Rapport de ZHPDiag v1.28.1367 par Nicolas Coolman

Transcription

Downloaded from: justpaste.it/jij
Rapport de ZHPDiag v1.28.1367 par Nicolas Coolman, Update du 05/10/2011
Run by ANONYMOUS at 10/16/2011 9:15:26 PM
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
State : Nouvelle version disponible
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 4.0.1 v4.0.1
GCIE: Google Chrome v14.0.835.202 (Defaut)
---\\ Windows Product Information
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8183.1 MB (74% free)
System Restore: Activé (Enable)
System drive C: has 212 GB (46%) free of 458 GB
---\\ Logged in mode
~ Computer Name: ANONYMOUS-PC
~ User Name: ANONYMOUS
~ All Users Names: UpdatusUser, HomeGroupUser$, ANONYMOUS, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\ANONYMOUS\AppData\Roaming\
~ %Desktop% : C:\Users\ANONYMOUS\Desktop\
~ %Favorites% : C:\Users\ANONYMOUS\Favorites\
~ %LocalAppData% : C:\Users\ANONYMOUS\AppData\Local\
~ %StartMenu% : C:\Users\ANONYMOUS\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 212 Go of 458 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 86 Go of 458 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]
NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]
NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHID
DEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch:
OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings]
WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOW
ALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn AMs
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur
Windows.) (.4/27/2011 - 7:19:30 AM.) -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.7/14/2009 - 2:39:31 AM.) -C:\Windows\system32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de
démarrage de Windows.) (.7/14/2009 - 2:39:52 AM.) -- C:\Windows\system32\Wininit.exe [129024]
[MD5.271E8FB1354AA205A214F280A6766E30] - (.Microsoft Corporation - Extensions Internet
pour Win32.) (.10/14/2011 - 6:17:57 AM.) -- C:\Windows\system32\wininet.dll [1389056]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (....) (.3/5/2011 - 2:25:30 PM.) -C:\Windows\system32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de
licences.) (.3/5/2011 - 2:27:26 PM.) -- C:\Windows\system32\sppcomapi.dll [232448]
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.3/5/2011 - 2:07:20 PM.) -C:\Windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.D5B031C308A409A0A576BFF4CF083D30] - (.Microsoft Corporation - Ancillary Function
Driver for WinSock.) (.6/16/2011 - 3:34:03 AM.) -- C:\Windows\system32\drivers\AFD.sys [499200]
*1908
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport
Driver.) (.7/14/2009 - 2:52:21 AM.) -- C:\Windows\system32\drivers\atapi.sys [24128] *1828
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System
Driver.) (.7/14/2009 - 12:19:47 AM.) -- C:\Windows\system32\drivers\Cdfs.sys [92160] *1828
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM
Driver.) (.3/5/2011 - 10:19:21 AM.) -- C:\Windows\system32\drivers\Cdrom.sys [147456] *1820
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace
Client Driver.) (.3/5/2011 - 10:26:32 AM.) -- C:\Windows\system32\drivers\DfsC.sys [102400]
*1884
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition
Audio Bus Driver.) (.3/5/2011 - 11:43:43 AM.) -- C:\Windows\system32\drivers\HDAudBus.sys
[122368] *1908
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.)
(.7/14/2009 - 12:19:57 AM.) -- C:\Windows\system32\drivers\i8042prt.sys [105472] *1892
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address
Translator.) (.7/14/2009 - 1:10:03 AM.) -- C:\Windows\system32\drivers\IpNat.sys [116224] *1860
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB
Minirdr.) (.6/16/2011 - 3:40:40 AM.) -- C:\Windows\system32\drivers\MRxSmb.sys [158208] *1852
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.)
(.3/5/2011 - 10:23:20 AM.) -- C:\Windows\system32\drivers\netBT.sys [261632] *1828
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de
fichiers NT.) (.4/27/2011 - 7:41:34 AM.) -- C:\Windows\system32\drivers\ntfs.sys [1659776] *1908
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port
parallèle.) (.7/14/2009 - 1:00:41 AM.) -- C:\Windows\system32\drivers\Parport.sys [97280] *1892
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP miniport/call-manager driver.) (.3/5/2011 - 11:52:35 AM.) -- C:\Windows\system32\drivers\Rasl2tp.sys
[129536] *1916
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation
Driver.) (.3/5/2011 - 10:21:56 AM.) -- C:\Windows\system32\drivers\tdx.sys [119296] *1820
~ Scan Generic Processes in 00mn AMs
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/4065
~ Mes musiques (My Musics) : 1/10
~ Mes Videos (My Videos) : 2/20
~ Mes Favoris (My Favorites) : 3/29
~ Mes Documents (My Documents) : 3/3365
~ Mon Bureau (My Desktop) : 15/12144
~ Menu demarrer (Programs) : 7/128
~ Scan Hidden Files in 05mn AMs
---\\ Processus lancés
[MD5.A1F86A5A0DA1BEC12B7DD19C6234BB15] - (...) -- C:\Users\ANONYMOUS\Local
Settings\Apps\F.lux\flux.exe [966656] [PID.2640]
[MD5.10A30C72C83C21A44FAB67098C92C631] - (...) -- C:\Program Files (x86)\Vidalia
Bundle\Vidalia\vidalia.exe [5407850] [PID.2648]
[MD5.BB22A12606A58A67D8D15DBD65DDF828] - (...) -- C:\Program Files (x86)\Vidalia
Bundle\Tor\tor.exe [2742286] [PID.1688]
[MD5.96C2F6A9C036D7D3ACE1666FAE287E49] - (...) -- C:\Program Files (x86)\Vidalia
Bundle\Polipo\polipo.exe [181248] [PID.1764]
[MD5.E5CEAE03ADBE620AB405FC609B6C978D] - (.D-Link Corp. - D-Link WLAN Application.) -C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe [995328] [PID.3760]
[MD5.C0E0151199EC1BE8007438308616BC06] - (.Wireless Service - ANIWZCS2 launcher for
Windows..) -- C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe [122880] [PID.3776]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update
Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696]
[PID.3788]
[MD5.FDCB1E0CFB84E48D28E059E360C11762] - (.Google Inc. - Google Chrome.) -C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\Application\chrome.exe [1030200]
[PID.3992]
[MD5.CC31749080CE4C97E6F247D321BF5BCB] - (.Microsoft Corporation - Update for Microsoft
.NET Framework 4.0 (KB.) -- C:\Windows\SoftwareDistribution\Download\Install\NDP40KB2533523-x64.exe [39121768] [PID.2672]
[MD5.0EE9C429C009A5EAE2FD7F78FDFA0CBF] - (.Microsoft Corporation - Setup Installer.) -c:\e4cf0869f2aac56724c562e59d\Setup.exe [78152] [PID.292]
[MD5.EEE470F2A771FC0B543BDEEF74FCECA0] - (.Microsoft Corporation - Installateur
Windows®.) -- c:\Windows\syswow64\MsiExec.exe [73216] [PID.]
[MD5.7B2E3899314974CC40D93A6CD7C855C8] - (.Nicolas Coolman - Diagnostic Tool.) -C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [2134016] [PID.4388]
[MD5.9BF7E58D9113CE15CF4F1E1B18CEFF83] - (.NVIDIA Corporation - Stereo Vision Control
Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
[379496] [PID.]
[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [108289] [PID.]
[MD5.FBBF761888B1B394ACD64333737485BE] - (.Acunetix Ltd. - Acunetix WVS Scheduler.) -C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 7\WVSScheduler7.exe [675128] [PID.]
[MD5.11A52CF7B265631DEEB24C6149309EFF] - (.Adobe Systems Incorporated - Adobe Acrobat
Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64952]
[PID.]
[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [185089] [PID.]
[MD5.790DB871FCDE140DED3F2F62C25FDA36] - (.Outertech - Cacheman - controls RAM and
File Cache.) -- C:\Program Files (x86)\Cacheman\CachemanServ.exe [235872] [PID.]
