 14:29:51 - [] ----D- C:\Program Files\Fichiers communs\ODBC =>.© O43 - CFD: 05/01/2011 - 13:37:36 - [] ----D- C:\Program Files\Fichiers communs\Services O43 - CFD: 11/02/2014 - 22:11:02 - [] ----D- C:\Program Files\Fichiers communs\Skype =>.© O43 - CFD: 05/01/2011 - 14:29:48 - [] ----D- C:\Program Files\Fichiers communs\SpeechEngines =>.© O43 - CFD: 05/01/2011 - 13:36:46 - [] ----D- C:\Program Files\Fichiers communs\System O43 - CFD: 10/03/2011 - 22:51:15 - [] ----D- C:\Program Files\Fichiers communs\Windows Live =>.© O43 - CFD: 14/07/2011 - 23:48:34 - [] ----D- C:\Program Files\Fichiers communs\xing shared =>.© O43 - CFD: 05/01/2011 - 13:34:45 - [] R---D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires O43 - CFD: 04/02/2011 - 22:53:54 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Acronis =>.© O43 - CFD: 02/03/2011 - 23:21:09 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe =>.© O43 - CFD: 19/02/2011 - 16:05:50 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner O43 - CFD: 23/03/2012 - 12:30:59 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Cisco ConfigMaker =>.© O43 - CFD: 21/02/2014 - 07:09:20 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Debugging Tools for Windows (x86) O43 - CFD: 05/01/2011 - 14:29:22 - [?] -SH-D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage O43 - CFD: 31/03/2014 - 04:27:47 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ESET O43 - CFD: 28/10/2013 - 22:03:50 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Falco CheckersII O43 - CFD: 18/02/2011 - 21:47:21 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\FileZilla FTP Client =>.© O43 - CFD: 06/10/2012 - 10:08:25 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\FreeFileSync O43 - CFD: 26/02/2012 - 18:05:50 - [0] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HygieAA O43 - CFD: 04/05/2011 - 07:40:13 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Internet Download Manager O43 - CFD: 09/04/2014 - 01:52:12 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java O43 - CFD: 05/01/2011 - 13:36:28 - [] R---D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux O43 - CFD: 19/02/2011 - 19:32:54 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\K-Lite Codec Pack O43 - CFD: 10/03/2011 - 23:17:39 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware =>.© O43 - CFD: 04/02/2011 - 23:32:23 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office =>.© Microsoft O43 - CFD: 22/04/2011 - 19:18:03 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MindSoft Utilities 2011 O43 - CFD: 08/04/2012 - 13:54:15 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero O43 - CFD: 16/02/2011 - 21:10:12 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Notepad++ =>.© O43 - CFD: 10/04/2013 - 22:41:06 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\OstroSoft Winsock Component O43 - CFD: 05/01/2011 - 13:36:12 - [] R---D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration O43 - CFD: 03/03/2014 - 19:54:39 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PDF-XChange PDF Viewer O43 - CFD: 15/08/2011 - 17:26:22 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\phpDesigner 7 =>.© O43 - CFD: 08/04/2014 - 08:35:14 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Q-Dir O43 - CFD: 18/09/2011 - 17:55:15 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime =>.© O43 - CFD: 28/04/2011 - 21:50:05 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Rapid PHP 2010 O43 - CFD: 14/07/2011 - 23:48:10 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Real O43 - CFD: 05/02/2014 - 19:14:21 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Recuva O43 - CFD: 07/12/2012 - 23:44:15 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ReviverSoft =>.© O43 - CFD: 24/02/2014 - 07:44:51 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Seven Remix XP O43 - CFD: 11/02/2014 - 22:11:03 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Skype =>.© O43 - CFD: 16/02/2014 - 20:20:10 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\TeamViewer 9 =>.© O43 - CFD: 14/04/2011 - 19:29:24 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\USB Disk Security O43 - CFD: 19/02/2014 - 20:44:28 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WhoCrashed =>.© O43 - CFD: 11/03/2011 - 01:01:25 - [0] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Live =>.© O43 - CFD: 01/05/2011 - 19:51:04 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinHTTrack O43 - CFD: 05/01/2011 - 21:26:35 - [] ----D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR =>.© O43 - CFD: 04/02/2011 - 23:04:39 - [] ----D- C:\Documents and Settings\All Users\Application Data\Acronis =>.© O43 - CFD: 11/08/2011 - 18:51:29 - [] ----D- C:\Documents and Settings\All Users\Application Data\Adobe =>.© O43 - CFD: 02/03/2011 - 23:17:00 - [] ----D- C:\Documents and Settings\All Users\Application Data\Adobe Systems =>.© O43 - CFD: 05/01/2011 - 21:34:22 - [0] ----D- C:\Documents and Settings\All Users\Application Data\Alwil Software O43 - CFD: 18/09/2011 - 17:50:08 - [] ----D- C:\Documents and Settings\All Users\Application Data\Apple =>.© O43 - CFD: 18/09/2011 - 17:53:14 - [] ----D- C:\Documents and Settings\All Users\Application Data\Apple Computer =>.© O43 - CFD: 20/02/2014 - 19:21:19 - [] ----D- C:\Documents and Settings\All Users\Application Data\Avira =>.© O43 - CFD: 31/03/2014 - 04:27:47 - [] ----D- C:\Documents and Settings\All Users\Application Data\ESET O43 - CFD: 11/08/2011 - 18:51:29 - [] ----D- C:\Documents and Settings\All Users\Application Data\FLEXnet =>.© O43 - CFD: 10/03/2011 - 23:17:38 - [] ----D- C:\Documents and Settings\All Users\Application Data\Malwarebytes =>.© O43 - CFD: 05/01/2011 - 14:29:06 - [] -S--D- C:\Documents and Settings\All Users\Application Data\Microsoft =>.© Microsoft O43 - CFD: 04/02/2011 - 23:26:36 - [] ----D- C:\Documents and Settings\All Users\Application Data\Microsoft Help =>.© Microsoft O43 - CFD: 19/05/2012 - 09:14:06 - [] ----D- C:\Documents and Settings\All Users\Application Data\Mozilla =>.© O43 - CFD: 15/08/2011 - 17:27:22 - [] ----D- C:\Documents and Settings\All Users\Application Data\phpDesigner =>.© O43 - CFD: 14/07/2011 - 23:48:03 - [] ----D- C:\Documents and Settings\All Users\Application Data\Real O43 - CFD: 07/12/2012 - 23:44:18 - [] ----D- C:\Documents and Settings\All Users\Application Data\ReviverSoft =>.© O43 - CFD: 11/02/2014 - 22:10:08 - [] ----D- C:\Documents and Settings\All Users\Application Data\Skype =>.© O43 - CFD: 11/03/2011 - 17:24:50 - [] ----D- C:\Documents and Settings\All Users\Application Data\Sun O43 - CFD: 28/02/2011 - 20:54:45 - [?] -SH-D- C:\Documents and Settings\All Users\Application Data\System Restore =>.© O43 - CFD: 14/04/2011 - 19:41:45 - [0] ----D- C:\Documents and Settings\All Users\Application Data\Zbshareware Lab O43 - CFD: 05/01/2011 - 14:29:22 - [] R---D- C:\Documents and Settings\All Users\Menu Démarrer\Programmes O43 - CFD: 05/01/2011 - 13:58:01 - [] ----D- C:\Documents and Settings\guessas amar\Local Settings\Application Data\Adobe =>.© O43 - CFD: 18/09/2011 - 17:50:55 - [] ----D- C:\Documents and Settings\guessas amar\Local Settings\Application Data\Apple =>.© O43 - CFD: 18/09/2011 - 17:49:40 - [] ----D- C:\Documents and Settings\guessas amar\Local Settings\Application Data\Apple Computer =>.© O43 - CFD: 04/04/2014 - 17:29:24 - [] ----D- C:\Documents and Settings\guessas amar\Local Settings\Application Data\ESET O43 - CFD: 05/01/2011 - 21:34:49 - [] ----D- C:\Documents and Settings\guessas amar\Local Settings\Application Data\Google O43 - CFD: 18/02/2011 - 17:35:28 - [] ----D- C:\Documents and Settings\guessas amar\Local Settings\Application Data\Identities O43 - CFD: 05/01/2011 - 13:51:55 - [] ----D- C:\Documents and Settings\guessas amar\Local Settings\Application Data\Microsoft =>.© Microsoft O43 - CFD: 04/02/2011 - 23:27:00 - [0] ----D- C:\Documents and Settings\guessas amar\Local Settings\Application Data\Microsoft Help =>.© Microsoft O43 - CFD: 05/01/2011 - 21:00:22 - [] ----D- C:\Documents and Settings\guessas amar\Local Settings\Application Data\Mozilla =>.© O43 - CFD: 21/03/2012 - 18:24:51 - [] ----D- C:\Documents and Settings\guessas amar\Local Settings\Application Data\PCHealth O43 - CFD: 11/02/2014 - 22:12:29 - [] ----D- C:\Documents and Settings\guessas amar\Local Settings\Application Data\Skype =>.© O43 - CFD: 05/01/2011 - 21:35:19 - [0] ----D- C:\Documents and Settings\guessas amar\Local Settings\Application Data\Temp O43 - CFD: 17/09/2011 - 14:17:21 - [0] ----D- C:\Documents and Settings\guessas amar\Local Settings\Application Data\WMTools Downloaded Files ~ 153 Folders found in 1 second(s) ---\\ Last modified or created files under Windows and System32 (O44) O44 - LFC:[MD5.9395BBE294045909A025C9F3DC3D9025] - 09/04/2014 - 01:52:12 ---A-- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\java.exe [174504] O44 - LFC:[MD5.CB3638541DCAC86EE17FA8258202E20E] - 09/04/2014 - 01:52:12 ---A-- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [175016] O44 - LFC:[MD5.95E15A2DE75AB48728AB8E1911C3EDB1] - 09/04/2014 - 01:52:24 ---A-- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [264616] O44 - LFC:[MD5.A7327FBA8897E5AA16A1D3BB57589407] - 09/04/2014 - 07:45:25 ---A-- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\WINDOWS\System32\MRT.exe [88028728] =>.© Microsoft O44 - LFC:[MD5.FD80D0AE205EC54D1A204DDBD6B766DA] - ---A-- . (...) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [94632] O44 - LFC:[MD5.0DB7527DB188C7D967A37BB51BBF3963] - 08/04/2014 - 23:09:41 ---A-- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [40776] O44 - LFC:[MD5.00000000000000000000000000000000] - --H-D- . (...) -- C:\WINDOWS\$NtUninstallKB2467659$ [0] O44 - LFC:[MD5.A67D776568F783283C7727DB5430990B] - ---A-- . (...) -- C:\WINDOWS\comsetup.log [14409] O44 - LFC:[MD5.2934D8DF0DE1A083C857992CD5011288] - ---A-- . (...) -- C:\WINDOWS\FaxSetup.log [43284] O44 - LFC:[MD5.BCFB9C2CEC567C58241D9F4B3F449FCC] - ---A-- . (...) -- C:\WINDOWS\ie8.log [370697] O44 - LFC:[MD5.AF79CC0090033CC98003D2CCEF5B76B0] - ---A-- . (...) -- C:\WINDOWS\ie8_main.log [4435926] O44 - LFC:[MD5.7BC46A8658AF3D05975976F2D2C3BA95] - ---A-- . (...) -- C:\WINDOWS\iis6.log [49599] O44 - LFC:[MD5.40C50A5527EC7465502A9EEA9B5555B5] - ---A-- . (...) -- C:\WINDOWS\imsins.BAK [1355] O44 - LFC:[MD5.408402D9C478AEA7890F94573624008C] - ---A-- . (...) -- C:\WINDOWS\imsins.log [1355] O44 - LFC:[MD5.62D28453BDCA7DDD74D0CD3A5E0FAB4B] - ---A-- . (...) -- C:\WINDOWS\KB2467659.log [356005] O44 - LFC:[MD5.FD03223F875C63F957AB027EFDC23AA0] - ---A-- . (...) -- C:\WINDOWS\KB2598845-IE8.log [356650] O44 - LFC:[MD5.C3B541B494C1F979A0381774519FA416] - ---A-- . (...) -- C:\WINDOWS\KB2862772-IE8.log [365936] O44 - LFC:[MD5.81327296EA3CBE7AC0B25F3C0DC02778] - ---A-- . (...) -- C:\WINDOWS\KB2909921-IE8.log [365388] O44 - LFC:[MD5.0B9A73C27EA17E313C212B6033C01924] - ---A-- . (...) -- C:\WINDOWS\KB2936068-IE8.log [365388] O44 - LFC:[MD5.DC3E1A19A42E8D88DD42C97579B97FF9] - ---A-- . (...) -- C:\WINDOWS\KB982381-IE8.log [371647] O44 - LFC:[MD5.1A81A8750839B7DF151FE29CB8744803] - ---A-- . (...) -- C:\WINDOWS\MedCtrOC.log [2975] O44 - LFC:[MD5.CED93F96AFCD008BBD45BFED58C90672] - ---A-- . (...) -- C:\WINDOWS\msgsocm.log [2163] O44 - LFC:[MD5.B2B63BA44123F550EAE57307A227B08C] - ---A-- . (...) -- C:\WINDOWS\msmqinst.log [13058] O44 - LFC:[MD5.D9C800442FB52FF460C2ECF539A0D3A8] - ---A-- . (...) -- C:\WINDOWS\netfxocm.log [7581] O44 - LFC:[MD5.9C1864172BFBB4CE1149EDD904F33F55] - ---A-- . (...) -- C:\WINDOWS\ntdtcsetup.log [8711] O44 - LFC:[MD5.9DA9CCF77AB01FA77DF7637113CEA7F7] - ---A-- . (...) -- C:\WINDOWS\ocgen.log [20692] O44 - LFC:[MD5.FA24CFB6DD7A9E015598499895820E81] - ---A-- . (...) -- C:\WINDOWS\ocmsn.log [2394] O44 - LFC:[MD5.3B28D6BA281E5DAF1692CF4BF7C40665] - ---A-- . (...) -- C:\WINDOWS\Q-Dir.ini [4000] O44 - LFC:[MD5.BD21ABEB164D40CFFDDE1392B081D7C3] - ---A-- . (...) -- C:\WINDOWS\spupdsvc.log [7311] O44 - LFC:[MD5.FFE0898BCF0D2FC6C941D1AF7018C14B] - ---A-- . (...) -- C:\WINDOWS\tabletoc.log [2177] O44 - LFC:[MD5.6CA2E55271B3B4939CB97D81F28B57C6] - ---A-- . (...) -- C:\WINDOWS\tsoc.log [19748] O44 - LFC:[MD5.1B9C06555F1E3321FC5317FDB6077EFC] - ---A-- . (...) -- C:\WINDOWS\updspapi.log [24255] ~ 32 Last Acceded System File scanned in 23 second(s) ---\\ Operations and functions at Windows Explorer startup (O46) O46 - SEH: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\System32\shell32.dll ~ 1 ShellExecuteHooks Files found in 0 second(s) ---\\ O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bu.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O47 - AAKE:Key Export SP - "J:\st2\DreamweaverPortable\App\DreamweaverCS4\Dreamweaver.exe" [Enabled] .(.Adobe Systems, Inc. - Adobe Dreamweaver CS4.) -- J:\st2\DreamweaverPortable\App\DreamweaverCS4\Dreamweaver.exe O47 - AAKE:Key Export SP - "H:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype .) -- H:\Program Files\Skype\Phone\Skype.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype .) -- C:\Program Files\Skype\Phone\Skype.exe O47 - AAKE:Key Export SP - "C:\Program Files\TeamViewer\Version9\TeamViewer.exe" [Enabled] .(.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files\TeamViewer\Version9\TeamViewer.exe O47 - AAKE:Key Export SP - "C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe" [Enabled] .(.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\usmt\migwiz.exe" [Enabled] .(.Microsoft Corporation - Assistant Transfert de fichiers et de param.) -- C:\WINDOWS\system32\usmt\migwiz.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bu.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "J:\st2\DreamweaverPortable\App\DreamweaverCS4\Dreamweaver.exe" [Enabled] .(.Adobe Systems, Inc. - Adobe Dreamweaver CS4.) -- J:\st2\DreamweaverPortable\App\DreamweaverCS4\Dreamweaver.exe ~ 12 Authorized Application Key Export scanned in 3 second(s) ---\\ Local Security Authority-LSA Deny (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll =>.© Microsoft O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Editeur de configurat.) -- C:\WINDOWS\System32\scecli.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\WINDOWS\System32\kerberos.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\System32\schannel.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\System32\wdigest.dll =>.© Microsoft ~ 6 Local Security Authority found in 0 second(s) ---\\ Safe Boot Control (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) -- C:\WINDOWS\System32\drivers\dmboot.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\drivers\dmio.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\WINDOWS\System32\drivers\sermouse.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) -- C:\WINDOWS\System32\drivers\sr.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\drivers\vga.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\drivers\vgasave.sys (.not file.) =>.© O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) -- C:\WINDOWS\System32\drivers\dmboot.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\drivers\dmio.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\System32\drivers\ip6fw.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\ipnat.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\drivers\rdpcdd.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\System32\drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, .) -- C:\WINDOWS\System32\drivers\rdpwd.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\WINDOWS\System32\drivers\sermouse.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) -- C:\WINDOWS\System32\drivers\sr.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\System32\drivers\tdpipe.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\System32\drivers\tdtcp.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\drivers\vga.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\drivers\vgasave.sys (.not file.) =>.© ~ 21 Safe Boot Control scanned in 0 second(s) ---\\ System Drivers List (SDL) (O58) O58 - SDL:[MD5.7618D5218F2A614672EC61A80D854A37] - 09/04/2014-18:40:30 . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\afd.sys [138496] =>.© Microsoft O58 - SDL:[MD5.1F4260CC5B42272D71F79E570A27A4FE] - 09/04/2014-18:40:30 . (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\system32\DRIVERS\cdrom.sys [62976] =>.