[MD5.A287668C7680E5D138C203F3302EB34F] - (.MAGIX AG - Verzeichnisüberwachung und
Hilfsaufgaben fü.) -- C:\Program Files (x86)\Common Files\MAGIX
Services\Database\bin\FABS.exe [1220608] [PID.]
[MD5.816FD5A6F3C2F3D600900096632FC60E] - (.Acer Incorporated - Global Registration
Service.) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [1150496] [PID.]
[MD5.BD691091AC7D9713D8F0B07C6B099E6C] - (.NewTech Infosystems, Inc. - Backup Manager
Module.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
[62208] [PID.]
[MD5.3A2BDD76E7D2A5F40A7174793D1BA794] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe
[75136] [PID.]
[MD5.E3DC3CD33CA4B07D0FDA743EBAA6E021] - (.TeamViewer GmbH - TeamViewer Remote
Control Application.) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
[2337144] [PID.]
[MD5.70DDE3A86DBEB1D6C3C30AD687B1877A] - (.Acer - Acer Update Service.) -- C:\Program
Files\Acer\Acer Updater\UpdaterService.exe [240160] [PID.]
[MD5.7548066DF68A8A1A56B043359F915F37] - (.Intel Corporation - RAID Monitor.) -C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.]
[MD5.94E920BE59B9AB65D95E582DBAA136AC] - (.Malwarebytes Corporation - Malwarebytes'
Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [366152]
[PID.]
[MD5.9D1CCE440552500DED3A62F9D779CDB4] - (.Nero AG - NeroUpdate.) -- C:\Program Files
(x86)\Nero\Update\NASvc.exe [503080] [PID.]
[MD5.4E5C5D88EB0A8D21824D5A3EB7327E69] - (.NVIDIA Corporation - NVIDIA Settings
Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
[2255464] [PID.]
[MD5.C5A75EB48E2344ABDC162BDA79E16841] - (.Microsoft Corporation - .NET Runtime
Optimization Service.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
[130384] [PID.]
~ Scan Processes Running in 00mn AMs
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [caehdcpeofiiigpdhbabniblemipncjj] Proxy Switchy!
v.1.6.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [dbpojpfdiliekbbiplijcphappgcgjfn] Ultimate Chrome
Flag v.0.3.7 (Activé)
G2 - GCE: Preference [User Data\Default] [fmknocfkgffdgekmfonabppnhdgmghem] Easy Youtube
Video Downloader v.4.1 (Activé)
G2 - GCE: Preference [User Data\Default] [fnjbmmemklcjgepojigaapkoodmkgbae] DivX HiQ
v.2.1.0.900 (Activé)
G2 - GCE: Preference [User Data\Default] [ggkljdkflooidjlkahdnfgodflkelkai] Fast YouTube Search
v.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock v.2.4.28
(Activé)
G2 - GCE: Preference [User Data\Default] [nneajnkjbffgblleaoojgaacokifdkhm] \u003Cvideo\u003E
HTML5 DivX Plus Web Player v.2.1.0.900 (Activé)
~ Scan Google Browser in 00mn AMs
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\ANONYMOUS\AppData\Roaming\Mozilla\Firefox\Profiles\y6dert9v.default\prefs.js
C:\Users\ANONYMOUS\AppData\Roaming\Mozilla\Firefox\Profiles\y6dert9v.default\user.js (.not
file.)
M3 - MFPP: Plugins - [ANONYMOUS] -C:\Users\ANONYMOUS\AppData\Roaming\Mozilla\Firefox\Profiles\y6dert9v.default\searchplugins\
daemon-search.xml
M3 - MFPP: Plugins - [ANONYMOUS] -C:\Users\ANONYMOUS\AppData\Roaming\Mozilla\Firefox\Profiles\y6dert9v.default\searchplugins\
ShareazaWebSearch.xml
M2 - MFEP: prefs.js [ANONYMOUS - y6dert9v.default\[email protected]] [illimitux] Illimitux
v4.0 (.http://www.illimitux.net/.)
M2 - MFEP: prefs.js [ANONYMOUS y6dert9v.default\{4D144BC3-23FB-47de-90C5-63CCB0139CCF}] [] TradeManager-Plugin v1.0
(.Alibaba.)
M2 - MFEP: prefs.js [ANONYMOUS - y6dert9v.default\{9c51bd27-6ed8-4000a2bf-36cb95c0c947}] [] Tamper Data v11.0.1 (.Adam Judson.)
M2 - MFEP: prefs.js [ANONYMOUS - y6dert9v.default\{b9db16a4-6edc-47ec-a1f4b86292ed211d}] [dwhelper] DownloadHelper v4.9.5 (.Michel Gutierrez.)
M2 - MFEP: prefs.js [ANONYMOUS - y6dert9v.default\{D238F46A-64EC-11DE-9C5AD54056D89593}] [] MediaBar v3.1 (.Discordia Limited. Portions copyright © Visicom Media.
Dynamic Toolbar..)
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library
for Java(TM) Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape
Navigator.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and
Netscape 10.1.1.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide
variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll
variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plugin 1.6.0_25 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI MaConfig.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll
P2 - FPN: [HKLM] [@microsoft.com/GENUINE] - (.Microsoft Corporation - Windows Activation
Technologies Plugin for Mozilla.) -- C:\Windows\system32\Wat\npWatWeb.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.)
-- C:\Users\ANONYMOUS\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.)
-- C:\Users\ANONYMOUS\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web
Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
~ Scan Firefox Browser in 00mn AMs
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com
R0 HKUS\S-1-5-21-4057456930-615517595-1230037521-1003-4057456930-615517595-12300375211000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://homepage.acer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 HKUS\S-1-5-21-4057456930-615517595-1230037521-1003-4057456930-615517595-12300375211000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.)
(9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn AMs
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
localhost; 127.0.0.1; <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy =
wininet.dll
~ Scan Proxy management in 00mn AMs
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn AMs
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn AMs
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows
Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9}
. (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe
Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files
(x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> [64Bits] {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Web Player version 2.1.0.900.)
-- C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and
smoother playback on supported sites [64Bits] - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} .
(.DivX, LLC - DivX Web Player version 2.1.0.900.) -- C:\Program Files (x86)\Di
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows
Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll
O2 - BHO: MediaBar [64Bits] - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} . (...) -C:\PROGRA~2\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll (.not file.)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9}
. (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files
(x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: MediaBar [64Bits] - {EE9A4208-64EC-11DE-8440-204256D89593} . (.Pas de
propriétaire - MediaBar Link Library.) -C:\PROGRA~2\SHAREA~1\MediaBar\ToolBar\ShareazaMediabarDx.dll
~ Scan BHO in 00mn AMs
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: DAEMON Tools Toolbar [64Bits] - {32099AAC-C132-4136-9E9A-4E364A424E17} .
(.Pas de propriétaire - ToolBand Module.) -- C:\Program Files (x86)\DAEMON Tools
Toolbar\DTToolbar64.dll
~ Scan Toolbar in 00mn AMs
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [F.lux] . (...) -- C:\Users\ANONYMOUS\Local Settings\Apps\F.lux\flux.exe
O4 - HKCU\..\Run: [Vidalia] . (...) -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program
Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKLM\..\Wow6432Node\Run: [D-Link D-Link DWA-125] . (.D-Link Corp. - D-Link WLAN
Application.) -- C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe
O4 - HKLM\..\Wow6432Node\Run: [WZCSLDR2] . (.Wireless Service - ANIWZCS2 launcher for
Windows..) -- C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM)
Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -C:\Program Files\Windows Sidebar\Sidebar.exe
O4 HKUS\S-1-5-21-4057456930-615517595-1230037521-1003-4057456930-615517595-12300375211000\..\Run: [F.lux] . (...) -- C:\Users\ANONYMOUS\Local Settings\Apps\F.lux\flux.exe
O4 HKUS\S-1-5-21-4057456930-615517595-1230037521-1003-4057456930-615517595-12300375211000\..\Run: [Vidalia] . (...) -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
O4 HKUS\S-1-5-21-4057456930-615517595-1230037521-1003-4057456930-615517595-12300375211000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files
(x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn AMs
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\ANONYMOUS\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\DFÜ-Optimierer.lnk . (.Mirko Böer.) -- C:\Program Files (x86)\DFÜOptimierer\dfueopt.exe
Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files
(x86)\Internet Explorer\iexplore.exe
Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet
Explorer\iexplore.exe
O4 - Global Startup: C:\Users\ANONYMOUS\Desktop\10-10-10.lnk . (.MetaQuotes Software Corp..)