© Microsoft O58 - SDL:[MD5.0C51F1D7A7501FC948D35AE0FDE764A5] - 09/04/2014-18:40:30 . (.ESET - Amon monitor.) -- C:\WINDOWS\system32\DRIVERS\eamon.sys [184664] O58 - SDL:[MD5.C79916F203E1A2CBBE99F22D6E5D21DA] - 09/04/2014-18:40:30 . (.ESET - ESET Helper driver.) -- C:\WINDOWS\system32\DRIVERS\ehdrv.sys [134248] O58 - SDL:[MD5.8727A2182BBCD588E255C60C1AA7B357] - 09/04/2014-18:40:30 . (.ESET - ESET Antivirus Network Redirector.) -- C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [118768] O58 - SDL:[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - 09/04/2014-18:40:30 . (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\system32\DRIVERS\i8042prt.sys [54144] =>.© Microsoft O58 - SDL:[MD5.EB5A63ADBF35314465CFBC33558CDAF7] - 09/04/2014-18:40:30 . (.Tonec Inc. - Internet Download Manager TDI Driver.) -- C:\WINDOWS\system32\DRIVERS\idmtdi.sys [104456] O58 - SDL:[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - 09/04/2014-18:40:30 . (.Microsoft Corporation - IMAPI Kernel Driver.) -- C:\WINDOWS\system32\DRIVERS\imapi.sys [42112] =>.© Microsoft O58 - SDL:[MD5.AD340800C35A42D4DE1641A37FEEA34C] - 09/04/2014-18:40:30 . (.Microsoft Corporation - Pilote de périphérique processeur.) -- C:\WINDOWS\system32\DRIVERS\intelppm.sys [40576] =>.© Microsoft O58 - SDL:[MD5.23C74D75E36E7158768DD63D92789A91] - 09/04/2014-18:40:30 . (.Microsoft Corporation - IPSec Driver.) -- C:\WINDOWS\system32\DRIVERS\ipsec.sys [75264] =>.© Microsoft O58 - SDL:[MD5.16813155807C6881F4BFBF6657424659] - 09/04/2014-18:40:30 . (.Microsoft Corporation - Pilote de la classe Clavier.) -- C:\WINDOWS\system32\DRIVERS\kbdclass.sys [25216] =>.© Microsoft O58 - SDL:[MD5.027C01BD7EF3349AAEBC883D8A799EFB] - 09/04/2014-18:40:30 . (.Microsoft Corporation - Pilote de la classe Souris.) -- C:\WINDOWS\system32\DRIVERS\mouclass.sys [23680] =>.© Microsoft O58 - SDL:[MD5.F3AEFB11ABC521122B67095044169E98] - 09/04/2014-18:40:30 . (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [455680] =>.© Microsoft O58 - SDL:[MD5.5D81CF9A2F1A3A756B66CF684911CDF0] - 09/04/2014-18:40:30 . (.Microsoft Corporation - NetBIOS interface driver.) -- C:\WINDOWS\system32\DRIVERS\netbios.sys [34688] =>.© Microsoft O58 - SDL:[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - 09/04/2014-18:40:30 . (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\system32\DRIVERS\netbt.sys [162816] =>.© Microsoft O58 - SDL:[MD5.FE0D99D6F31E4FAD8159F690D68DED9C] - 09/04/2014-18:40:30 . (.Microsoft Corporation - RAS Automatic Connection Driver.) -- C:\WINDOWS\system32\DRIVERS\rasacd.sys [8832] =>.© Microsoft O58 - SDL:[MD5.7AD224AD1A1437FE28D89CF22B17780A] - 09/04/2014-18:40:30 . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) -- C:\WINDOWS\system32\DRIVERS\rdbss.sys [175744] =>.© Microsoft O58 - SDL:[MD5.4912D5B403614CE99C28420F75353332] - 09/04/2014-18:40:30 . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\DRIVERS\RDPCDD.sys [4224] =>.© Microsoft O58 - SDL:[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - 09/04/2014-18:40:30 . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) -- C:\WINDOWS\system32\DRIVERS\redbook.sys [58752] =>.© Microsoft O58 - SDL:[MD5.93D313C31F7AD9EA2B75F26075413C7C] - 09/04/2014-18:40:30 . (.Microsoft Corporation - Pilote de périphérique série.) -- C:\WINDOWS\system32\DRIVERS\serial.sys [66048] =>.© Microsoft O58 - SDL:[MD5.9AEFA14BD6B182D61E3119FA5F436D3D] - 09/04/2014-18:40:30 . (.Microsoft Corporation - TCP/IP Protocol Driver.) -- C:\WINDOWS\system32\DRIVERS\tcpip.sys [361600] =>.© Microsoft O58 - SDL:[MD5.88155247177638048422893737429D9E] - 09/04/2014-18:40:30 . (.Microsoft Corporation - Terminal Server Driver.) -- C:\WINDOWS\system32\DRIVERS\termdd.sys [40840] =>.© Microsoft O58 - SDL:[MD5.0D3A8FAFCEACD8B7625CD549757A7DF1] - 09/04/2014-18:40:30 . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\drivers\vga.sys [20992] =>.© Microsoft O58 - SDL:[MD5.6ABE6E225ADB5A751622A9CC3BC19CE8] - 09/04/2014-18:40:30 . (.Microsoft Corporation - Winsock2 IFS Layer.) -- C:\WINDOWS\System32\drivers\ws2ifsl.sys [12032] =>.© Microsoft ~ 24 System Drivers scanned in 0 second(s) ---\\ List all legacy services(LALS) (O64) O64 - Services: CurCS - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (AdobeFlashPlayerUpdateSvc) .(.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 12.0 r0.) -- LEGACY_ADOBEFLASHPLAYERUPDATESVC O64 - Services: CurCS - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe LM Service) .(.Adobe Systems - System Level Service Utility.) -- LEGACY_ADOBE_LM_SERVICE O64 - Services: CurCS - C:\WINDOWS\System32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- LEGACY_AFD =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) -- LEGACY_ALG =>.© Microsoft Corporation O64 - Services: CurCS - d:\AppServ\Apache2.2\bin\httpd.exe (Apache2.2) .(.Apache Software Foundation - Apache HTTP Server.) -- LEGACY_APACHE2.2 O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (AppMgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_APPMGMT =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_AUDIOSRV =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_BITS =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_BROWSER =>.© Microsoft Corporation O64 - Services: CurCS - C:\plop\catchme.sys (catchme) .(...) - LEGACY_CATCHME O64 - Services: CurCS - C:\WINDOWS\system32\cisvc.exe (CiSvc) .(.Microsoft Corporation - Content Index service.) -- LEGACY_CISVC =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\clipsrv.exe (ClipSrv) .(.Microsoft Corporation - Windows NT DDE Server.) -- LEGACY_CLIPSRV =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (clr_optimization_v4.0.30319_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) -- LEGACY_CLR_OPTIMIZATION_V4.0.30319_32 =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\dllhost.exe (COMSysApp) .