-- C:\Program Files (x86)\MetaTrader - AAAFx -101010\terminal.exe
O4 - Global Startup: C:\Users\ANONYMOUS\Desktop\AssassinsCreedBrotherhood.lnk . (...) -C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
O4 - Global Startup: C:\Users\ANONYMOUS\Desktop\I-Doser.lnk . (.I-Doser.com.) -- C:\Program
Files (x86)\IDoser v4\IDoser.exe
O4 - Global Startup: C:\Users\ANONYMOUS\Desktop\Particles.lnk . (...) -- C:\Program Files
(x86)\Steam\steamapps\tf2owned\team fortress 2\tf\particles
O4 - Global Startup: C:\Users\ANONYMOUS\Desktop\Update Checker.lnk . (.FileHippo.com.) -C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
O4 - Global Startup: C:\Users\ANONYMOUS\Desktop\Wow.exe.lnk . (...) -- C:\Program Files
(x86)\World of Warcraft_OFFICIAL\Wow.exe (.not file.)
O4 - Global Startup: C:\Users\ANONYMOUS\AppData\Roaming\Microsoft\Internet Explorer\Quick
Launch\AAA Logo 2010.lnk . (.SWGSOFT.COM.) -- C:\Program Files
(x86)\AAALOGO2010\alogo.exe
Launch\Gyazo.lnk . (...) -- C:\Program Files (x86)\Gyazo\gyazowin.exe
Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files
(x86)\Internet Explorer\iexplore.exe
Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla
Firefox\firefox.exe
Launch\Yahoo! Messenger.lnk . (.Yahoo! Inc..) -- C:\Program Files
(x86)\Yahoo!\Messenger\YahooMessenger.exe
~ Scan Global Startup in 00mn AMs
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft
Office Excel.) -- C:\PROGRA~2\MICROS~1\Office12\EXCEL.exe
O8 - Extra context menu item: Télécharger en Utilisant &BitSpirit . (...) -- C:\Program Files
(x86)\BitSpirit\bsurl.htm
~ Scan IE Menu Contextuel in 00mn AMs
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location
Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim
d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de
noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de
noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service
Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider
DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows
Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows
Live\WLIDNSP.DLL
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows
Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows
Live\WLIDNSP.DLL
~ Scan Winsock in 00mn AMs
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F5E040E-AF2E-410A-A65F-3E0D8B4D5DA3}:
NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{33303AA7-F9A5-4BCF-BD37-30A3270856F9}:
DhcpNameServer = 95.142.171.235 208.67.222.222 208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{843DDCED-7A41-4973-A9D4-2D9ABB536B3D}:
DhcpNameServer = 10.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F5E040E-AF2E-410A-A65F-3E0D8B4D5DA3}:
DhcpNameServer = 194.230.1.103 194.230.1.71
O17 - HKLM\System\CCS\Services\Tcpip\..\{B108EB49-2193-43D2-AD49-91D1FBE45651}:
O17 - HKLM\System\CS1\Services\Tcpip\..\{9F5E040E-AF2E-410A-A65F-3E0D8B4D5DA3}:
NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{33303AA7-F9A5-4BCF-BD37-30A3270856F9}:
DhcpNameServer = 95.142.171.235 208.67.222.222 208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{843DDCED-7A41-4973-A9D4-2D9ABB536B3D}:
DhcpNameServer = 194.230.1.103 194.230.1.71
O17 - HKLM\System\CS1\Services\Tcpip\..\{B108EB49-2193-43D2-AD49-91D1FBE45651}:
NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{33303AA7-F9A5-4BCF-BD37-30A3270856F9}:
DhcpNameServer = 95.142.171.235 208.67.222.222 208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{843DDCED-7A41-4973-A9D4-2D9ABB536B3D}:
DhcpNameServer = 194.230.1.103 194.230.1.71
O17 - HKLM\System\CS2\Services\Tcpip\..\{B108EB49-2193-43D2-AD49-91D1FBE45651}:
~ Scan Domain in 00mn AMs
---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft
Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft
Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft
Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation
- Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft
Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft
Corporation - Windows Live Messenger Protocol Handler Mod.) -C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft
Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft
Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common
Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft
Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft
Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files (x86)\Common
Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft
Corporation - Windows Live Messenger Protocol Handler Mod.) -C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft
Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} .
(.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} .
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} .
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft
Corporation - Microsoft Office XML MIME Filter.) -C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn AMs
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not
found.
~ Scan SSODL in 00mn AMs
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Acunetix WVS Scheduler v7 (AcuWVSSchedulerv7) . (.Acunetix Ltd. - Acunetix WVS
Scheduler.) - C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 7\WVSScheduler7.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated
- Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common
Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus
Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.)
- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Cacheman Service (CachemanService) . (.Outertech - Cacheman - controls RAM
and File Cache.) - C:\Program Files (x86)\Cacheman\CachemanServ.exe
O23 - Service: D_Link_DWA-125 Service (D_Link_DWA-125) . (.Wireless Service - ANIWZCS2
Service Launcher.) - C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWZCSdS.exe
O23 - Service: D_Link_DWA-125_WPS Service (D_Link_DWA-125_WPS) . (.Pas de propriétaire ANIWConnService.) - C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) . (.MAGIX AG Verzeichnisüberwachung und Hilfsaufgaben fü.) - C:\Program Files (x86)\Common Files\MAGIX
Services\Database\bin\FABS.exe
O23 - Service: GRegService (Greg_Service) . (.Acer Incorporated - Global Registration Service.) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme
d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID
Monitor.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: C:\Program Files (x86)\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NewTech Infosystems, Inc. - Backup
Manager Module.) - C:\Program Files (x86)\NewTech Infosystems\Acer Backup
Manager\IScheduleSvc.exe
O23 - Service: Performance Service (nTuneService) . (.NVIDIA - NVIDIA Performance Service.) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver
Helper Service, Version 280.2.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA
Updatus\daemonu.exe
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\SysWOW64\PnkBstrA.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D
Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 6 (TeamViewer6) . (.TeamViewer GmbH - TeamViewer Remote Control
Application.) - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: Updater Service (Updater Service) . (.Acer - Acer Update Service.) - C:\Program
Files\Acer\Acer Updater\UpdaterService.exe
~ Scan Services in 00mn AMs
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn AMs
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4057456930-615517595-1230037521-1000Cor
e.job
O39 - APT:Automatic Planified Task C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4057456930-615517595-1230037521-1000UA.
job
[MD5.47C1DE0A890613FFCFF1D67648EEDF90] [APT] [Adobe Reader and Acrobat Manager]
(.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common
Files\Adobe\ARM\1.0\AdobeARM.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [Google Updater and Installer] (.Google
Inc..) -- C:\Users\ANONYMOUS\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google
Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google
Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT]
[GoogleUpdateTaskUserS-1-5-21-4057456930-615517595-1230037521-1000Core] (.Google Inc..) -C:\Users\ANONYMOUS\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT]
[GoogleUpdateTaskUserS-1-5-21-4057456930-615517595-1230037521-1000UA] (.Google Inc..) -C:\Users\ANONYMOUS\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] [APT] [Java Update Scheduler] (.Sun
Microsystems, Inc..) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
[MD5.00000000000000000000000000000000] [APT] [TuneUpUtilities_Task_BkGndMaintenance]
(...) -- C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe (.not file.)
[MD5.FDCB1E0CFB84E48D28E059E360C11762] [APT] [{3286E18C-AC20-49F4BE57-07929EBCEDBF}] (.Google Inc..) -c:\users\ANONYMOUS\appdata\local\google\chrome\application\chrome.exe
[MD5.2FDC5BF4192028E59916036BFFA5C6C0] [APT]
[{C84A4776-9CF9-4E04-97DE-1DFAA69E21B8}] (.Skype Technologies S.A..) -- C:\Program Files
(x86)\Skype\Phone\Skype.exe
[MD5.2FDC5BF4192028E59916036BFFA5C6C0] [APT]
[{FAF26CF3-416E-49A8-92F9-17FF2FD6625B}] (.Skype Technologies S.A..) -- C:\Program Files
(x86)\Skype\Phone\Skype.exe
~ Scan Scheduled Task in 01mn AMs
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary
Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (anodlwf) . (.Pas de propriétaire - NDIS 6.0 Filter Driver.) C:\Windows\system32\DRIVERS\anodlwfx.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS
Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys
O41 - Driver: (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (mwlPSDFilter) . (.Egis Technology Inc. - PSD Filter Driver.) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
O41 - Driver: (mwlPSDNServ) . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
O41 - Driver: (mwlPSDVDisk) . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI
Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du soussystème de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft
Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation
- RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation
Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (truecrypt) . (.TrueCrypt Foundation - TrueCrypt Driver.) C:\Windows\system32\drivers\truecrypt.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote
Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) C:\Windows\system32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn AMs
---\\ Logiciels installés (O42)
O42 - Logiciel: $APPNAME> 2.31 - (.Bytescout Software.) [HKLM] -- Bytescout XLS Viewer_is1
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8DA50B7B5C045}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968EEBB76BB86787}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9D290383A10D9}
O42 - Logiciel: 3D Ripper DX v1.8.1 - (.Roman Lut.) [HKLM] -- 3D Ripper DX_is1
O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {55D55008E5F6-47D6-B16F-B2A40D4D145F}
O42 - Logiciel: AAA Logo Business Edition 3.10 - (.SWGSoft.com.) [HKLM] -- AAA Logo 3.10
Business_is1
O42 - Logiciel: ASIO4ALL - (.Pas de propriétaire.) [HKLM] -- ASIO4ALL
O42 - Logiciel: AV Voice Changer Software DIAMOND 6.0 - (.Pas de propriétaire.) [HKLM] -- AV
Voice Changer Software DIAMOND 6.0
O42 - Logiciel: AVI ReComp 1.4.5 - (.Mateusz Gola (aka Prozac).) [HKLM] -- AVI ReComp
O42 - Logiciel: AVS Audio Converter version 6.2 - (.Online Media Technologies Ltd..) [HKLM] -AVS Audio Converter 6.2_is1
O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS
Update Manager_is1
O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM] -AVS4YOU Software Navigator_is1
O42 - Logiciel: Acer Backup Manager - (.NewTech Infosystems.) [HKLM] -InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}
O42 - Logiciel: Acer Registration - (.Acer Incorporated.) [HKLM] -- Acer Registration
O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM] -- Acer Screensaver
O42 - Logiciel: Acer Updater - (.Acer Incorporated.) [HKLM] -- {EE171732-BEB4-4576-887DCB62727F01CA}
O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM] -{7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {287ECFA4-719A-2143A09B-D6A12DE54E40}
O42 - Logiciel: ActivePerl 5.12.3 Build 1204 (64-bit) - (.ActiveState.) [HKLM] -{79CFB0AF-7F21-415D-AF84-B1F3DEE44ED9}
O42 - Logiciel: Acunetix Web Vulnerability Scanner 7.0 - (.Acunetix.) [HKLM] -- {2B040D56BD5A-4990-A50C-33CDBCE03112}_is1
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}
O42 - Logiciel: Adobe Connect Add-in - (.Pas de propriétaire.) [HKCU] -- Adobe Connect Add-in
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe
Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe
Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.1) - (.Adobe Systems Incorporated.) [HKLM] -{AC76BA86-7AD7-1033-7B44-AA1000000001}
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe
Shockwave Player
O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM] -- {b2ec4a38b545-4a00-8214-13fe0e915e6d}
O42 - Logiciel: Aiseesoft Streaming Video Recorder - (.Pas de propriétaire.) [HKLM] -- Aiseesoft
Streaming Video Recorder_is1
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719D3170BF098E8}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0BA0B-8F495BE32033}
O42 - Logiciel: Arbitro - (.Pas de propriétaire.) [HKLM] -- Arbitro
O42 - Logiciel: Asoftech Speeder - (.Pas de propriétaire.) [HKLM] -- {4119178B-EC08-4017-98BAFF7E76B69918}
O42 - Logiciel: Assassin's Creed Brotherhood - (.Pas de propriétaire.) [HKLM] -- Steam App 48190
O42 - Logiciel: Assassin's Creed Brotherhood - (.Ubisoft.) [HKLM] -- {BE4BA698-8533-4F77-9559C7F3F78C0B05}
O42 - Logiciel: Audacity 1.2.6 - (.Pas de propriétaire.) [HKLM] -- Audacity_is1
O42 - Logiciel: Auslogics BoostSpeed - (.Auslogics Software Pty Ltd.) [HKLM] -{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1
O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir
Desktop
O42 - Logiciel: Backup Manager Advance - (.NewTech Infosystems.) [HKLM] -- {30075A70B5D2-440B-AFA3-FB2021740121}
O42 - Logiciel: Better Explorer - (.Pas de propriétaire.) [HKLM] -- Better Explorer
O42 - Logiciel: BitSpirit v3.6.0.403 Stable - (.LANSPIRIT.NET.) [HKLM] -- BitSpirit_is1
O42 - Logiciel: Bitcoin - (.Bitcoin project.) [HKCU] -- Bitcoin
O42 - Logiciel: Brother MFL-Pro Suite DCP-135C - (.Brother Industries, Ltd..) [HKLM] -{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696F40D983F3B07}_is1
O42 - Logiciel: Cacheman - (.Outertech.) [HKLM] -- Cacheman
O42 - Logiciel: CamStudio - (.Pas de propriétaire.) [HKLM] -- CamStudio
O42 - Logiciel: Cheat Engine 6.0 - (.Dark Byte.) [HKLM] -- Cheat Engine 6.0_is1
O42 - Logiciel: Comm100 Live Chat Visitor Monitor - (.Comm100 Network Corporation.) [HKLM] -Com.Comm100.LiveChat.AirVisitorMonitor.En.98637D25BBBF4FE1AADC1A429B4293B71CBA63
FE.1
O42 - Logiciel: Comm100 Live Chat Visitor Monitor - (.Comm100 Network Corporation.) [HKLM] -{4234AB23-ABC9-687F-58FF-E9B08344C46E}
O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup.divx.com
O42 - Logiciel: Counter-Strike - (.Valve.) [HKLM] -- Steam App 10
O42 - Logiciel: Counter-Strike: Condition Zero - (.Valve.) [HKLM] -- Steam App 80
O42 - Logiciel: Curse Client - (.Curse.) [HKCU] -- 090215de958f1060
O42 - Logiciel: D-Link DWA-125 - (.D-Link.) [HKLM] -- {E45CACFE-0576-4375-A84FC34B99A7B652}
O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite
O42 - Logiciel: DAEMON Tools Toolbar - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Toolbar
O42 - Logiciel: DFÜ-Optimierer 1.40 - (.Pas de propriétaire.) [HKLM] -- DFÜ-Optimierer
O42 - Logiciel: DRKSpider 3.01 - (.Leandro H. FernÃ¡ndez.) [HKLM] -- DRKSpider
O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2B88C-5FA03AA848C7-113832110}
O42 - Logiciel: EVGA Precision 2.0.4 - (.EVGA Corporation.) [HKLM] -- Precision