(.Microsoft Corporation - COM Surrogate.) -- LEGACY_COMSYSAPP =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_CRYPTSVC =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (DcomLaunch) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_DCOMLAUNCH =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_DHCP =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\dmadmin.exe (dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) -- LEGACY_DMADMIN =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\drivers\dmboot.sys (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) -- LEGACY_DMBOOT =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\drivers\dmload.sys (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- LEGACY_DMLOAD =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_DMSERVER =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_DNSCACHE =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\eamon.sys (eamon) .(.ESET - Amon monitor.) -- LEGACY_EAMON O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\ehdrv.sys (ehdrv) .(.ESET - ESET Helper driver.) -- LEGACY_EHDRV O64 - Services: CurCS - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ekrn) .(.ESET - ESET Service.) -- LEGACY_EKRN O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\epfwtdir.sys (epfwtdir) .(.ESET - ESET Antivirus Network Redirector.) -- LEGACY_EPFWTDIR O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_ERSVC =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_EVENTSYSTEM =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_FASTUSERSWITCHINGCOMPATIBILITY =>.© Microsoft Corporation O64 - Services: CurCS - J:\st2\DreamweaverPortable\App\FLEXnetPublisher\FNPLicensingService.exe (FLEXnet Licensing Service) .(.Acresso Software Inc. - Activation Licensing Service.) -- LEGACY_FLEXNET_LICENSING_SERVICE O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\fltMgr.sys (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) -- LEGACY_FLTMGR =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\msgpc.sys (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) -- LEGACY_GPC =>.© Microsoft Corporation O64 - Services: CurCS - C:\Program Files\Google\Update\GoogleUpdate.exe (gupdate) .(.Google Inc. - Programme d'installation de Google.) -- LEGACY_GUPDATE =>.© O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_HELPSVC =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_HIDSERV =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\HTTP.sys (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) -- LEGACY_HTTP =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\idmtdi.sys (IDMTDI) .(.Tonec Inc. - Internet Download Manager TDI Driver.) -- LEGACY_IDMTDI O64 - Services: CurCS - C:\WINDOWS\system32\inetsrv\inetinfo.exe (IISADMIN) .(.Microsoft Corporation - Services Internet (IIS).) -- LEGACY_IISADMIN =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\imapi.exe (ImapiService) .(.Microsoft Corporation - API Image Mastering.) -- LEGACY_IMAPISERVICE =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys (IpFilterDriver) .(.Microsoft Corporation - IP FILTER DRIVER.) -- LEGACY_IPFILTERDRIVER =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\ipnat.sys (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) -- LEGACY_IPNAT =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec) .(.Microsoft Corporation - IPSec Driver.) -- LEGACY_IPSEC =>.© Microsoft Corporation O64 - Services: CurCS - C:\Program Files\Java\jre7\bin\jqs.exe (JavaQuickStarterService) .(.Oracle Corporation - Java Quick Starter Service.) -- LEGACY_JAVAQUICKSTARTERSERVICE =>.© O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (LanmanServer) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_LANMANSERVER =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_LANMANWORKSTATION =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_LMHOSTS =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- LEGACY_MBAMPROTECTOR =>.© O64 - Services: CurCS - d:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (MBAMScheduler) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- LEGACY_MBAMSCHEDULER =>.© O64 - Services: CurCS - d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (MBAMService) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- LEGACY_MBAMSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\drivers\mbamswissarmy.sys (MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- LEGACY_MBAMSWISSARMY O64 - Services: CurCS - C:\WINDOWS\system32\mnmsrvc.exe (mnmsrvc) .(.Microsoft Corporation - Partage de Bureau à distance NetMeeting.) -- LEGACY_MNMSRVC =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\mrxdav.sys (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) -- LEGACY_MRXDAV =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) -- LEGACY_MRXSMB =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\msdtc.exe (MSDTC) .(.Microsoft Corporation - MS DTC console program.) -- LEGACY_MSDTC =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\msiexec.exe (MSIServer) .(.Microsoft Corporation - Windows® installer.) -- LEGACY_MSISERVER =>.© Microsoft Corporation O64 - Services: CurCS - Mup (Mup) .(...) - LEGACY_MUP =>.© O64 - Services: CurCS - Pilote système NDIS (NDIS) .(...) - LEGACY_NDIS =>.