O42 - Logiciel: EarthDesk - (.Xeric Design, Ltd..) [HKLM] -- EarthDesk
O42 - Logiciel: Elemental Trader 1.5 - (.Forex Traders Daily.) [HKLM] -- Elemental Trader_is1
O42 - Logiciel: F.lux - (.Pas de propriétaire.) [HKCU] -- Flux
O42 - Logiciel: Fann2MQL - (.PipsComfort.) [HKLM] -- {B0ED7FB3-2012-41FB-8E51D65C2E85A6B1}
O42 - Logiciel: FileHippo.com Update Checker - (.Pas de propriétaire.) [HKLM] -- FileHippo.com
O42 - Logiciel: FileZilla Client 3.5.0 - (.Pas de propriétaire.) [HKLM] -- FileZilla Client
O42 - Logiciel: Firebird SQL Server - MAGIX Edition - (.MAGIX AG.) [HKLM] -{AF37F9DE-0726-439E-BC10-43D9195394D0}
O42 - Logiciel: Fraps - (.Pas de propriétaire.) [HKLM] -- Fraps
O42 - Logiciel: Free Create-Burn ISO Image v2.0 - (.www.nbxsoft.com.) [HKLM] -- Free CreateBurn ISO Image_is1
O42 - Logiciel: Free FLV Converter V 6.97.0 - (.Koyote Soft.) [HKLM] -- Free FLV Converter_is1
O42 - Logiciel: GIMP 2.6.10 - (.The GIMP Team.) [HKLM] -- WinGimp-2.0_is1
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
O42 - Logiciel: GameGain - (.PGWARE LLC.) [HKLM] -- GameGain_is1
O42 - Logiciel: GnuWin32: OpenSSL-0.9.8h-1 - (.GnuWin32.) [HKLM] -- OpenSSL-0.9.8h-1_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google Earth Plug-in - (.Google.) [HKLM] -- {A9F6CFB0-806D-11E0-8EA1B8AC6F97B88E}
O42 - Logiciel: Google Talk (remove only) - (.Pas de propriétaire.) [HKLM] -- {226b64e8dc75-4eea-a6c8-abcb496320f2}-Google Talk
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6BC44E68B55E2}
O42 - Logiciel: Gyazo 1.0 - (.Toshiyuki Masui.) [HKLM] -- {6DB8C365E719-4BA5-9594-10DFC244D3FD}_is1
O42 - Logiciel: HP Officejet J4500 Series - (.HP.) [HKLM] -- {E11448F2-0B44-4239-B04ED88FE743E929}
O42 - Logiciel: HamsterFreeVideoConverter - (.HamsterSoft, Inc..) [HKLM] -- Hamster Free Video
Converter_is1
O42 - Logiciel: Harmony Assistant - (.Myriad SARL.) [HKLM] -- Harmony Assistant
O42 - Logiciel: Hotkey Utility - (.Acer Incorporated.) [HKLM] -- Hotkey Utility
O42 - Logiciel: I-Doser v4 - (.Pas de propriétaire.) [HKCU] -- I-Doser v4
O42 - Logiciel: IP Locator version 1.0 - (.http://Tcpmonitor.altervista.org.) [HKLM] -{0493C616-670D-431D-98D7-9A020CD74425}_is1
O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM] -- Identity Card
O42 - Logiciel: Inpaint 2.4.1 - (.Teorex.) [HKLM] -- {30283233-3BE6-473D-A47CED964A2F78B4}_is1
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -{133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Intel(R) Network Connections 15.4.89.0 - (.Intel.) [HKLM] -- PROSetDX
O42 - Logiciel: Intel(R) Network Connections 15.4.89.0 - (.Intel.) [HKLM] -- {DEEECCDAD9BB-4DDC-9CA8-2A6ECC49131C}
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BED93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Internet Explorer - (.Microsoft Corporation..) [HKLM] -- Internet Explorer
O42 - Logiciel: Invisible Secrets 4 - (.NeoByte Solutions.) [HKLM] -- Invisible Secrets 4
O42 - Logiciel: JMicron JMB36X Driver - (.JMicron Technology Corp..) [HKLM] -{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}
O42 - Logiciel: James Cameron's AVATAR(tm): THE GAME - (.Ubisoft.) [HKLM] -{7E19B002-4CA3-4C9F-BA92-91D101B97219}
O42 - Logiciel: Java(TM) 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM] -{26A24AE4-039D-4CA4-87B4-2F83216020F0}
O42 - Logiciel: Java(TM) 6 Update 25 (64-bit) - (.Oracle.) [HKLM] -{26A24AE4-039D-4CA4-87B4-2F86416025FF}
O42 - Logiciel: Java(TM) 6 Update 26 - (.Sun Microsystems, Inc..) [HKLM] -{26A24AE4-039D-4CA4-87B4-2F83216020FF}
O42 - Logiciel: K-Lite Codec Pack 6.1.0 (Basic) - (.Pas de propriétaire.) [HKLM] -KLiteCodecPack_is1
O42 - Logiciel: LADSPA_plugins-win-0.4.15 - (.Audacity Team.) [HKLM] -- LADSPA_plugins-win_is1
O42 - Logiciel: Laggsta 2.1.0 - (.Laggsta.com.) [HKLM] -- {8453C603E376-4473-9308-6ADDF605F8B3}_is1
O42 - Logiciel: LanSpy - (.LanTricks.com.) [HKLM] -- LanSpy_is1
O42 - Logiciel: League of Legends - (.Pas de propriétaire.) [HKLM] -- League of Legends_is1
O42 - Logiciel: League of Legends - ACE Client by Matricus - (.Matricus & Riot Games.) [HKLM] -ACE LoL Client
O42 - Logiciel: Leawo Free MP4 Converter version 2.5.0.5 - (.Pas de propriétaire.) [HKLM] -{14021E77-2FC1-4972-8C51-08808CD62838}_is1
O42 - Logiciel: Logiciel Logitech Unifying 2.00 - (.Logitech.) [HKLM] -- Logitech Unifying
O42 - Logiciel: MAGIX Music Maker 16 Premium Version à télécharger - (.MAGIX AG.) [HKLM] --
MAGIX Music Maker 16 Premium Version à télécharger F
O42 - Logiciel: MAGIX Screenshare - (.MAGIX AG.) [HKLM] -- MAGIX Screenshare F
O42 - Logiciel: MAGIX Speed burnR - (.MAGIX AG.) [HKLM] -- MAGIX Speed burnR F
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM] -- {85E3CFCD-87A6-4B22A117-861A60F5284A}
O42 - Logiciel: Magic Reversi 4.00 - (.Pas de propriétaire.) [HKLM] -- MagicReversi_is1
O42 - Logiciel: MagicCamera 7.2.1 - (.ShiningMorning Inc..) [HKLM] -- {70376A8DC6E7-4A61-9E30-42AD268CD45D}_is1
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.)
[HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: MediaBar - (.Discordia, LTD.) [HKLM] -- Shareaza MediaBar
O42 - Logiciel: MediaBar - (.iMesh Inc..) [HKLM] -- iMesh MediaBar
O42 - Logiciel: MediaCUB - (.zoug.) [HKLM] -- {B1493D8A-C782-4ED3-A34D-8A9B8D9925BF}
O42 - Logiciel: Melody Assistant - (.Myriad SARL.) [HKLM] -- Melody Assistant
O42 - Logiciel: Merriam Websters Spell Jam - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2B88C-5FA03AA848C7-112662477}
O42 - Logiciel: Messenger Plus! 5 - (.Yuna Software.) [HKLM] -- Messenger Plus!
O42 - Logiciel: MetaTrader 4.00 - (.MetaQuotes Software Corp..) [HKLM] -{3E5CBADD-2E51-47C1-BBE2-B802DB6DA56A}
O42 - Logiciel: MetaTrader 5 - (.MetaQuotes Software Corp..) [HKLM] -- MetaTrader 5
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft
Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -Microsoft .NET Framework 4 Extended
O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBAAD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.)
[HKLM] -- {F2508213-9989-4E85-A078-72BE483917EF}
O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft Corporation.) [HKLM] -{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAFBF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55BE5A-2925F9706192}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -{90120000-002A-040C-1000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397BF1A577CB24C}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -{90140000-2005-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-00BA-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Language Pack 2007 - French/Français - (.Microsoft Corporation.)
[HKLM] -- OMUI.fr-fr
O42 - Logiciel: Microsoft Office O MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-0100-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM]
-- {90120000-002A-0000-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
-- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.)
[HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2C554F6B30EBB}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) - (.Microsoft.)
[HKLM] -- {90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75B7C9-FF585580CE83}
O42 - Logiciel: Microsoft Office SharePoint Designer MUI (French) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-0017-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.)
[HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office X MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -{90120000-0101-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.)
[HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -{7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (.Microsoft Corporation.) [HKLM] -- {EE936C7A-EA40-31D5-9B65-8E3E089C3828}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (.Microsoft Corporation.) [HKLM] -- {8338783A-0968-3B85-AFC7-BAAE0A63DC50}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 - (.Microsoft
Corporation.) [HKLM] -- {350AA351-21FA-3270-8B7A-835434E766AD}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft
Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}
Corporation.) [HKLM] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 - (.Microsoft
Corporation.) [HKLM] -- {820B6609-4C97-3A2B-B644-573B06A0F0CC}
Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft
Corporation.) [HKLM] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E}
O42 - Logiciel: Microsoft Visual C++ Run Time Lib Setup - (.Microsoft.) [HKLM] -{AAF4238F-7C29-451D-9925-C753271A5728}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451EB5EE-8B92BF30A710}
O42 - Logiciel: Mirror's Edge - (.DICE.) [HKLM] -- Steam App 17410
O42 - Logiciel: Mises à jour NVIDIA 1.4.28 - (.NVIDIA Corporation.) [HKLM] -{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft
Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86
en-US)
O42 - Logiciel: Mumble and Murmur - (.Mumble.) [HKLM] -- Mumble
O42 - Logiciel: MyWinLocker - (.Egis Technology Inc..) [HKLM] -- {68301905-2DEA-41CE-A4D4E8B443B099BA}
O42 - Logiciel: N-Stalker Web Application Security Scanner 7.0 (Free Edition) - (.N-Stalker, Inc.)
[HKLM] -- N-Stalker Free Web Application Security
O42 - Logiciel: NVIDIA 3D Vision Controller Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIA
StereoUSB Driver
O42 - Logiciel: NVIDIA 3D Vision Video Player - (.NVIDIA Corporation.) [HKLM] -{FE3B9518-9FF3-4D89-8A8D-E540C9CCAF3B}
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.10.0514 - (.NVIDIA Corporation.) [HKLM] -{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA Performance - (.NVIDIA Corporation.) [HKLM] -InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}
O42 - Logiciel: NVIDIA Performance - (.NVIDIA Corporation.) [HKLM] -{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B9DB4C76-01A4-46D5-8910F7AA6376DBAF}
O42 - Logiciel: NVIDIA Pilote 3D Vision 280.26 - (.NVIDIA Corporation.) [HKLM] -{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Pilote audio HD : 1.2.23.3 - (.NVIDIA Corporation.) [HKLM] -{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 280.19 - (.NVIDIA Corporation.) [HKLM] -{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB
O42 - Logiciel: NVIDIA Pilote graphique 280.26 - (.NVIDIA Corporation.) [HKLM] -{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo
O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM] -- {0638268c-b727-4f78-a92ba4f68176e670}
O42 - Logiciel: Nero BurnLite 10 - (.Nero AG.) [HKLM] -- {842BEE12-CCCB-43F4-ABAFCBA6DFE2583D}
O42 - Logiciel: Nero BurnLite 10 - (.Nero AG.) [HKLM] -{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}
O42 - Logiciel: Nero Control Center 10 - (.Nero AG.) [HKLM] -- {6DFB899F-17A2-48F0-A533ED8D6866CF38}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {bd5ca0da-71ad-43dab19e-6eee0c9adc9a}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -{f4041dce-3fe1-4e18-8a9e-9de65231ee36}
O42 - Logiciel: Nero ControlCenter 10 Help (CHM) - (.Nero AG.) [HKLM] -- {523B2B1BD8DB-4B41-90FF-C4D799E2758A}
O42 - Logiciel: Nero Core Components 10 - (.Nero AG.) [HKLM] -- {2436F2A8-4B7E-4B6CAE4E-604C84AA6A4F}
O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM] -- {869200db-287a-4dc0b02b-2b6787fbcd4c}
O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM] -{cc019e3f-59d2-4486-8d4b-878105b62a71}
O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM] -{33cf58f5-48d8-4575-83d6-96f574e4d83a}
O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM] -- {e5c7d048-f9b4-4219b323-8bdb01a2563d}
O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM] -- {83202942-84b3-4c50-8622b8c0aa2d2885}
O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM] -- {fbcdfd61-7dcf-4e71-9226-873ba0053139}
O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM] -- {20400dbde6db-45b8-9b6b-1dd7033818ec}
O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM] -- {e8a80433-302b-4ff1-815d-fcc8eac482ff}
O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM] -- {dba84796-8503-4ff0af57-1747dd9a166d}
O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM] -{7748ac8c-18e3-43bb-959b-088faea16fb2}
O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM] -- {2348b586-c9ae-46ce-936ca68e9426e214}
O42 - Logiciel: Nero StartSmart OEM - (.Nero AG.) [HKLM] -- {4D43D635-6FDA-4fa5AA9B-23CF73D058EA}
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM] -{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM] -- {595a3116-40bb-4e0f-a2e8-d7951da56270}
O42 - Logiciel: NetTools 5.0 - (.Mohammad Ahmadi Bidakhvidi.) [HKLM] -- NetTools_is1
O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM] -- Notepad++
O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM] -- {266517E6-D866-439D-919CB8B1A52E6080}
O42 - Logiciel: OpenVPN 2.1.3 - (.Pas de propriétaire.) [HKLM] -- OpenVPN
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -{205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM] -- {980A182FE0A2-4A40-94C1-AE0C1235902E}
O42 - Logiciel: Photo Magician 1.5.0.0 - (.Sheldon Solutions.) [HKLM] -{AF766933-2E99-4D86-916E-FEA0A482B89E}_is1
O42 - Logiciel: Pinnacle VideoSpin - (.Pinnacle Systems.) [HKLM] -- {FEB15887-0932-4D2DBB85-6AC03FBF1AA8}
O42 - Logiciel: Polipo 1.0.4.1 - (.Pas de propriétaire.) [HKLM] -- Polipo
O42 - Logiciel: Portal 2 - (.Pas de propriétaire.) [HKLM] -- Postal 2_is1
O42 - Logiciel: ProAct Traders v1 - (.ProAct Traders LLC.) [HKLM] -{08331DEF-700B-44B5-938E-3ED6573B88FA}
O42 - Logiciel: PunkBuster Services - (.Pas de propriétaire.) [HKLM] -- PunkBusterSvc
O42 - Logiciel: Python 2.6.6 (64-bit) - (.Python Software Foundation.) [HKLM] -{6151CF20-0BD8-4023-A4A0-6A86DCFE58E6}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856BFBB27AC4E02C}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -{96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: SIW version 2010.07.14 - (.Topala Software Solutions.) [HKLM] -{AB67580-257C-45FF-B8F4-C8C30682091A}_is1
O42 - Logiciel: SQL-Splitter 1.1 - (.CoolFactory.) [HKLM] -- SQL-Splitter_is1
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.)
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9A61C-6B45B867354D}
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DBA7DC-643E50089263}
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACEC02CC90B7A5B}
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5729F1AE-5895-468F-9165BAD161C9E982}
[HKLM] -{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{01D4CA59-7070-4420-9BCC-0EFA7C5
D76BE}
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{643C12A2-AF9A-4712B8BE-3B7650AFE00A}
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BF3F1CBD-B05C-4644AE43-6EE0FCC227A4}
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDCBF76-103DEAF3DD08}
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CBA968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.)
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484BBA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.)
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BDBA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2553073) - (.Microsoft.)
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{65EA4836B5A3-4C1D-8883-0C35E471003A}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.)
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261AA5B-48D1-931F-425C9D767490}
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553AAED-4C3E9AD130E8}
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCBB6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.)
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55CDD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0CBADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.)
[HKLM] -{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E32644
10DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.)
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.)
[HKLM] -{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E
73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B
84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.)
[HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776F795F21FEDDC}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client
Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37B657F0852643}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client
Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37B657F0852643}.KB2518870
O42 - Logiciel: SensePost Wikto - (.SensePost.) [HKLM] -- {3DDFA9CC-53EF-48F6ACA9-93172E25DF70}
O42 - Logiciel: Skype™ 5.5 - (.Skype Technologies S.A..) [HKLM] -- {AA59DDE4-B672-4621A016-4C248204957A}
O42 - Logiciel: SpeedFan (remove only) - (.Pas de propriétaire.) [HKLM] -- SpeedFan
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM] -- {048298C9-A4D3-490B-9FF9AB023A9238F3}
O42 - Logiciel: Super macro 3.1 - (.Pas de propriétaire.) [HKLM] -- Super macro
O42 - Logiciel: System Requirements Lab - (.Husdawg, LLC.) [HKLM] -- {9E1BAB75EB78-440D-94C0-A3857BE2E733}
O42 - Logiciel: System Requirements Lab CYRI - (.Husdawg, LLC.) [HKLM] -{679F739E-5C76-4A41-B562-F9392156B6DD}
O42 - Logiciel: System Requirements Lab for Intel - (.Husdawg, LLC.) [HKLM] -{F7FC9307-374E-4017-8E9D-DE1154780480}
O42 - Logiciel: THV - (.Pas de propriétaire.) [HKLM] -- THV
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client
O42 - Logiciel: TeamViewer 6 - (.TeamViewer GmbH.) [HKLM] -- TeamViewer 6
O42 - Logiciel: Text-To-Speech-Runtime - (.Magix Development GmbH.) [HKLM] -- {7B3F0113-
E63C-4D6D-AF19-111A3165CCA2}
O42 - Logiciel: Thief: Deadly Shadows - (.Eidos.) [HKLM] -- Steam App 6980
O42 - Logiciel: Toolbar Cleaner 1.0 - (.Visicom Media Inc..) [HKLM] -- Toolbar Cleaner
O42 - Logiciel: TopWinPrio - (.LunaWorX.net.) [HKLM] -- {1ACCB99F-6763-4255B416-401510B2C7A3}
O42 - Logiciel: Tor 0.2.2.33 - (.Pas de propriétaire.) [HKLM] -- Tor
O42 - Logiciel: TortoiseSVN 1.6.16.21511 (64 bit) - (.TortoiseSVN.) [HKLM] -- {1DD03A94C815-46EF-A43A-B36694002A7C}
O42 - Logiciel: TrueCrypt - (.TrueCrypt Foundation.) [HKLM] -- TrueCrypt
O42 - Logiciel: Ubisoft Game Launcher - (.UBISOFT.) [HKLM] -- {888F1505C2B3-4FDE-835D-36353EBD4754}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{FB166E7C-8AA6-48C8B726-1F25BEE7825A}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA6
8E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft
Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft
Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0
E6438}
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2583910) - (.Microsoft.) [HKLM] -{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BDC21583-5601-4B2B-88F3-7919F6DE
8FB1}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2596560) - (.Microsoft.) [HKLM] -{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{2964DDE1-4925-4DF1AF2C-0A36B3442228}
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259D137-4438-9A5F-42F432EC0421}
O42 - Logiciel: VLC media player 1.1.7 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: VPNFacile - Sécurisation de votre ligne internet - (.Pas de propriétaire.) [HKLM] -VPNFacile
O42 - Logiciel: VPNFacile version 1 - (.VPNFacile.fr.) [HKLM] -- {0CD5E1EF-4362-4BE1-9766BE8488BCB0EC}_is1
O42 - Logiciel: VSTax 2010 - (.Abraxas Informatik AG.) [HKLM] -- VSTax 2010
O42 - Logiciel: VTFEdit 1.3.0 - (.Neil Jedrzejewski & Ryan Gregg.) [HKLM] -- VTFEdit_is1
O42 - Logiciel: VaudTax2010 - (.DV Bern AG.) [HKLM] -- VaudTax2010
O42 - Logiciel: Vidalia 0.2.15 - (.Pas de propriétaire.) [HKLM] -- Vidalia
O42 - Logiciel: Video Card Stability Test - (.FreeStone Group.) [HKLM] -- Video Card Stability Test
O42 - Logiciel: VobSub 2.23 - (.Gabest.) [HKLM] -- VobSub
O42 - Logiciel: WMV to AVI MPEG DVD WMV Converter 3.3.1210 - (.Allok Soft Inc..) [HKLM] -WMV to AVI MPEG DVD WMV Converter_is1
O42 - Logiciel: Welcome Center - (.Acer Incorporated.) [HKLM] -- Acer Welcome Center
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst
O42 - Logiciel: WinRAR 4.01 (64-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -{B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -{9B48B0AC-C813-4174-9042-476A887592C7}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183DF4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -{230B83A5-7D88-4B95-B71E-F44C0C78B002}
O42 - Logiciel: World of Warcraft - (.Blizzard Entertainment.) [HKLM] -- World of Warcraft
O42 - Logiciel: World of Warcraft Public Test - (.Blizzard Entertainment.) [HKLM] -- World of
Warcraft Public Test
O42 - Logiciel: Xfire (remove only) - (.Pas de propriétaire.) [HKLM] -- Xfire
O42 - Logiciel: Xvid 1.2.1 - (.Koepi's build.) [HKLM] -- Xvid_is1
O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM] -- Yahoo! Messenger
O42 - Logiciel: YouTube Downloader App 3.00 - (.Regensoft.) [HKLM] -- YouTube Downloader App
O42 - Logiciel: Your Freedom (JET) - (.Pas de propriétaire.) [HKLM] -- Your_Deploy_0
O42 - Logiciel: aTube Catcher - (.DsNET Corp.) [HKLM] -- aTube Catcher
O42 - Logiciel: dBpoweramp Music Converter - (.Illustrate.) [HKLM] -- dBpowerAMP Music
Converter
O42 - Logiciel: doPDF 7.1 printer - (.Softland.) [HKLM] -- doPDF 7 printer_is1
O42 - Logiciel: eReg - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
O42 - Logiciel: eToro - (.eToro.) [HKLM] -- eToro
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -{612C34C7-5E90-47D8-9B5C-0F717DD82726}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\!xSpeed]
[HKCU\Software\!xSpeednet3]
[HKCU\Software\!xSpeednethy]
[HKCU\Software\1098531460]
[HKCU\Software\AAA_LOGO]
[HKCU\Software\AMD]
[HKCU\Software\ANI]
[HKCU\Software\ASIO4ALL v2 by Wuschel]
[HKCU\Software\ATI]
[HKCU\Software\AVI ReComp]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\AhnLab]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software\shareazamediabartb]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Audacity]
[HKCU\Software\Auslogics]
[HKCU\Software\Avira]
[HKCU\Software\BitTorrent]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Brother]
[HKCU\Software\Bugsplat]
[HKCU\Software\ByteLinker]
[HKCU\Software\CBS Software]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Cheat Engine]
[HKCU\Software\Cheatah.me]
[HKCU\Software\ClassesB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ConvertDirect]
[HKCU\Software\CyberLink]
[HKCU\Software\Cygnus Solutions]
[HKCU\Software\Cygwin]
[HKCU\Software\D-Link]
[HKCU\Software\DRKLHF]
[HKCU\Software\DT Soft]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\EVGA]
[HKCU\Software\EasyBits]
[HKCU\Software\FileHippo.com]
[HKCU\Software\Fraps3]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Game Speed Changer]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Haali]
[HKCU\Software\Hamster]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IGA]
[HKCU\Software\IM Providers]
[HKCU\Software\Illustrate]
[HKCU\Software\Image-Line]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Kick0r]
[HKCU\Software\Laconic Software]
[HKCU\Software\Lavalys]
[HKCU\Software\Leadertech]
[HKCU\Software\LiveZilla]
[HKCU\Software\LoLBase]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LogiShrd]