© O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) -- LEGACY_NDISTAPI =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) -- LEGACY_NDISUIO =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) -- LEGACY_NETBIOS =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) -- LEGACY_NETBT =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe (Netlogon) .(.Microsoft Corporation - LSA Shell (Export Version).) -- LEGACY_NETLOGON =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_NETMAN =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_NLA =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe (NtLmSsp) .(.Microsoft Corporation - LSA Shell (Export Version).) -- LEGACY_NTLMSSP =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (NtmsSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_NTMSSVC =>.© Microsoft Corporation O64 - Services: CurCS - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (odserv) .(.Microsoft Corporation - Microsoft Office Diagnostics.) -- LEGACY_ODSERV =>.© Microsoft Corporation O64 - Services: CurCS - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (ose) .(.Microsoft Corporation - Office Source Engine.) -- LEGACY_OSE =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) -- LEGACY_POLICYAGENT =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) -- LEGACY_PROTECTEDSTORAGE =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\rasacd.sys (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) -- LEGACY_RASACD =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (RasAuto) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_RASAUTO =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_RASMAN =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\rdbss.sys (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) -- LEGACY_RDBSS =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) -- LEGACY_RDPCDD =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\sessmgr.exe (RDSessMgr) .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bu.) -- LEGACY_RDSESSMGR =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (RemoteRegistry) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_REMOTEREGISTRY =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\locator.exe (RpcLocator) .(.Microsoft Corporation - Rpc Locator.) -- LEGACY_RPCLOCATOR =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (RpcSs) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_RPCSS =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\rsvp.exe (RSVP) .(.Microsoft Corporation - Microsoft RSVP.) -- LEGACY_RSVP =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) -- LEGACY_SAMSS =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\SCardSvr.exe (SCardSvr) .(.Microsoft Corporation - Serveur de gestion de ressources des cartes.) -- LEGACY_SCARDSVR =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_SCHEDULE =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_SECLOGON =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_SENS =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_SHAREDACCESS =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_SHELLHWDETECTION =>.© Microsoft Corporation O64 - Services: CurCS - C:\Program Files\Skype\Updater\Updater.exe (SkypeUpdate) .(.Skype Technologies - Skype Updater Service.) -- LEGACY_SKYPEUPDATE =>.© O64 - Services: CurCS - C:\WINDOWS\system32\inetsrv\inetinfo.exe (SMTPSVC) .(.Microsoft Corporation - Services Internet (IIS).) -- LEGACY_SMTPSVC =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\spoolsv.exe (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) -- LEGACY_SPOOLER =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\sr.sys (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) -- LEGACY_SR =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_SRSERVICE =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\srv.sys (Srv) .(.Microsoft Corporation - Server driver.) -- LEGACY_SRV =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_SSDPSRV =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_STISVC =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\dllhost.exe (SwPrv) .(.Microsoft Corporation - COM Surrogate.) -- LEGACY_SWPRV =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\smlogsvc.exe (SysmonLog) .(.Microsoft Corporation - Service des alertes et des journaux de perf.) -- LEGACY_SYSMONLOG =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_TAPISRV =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\tcpip.sys (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) -- LEGACY_TCPIP =>.© Microsoft Corporation O64 - Services: CurCS - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer9) .(.TeamViewer GmbH - TeamViewer 9.) -- LEGACY_TEAMVIEWER9 O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (TermService) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_TERMSERVICE =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_THEMES =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_TRKWKS =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) -- LEGACY_VGASAVE =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\vssvc.exe (VSS) .(.Microsoft Corporation - Service de cliché instantané de volumes Mic.) -- LEGACY_VSS =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_W32TIME =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\inetsrv\inetinfo.exe (w3svc) .(.Microsoft Corporation - Services Internet (IIS).) -- LEGACY_W3SVC =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\wanarp.sys (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) -- LEGACY_WANARP =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_WEBCLIENT =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_WINMGMT =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\wbem\wmiapsrv.exe (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) -- LEGACY_WMIAPSRV =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (WPFFontCache_v0400) .(.Microsoft Corporation - wpffontcache_v0400.exe.) -- LEGACY_WPFFONTCACHE_V0400 =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\drivers\ws2ifsl.sys (WS2IFSL) .(.Microsoft Corporation - Winsock2 IFS Layer.) -- LEGACY_WS2IFSL =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_WSCSVC =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_WUAUSERV =>.© Microsoft Corporation O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) -- LEGACY_WZCSVC =>.© Microsoft Corporation O64 - Services: CurCS - J:\xampp\service.exe (XAMPP) .(...) - LEGACY_XAMPP ~ 117 Legacy Keys found in 1 second(s) ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\System32\shell32.dll O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <>[HKLM\..\open\Command] (...) -- O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (...) -- C:\WINDOWS\System32\regedit.exe O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ~ 10 File Association Shell Spawning scanned in 0 second(s) ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.© Mozilla O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.© Microsoft O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] . (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] . (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] . (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe =>.Microsoft Corporation ~ 8 Start Menu Internet found in 0 second(s) ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: prefs.js [guessas amar - 3f3lnoux.default] user_pref("gfx.blacklist.direct2d",3); O69 - SBI: prefs.js [guessas amar - 3f3lnoux.default] user_pref("gfx.blacklist.direct2d",3); O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - () - http://search.live.com ~ 3 Search Browser Infection scanned in 0 second(s) ---\\ O83 - Search Svchost Services: (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\System32\cryptsvc.dll [62464] O83 - Search Svchost Services: (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\System32\dmserver.dll [24576] O83 - Search Svchost Services: (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\System32\dhcpcsvc.dll [127488] O83 - Search Svchost Services: (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\System32\ersvc.dll [23040] O83 - Search Svchost Services: (EventSystem) . (...) -- C:\WINDOWS\system32\es.dll [253952] O83 - Search Svchost Services: (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680] O83 - Search Svchost Services: (HidServ) . (...) -- C:\WINDOWS\System32\hidserv.dll [0] O83 - Search Svchost Services: (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\System32\wkssvc.dll [132096] O83 - Search Svchost Services: (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\WINDOWS\System32\mswsock.dll [247808] O83 - Search Svchost Services: (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272] O83 - Search Svchost Services: (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171520] O83 - Search Svchost Services: (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] O83 - Search Svchost Services: (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [178176] O83 - Search Svchost Services: (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\System32\wzcsvc.dll [483840] O83 - Search Svchost Services: (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\System32\advapi32.dll [685568] ~ 15 Svchost services scanned in 0 second(s) ---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 09/04/2014-18:40:31 72704 || Adobe LM Service (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe SS - | Demand 09/04/2014-18:40:31 257928 || Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 09/04/2014-18:40:31 20539 || Apache2.2 (Apache2.2) . (.Apache Software Foundation.) - d:\AppServ\Apache2.2\bin\httpd.exe SS - | Demand 09/04/2014-18:40:31 5632 || Service d'indexation (CiSvc) . (.Microsoft Corporation.) - C:\WINDOWS\system32\cisvc.exe SS - | Demand 09/04/2014-18:40:31 33280 || Gestionnaire de l'Album (ClipSrv) . (.Microsoft Corporation.) - C:\WINDOWS\system32\clipsrv.exe SS - | Demand 09/04/2014-18:40:31 225280 || Service d'administration du Gestionnaire de disque logique (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SR - | Auto 09/04/2014-18:40:31 1337752 || ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe SR - | Auto 09/04/2014-18:40:31 109056 || Journal des événements (Eventlog) . (.Microsoft Corporation.) - C:\WINDOWS\system32\services.exe SS - | Demand 09/04/2014-18:40:31 655624 || FLEXnet Licensing Service (FLEXnet Licensing Service) . (.Acresso Software Inc..) - J:\st2\DreamweaverPortable\App\FLEXnetPublisher\FNPLicensingService.exe SS - | Auto 09/04/2014-18:40:31 136176 || Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 09/04/2014-18:40:31 136176 || Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SR - | Auto 09/04/2014-18:40:31 15872 || Administration IIS (IISADMIN) . (.Microsoft Corporation.) - C:\WINDOWS\system32\inetsrv\inetinfo.exe SS - | Demand 09/04/2014-18:40:31 150528 || Service COM de gravage de CD IMAPI (ImapiService) . (.Microsoft Corporation.) - C:\WINDOWS\system32\imapi.exe SR - | Auto 09/04/2014-18:40:31 418376 || (MBAMScheduler) . (.Malwarebytes Corporation.) - d:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe SS - | Auto 09/04/2014-18:40:31 701512 || (MBAMService) . (.Malwarebytes Corporation.) - d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SS - | Disabled 09/04/2014-18:40:31 32768 || Partage de Bureau à distance NetMeeting (mnmsrvc) . (.Microsoft Corporation.) - C:\WINDOWS\system32\mnmsrvc.exe SS - | Demand 09/04/2014-18:40:31 119408 || Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe SS - | Demand 09/04/2014-18:40:31 78848 || Windows Installer (MSIServer) . (.Microsoft Corporation.) - C:\WINDOWS\system32\msiexec.exe SS - | Disabled 09/04/2014-18:40:31 114176 || DDE réseau (NetDDE) . (.Microsoft Corporation.) - C:\WINDOWS\system32\netdde.exe SS - | Disabled 09/04/2014-18:40:31 114176 || DSDM DDE réseau (NetDDEdsdm) . (.Microsoft Corporation.) - C:\WINDOWS\system32\netdde.exe SS - | Disabled 09/04/2014-18:40:31 13312 || Fournisseur de la prise en charge de sécurité LM NT (NtLmSsp) . (.Microsoft Corporation.) - C:\WINDOWS\system32\lsass.exe SR - | Auto 09/04/2014-18:40:31 109056 || Plug-and-Play (PlugPlay) . (.Microsoft Corporation.) - C:\WINDOWS\system32\services.exe SR - | Auto 09/04/2014-18:40:31 13312 || IPSEC Services (PolicyAgent) . (.Microsoft Corporation.) - C:\WINDOWS\system32\lsass.exe SS - | Disabled 09/04/2014-18:40:31 142848 || Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) . (.Microsoft Corporation.) - C:\WINDOWS\system32\sessmgr.exe SS - | Disabled 09/04/2014-18:40:31 132608 || QoS RSVP (RSVP) . (.Microsoft Corporation.) - C:\WINDOWS\system32\rsvp.exe SS - | Disabled 09/04/2014-18:40:31 100352 || Carte à puce (SCardSvr) . (.Microsoft Corporation.) - C:\WINDOWS\System32\SCardSvr.exe SS - | Auto 09/04/2014-18:40:31 172192 || Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe SR - | Auto 09/04/2014-18:40:31 15872 || Simple Mail Transfer Protocol (SMTP) (SMTPSVC) . (.Microsoft Corporation.) - C:\WINDOWS\system32\inetsrv\inetinfo.exe SS - | Demand 09/04/2014-18:40:31 5120 || MS Software Shadow Copy Provider (SwPrv) . (.Microsoft Corporation.) - C:\WINDOWS\system32\dllhost.exe SS - | Disabled 09/04/2014-18:40:31 93184 || Journaux et alertes de performance (SysmonLog) . (.Microsoft Corporation.) - C:\WINDOWS\system32\smlogsvc.exe SR - | Auto 09/04/2014-18:40:31 4915040 || TeamViewer 9 (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe SS - | Demand 09/04/2014-18:40:31 75264 || Telnet (TlntSvr) . (.Microsoft Corporation.) - C:\WINDOWS\system32\tlntsvr.exe SS - | Demand 09/04/2014-18:40:31 18432 || Onduleur (UPS) . (.Microsoft Corporation.) - C:\WINDOWS\System32\ups.exe SR - | Auto 09/04/2014-18:40:31 15872 || Publication World Wide Web (W3SVC) . (.Microsoft Corporation.) - C:\WINDOWS\system32\inetsrv\inetinfo.exe SS - | Disabled 09/04/2014-18:40:31 126464 || Carte de performance WMI (WmiApSrv) . (.Microsoft Corporation.) - C:\WINDOWS\system32\wbem\wmiapsrv.exe SS - | Auto 05/12/1617-00:44:11 0 || XAMPP Service (XAMPP) . (...) - J:\xampp\service.exe (.not file.) ~ 36 Services scanned in 1 second(s) ---\\ Product Upgrade Codes (PUC) (O90) O90 - PUC: "0D9196FA196553F4D956459F18105341" . (.Microsoft SQL Server Compact 3.5 SP2 FRA.) -- C:\WINDOWS\Installer\{AF6919D0-5691-4F35-9D65-54F981013514}\ProductIcon =>.© Microsoft O90 - PUC: "41DC8ECD5FBF46449B4A1EE87453647C" . (.Assistant de connexion Windows Live.) -- C:\WINDOWS\Installer\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}\prodicon.ico O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico =>.© O90 - PUC: "50E7C3A773EE6D74991EE20BA5D33A7F" . (.Skype™ 6.13.) -- C:\WINDOWS\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe =>.© O90 - PUC: "5B9C046F80E1B6E4A8476A3BA6C2CE87" . (.ESET NOD32 Antivirus.) -- C:\WINDOWS\Installer\{F640C9B5-1E08-4E6B-8A74-A6B36A2CEC78}\Icon_Product O90 - PUC: "69EE003214A0BAF4DB3089E94C54770A" . (.Acronis Disk Director Suite.) -- C:\WINDOWS\Installer\{2300EE96-0A41-4FAB-BD03-989EC44577A0}\_4ae13d6c.exe O90 - PUC: "979257759C1A20C458B6BF2BA74C0EC2" . (.QuickTime.) -- C:\WINDOWS\Installer\{57752979-A1C9-4C02-856B-FBB27AC4E02C}\Installer.ico O90 - PUC: "AF32006D1FD3735439DD3120C44C3E66" . (.Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 FRA.) -- C:\WINDOWS\Installer\{D60023FA-3DF1-4537-93DD-13024CC4E366}\ProductIcon O90 - PUC: "CFA7A10B6530FA343A336C9521EA8ACD" . (.Objets de gestion Microsoft SQL Server 2008 R2.) -- C:\WINDOWS\Installer\{B01A7AFC-0356-43AF-A333-C65912AEA8DC}\ARPIco =>.© Microsoft O90 - PUC: "D381B5441F4F8C549BBD1F3155AC56B7" . (.Windows Live Messenger.) -- C:\WINDOWS\Installer\{445B183D-F4F1-45C8-B9DB-F11355CA657B}\MsblIco.Exe O90 - PUC: "DD7906EE4F50871479913D71B00F898E" . (.Apple Application Support.) -- C:\WINDOWS\Installer\{EE6097DD-05F4-4178-9719-D3170BF098E8}\WinInstall.ico =>.© O90 - PUC: "DDB6C50237B7ED245850A990F3532A83" . (.Outil de téléchargement Windows Live.) -- C:\WINDOWS\Installer\{205C6BDD-7B73-42DE-8505-9A093F35A238}\RichUpload.ico O90 - PUC: "EBCC66208DBBC6144AF8F74CC7D65B66" . (.Microsoft SQL Server System CLR Types.) -- C:\WINDOWS\Installer\{0266CCBE-BBD8-416C-A48F-7FC47C6DB566}\ARPIco =>.© Microsoft ~ 13 Product Upgrade Codes Files found in 0 second(s) ---\\ MyComputer Name Space (MNS) (O92) O92 - MNS: Web Folders - {BDEADF00-C265-11D0-BCED-00A0C90AB50F} ~ 1 MyComputer Name Space scanned in 0 second(s) ---\\ Scan Additionnel (O88 ) Database Version : 13036 (30/03/2014) Clés trouvées (Keys found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 ~ Additionnal Scan: 111168 Items scanned in 4 seconds ~ End of the scan (0/1109 lines) in 46 seconds)