[HKCU\Software\Logitech]
[HKCU\Software\LtdStrInfo]
[HKCU\Software\MAGIX AG]
[HKCU\Software\MAGIX]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MetaQuotes Software]
[HKCU\Software\Michael Herf]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mumble]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\NeoByte Solutions]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Nilings]
[HKCU\Software\ODBC]
[HKCU\Software\OEM]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Outertech]
[HKCU\Software\Pando Networks]
[HKCU\Software\Peer2Me]
[HKCU\Software\Pinnacle Systems]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Polipo]
[HKCU\Software\Python]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SCC]
[HKCU\Software\Screenshot Studio for Firefox]
[HKCU\Software\Shareaza]
[HKCU\Software\ShiningMorning]
[HKCU\Software\SimonTatham]
[HKCU\Software\SkypeApps]
[HKCU\Software\Skype]
[HKCU\Software\SoftVoice]
[HKCU\Software\Softland]
[HKCU\Software\Softonic]
[HKCU\Software\Softpark]
[HKCU\Software\SpeedFan]
[HKCU\Software\SpoonInstall]
[HKCU\Software\Starwizz]
[HKCU\Software\StudioV5]
[HKCU\Software\Sun Microsystems]
[HKCU\Software\Sunisoft]
[HKCU\Software\Sysinternals]
[HKCU\Software\System Requirements Lab]
[HKCU\Software\TCP Optimizer]
[HKCU\Software\TeamSpeak 3 Client]
[HKCU\Software\TeamViewer]
[HKCU\Software\Teorex]
[HKCU\Software\ToMMTi-Systems]
[HKCU\Software\ToolbarCleaner]
[HKCU\Software\TortoiseMerge]
[HKCU\Software\TortoiseSVN]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Ubisoft]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VPNFacile]
[HKCU\Software\Valve]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Winject]
[HKCU\Software\Wow6432Node]
[HKCU\Software\XTick Group]
[HKCU\Software\Xfire]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\Yuna Software]
[HKCU\Software\Zygor Guides]
[HKCU\Software\aignes]
[HKCU\Software\cybelsoft]
[HKCU\Software\ej-technologies]
[HKCU\Software\etoro]
[HKCU\Software\fwc]
[HKCU\Software\giveawayoftheday.com]
[HKCU\Software\techPowerUp]
[HKCU\Software\wcs]
[HKCU\Software\www.dwebplace.com]
[HKCU\Software\xSpeed]
[HKCU\Software\xSpeednet]
[HKLM\Software\<company>]
[HKLM\Software\ACE]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\AMD]
[HKLM\Software\ANIWConnd Service]
[HKLM\Software\ANI]
[HKLM\Software\ASIO]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\AcerUtil]
[HKLM\Software\Acer]
[HKLM\Software\Act-3D]
[HKLM\Software\ActiveState]
[HKLM\Software\Acunetix]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Alienware]
[HKLM\Software\America Online]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Asoftech]
[HKLM\Software\Audible]
[HKLM\Software\Avira]
[HKLM\Software\Avnex]
[HKLM\Software\Babylon]
[HKLM\Software\BitSpirit]
[HKLM\Software\Bitcoin]
[HKLM\Software\Blizzard Entertainment]
[HKLM\Software\Brother Industries, Ltd.]
[HKLM\Software\Brother]
[HKLM\Software\Brothers]
[HKLM\Software\Canneverbe Limited]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Codec Tweak Tool]
[HKLM\Software\CyberLink]
[HKLM\Software\Cygnus Solutions]
[HKLM\Software\Cygwin]
[HKLM\Software\D-Link]
[HKLM\Software\DT Soft]
[HKLM\Software\Digital River]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\EA Games]
[HKLM\Software\EVGA]
[HKLM\Software\EgisTec Egis Software Update]
[HKLM\Software\EgisTec]
[HKLM\Software\Even Balance]
[HKLM\Software\FAST Multimedia]
[HKLM\Software\FileZilla 3]
[HKLM\Software\GANPRO50]
[HKLM\Software\GNU]
[HKLM\Software\GameSpeedChanger]
[HKLM\Software\Gentee]
[HKLM\Software\GnuWin32]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Image-Line]
[HKLM\Software\Intel]
[HKLM\Software\Ion Storm]
[HKLM\Software\JMICRON Technology Corp.]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KLCodecPack]
[HKLM\Software\Khronos]
[HKLM\Software\LanTricks]
[HKLM\Software\Licenses]
[HKLM\Software\Logishrd]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\Magix]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfeeInstaller]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Myriad Software]
[HKLM\Software\N-Stalker Web Application Security Scanner Free 2009]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Oberon Media]
[HKLM\Software\OemSetup]
[HKLM\Software\OpenVPN-GUI]
[HKLM\Software\Outertech]
[HKLM\Software\Outsim]
[HKLM\Software\PGWARE]
[HKLM\Software\Pando Networks]
[HKLM\Software\Pegasus Imaging]
[HKLM\Software\PegasusImaging]
[HKLM\Software\Perl]
[HKLM\Software\Pinnacle Systems]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\ProAct Traders LLC]
[HKLM\Software\Propellerhead Software]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Riot Games]
[HKLM\Software\SRS Labs]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\SensePost]
[HKLM\Software\ShareazaMediabarTb]
[HKLM\Software\Sheldon Solutions]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Skype]
[HKLM\Software\Softland]
[HKLM\Software\Sonic]
[HKLM\Software\Sunisoft]
[HKLM\Software\TeamViewer]
[HKLM\Software\TortoiseOverlays]
[HKLM\Software\TortoiseSVN]
[HKLM\Software\Trad-FR]
[HKLM\Software\TuneUp]
[HKLM\Software\Ubisoft]
[HKLM\Software\VST]
[HKLM\Software\Valve]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinPcap]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Wise Solutions]
[HKLM\Software\Wow6432Node]
[HKLM\Software\X-AVCSD]
[HKLM\Software\XericDesign]
[HKLM\Software\Yahoo]
[HKLM\Software\Your Freedom]
[HKLM\Software\Yuna Software]
[HKLM\Software\cybelsoft]
[HKLM\Software\eMingSoftware]
[HKLM\Software\ej-technologies]
[HKLM\Software\etoro]
[HKLM\Software\fwc]
[HKLM\Software\instinno]
[HKLM\Software\leagueoflegends]
[HKLM\Software\magnet]
[HKLM\Software\mozilla.org]
[HKLM\Software\wcs]
[HKLM\Software\winf]
~ Scan Softwares in 00mn AMs
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/13/2009 - 12:43:22 AM - [17417968] ----D- C:\Program Files\Acer
O43 - CFD: 6/17/2010 - 11:46:38 AM - [246069] ----D- C:\Program Files\Acer Accessory Store
O43 - CFD: 6/2/2011 - 7:27:48 PM - [7422296] ----D- C:\Program Files\CCleaner
O43 - CFD: 9/19/2011 - 9:18:14 PM - [12616432] ----D- C:\Program Files\CDBurnerXP
O43 - CFD: 7/28/2011 - 3:27:40 PM - [86384918] ----D- C:\Program Files\Common Files
O43 - CFD: 6/30/2010 - 4:32:52 PM - [3167232] ----D- C:\Program Files\DivX
O43 - CFD: 3/5/2011 - 11:44:54 PM - [90256916] ----D- C:\Program Files\DVD Maker
O43 - CFD: 6/17/2010 - 12:38:58 PM - [0] ----D- C:\Program Files\Google
O43 - CFD: 4/25/2011 - 12:05:26 PM - [40179368] ----D- C:\Program Files\Hamster Soft
O43 - CFD: 2/12/2011 - 3:50:42 PM - [39323406] ----D- C:\Program Files\HP
O43 - CFD: 7/28/2010 - 9:38:52 PM - [8496889] ----D- C:\Program Files\Intel
O43 - CFD: 10/14/2011 - 7:22:36 AM - [6654563] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 5/11/2011 - 3:55:10 PM - [102510116] ----D- C:\Program Files\Java
O43 - CFD: 6/2/2011 - 1:51:26 AM - [8995738] ----D- C:\Program Files\ma-config.com
O43 - CFD: 1/24/2011 - 12:21:58 AM - [1208832937] ----D- C:\Program Files\MetaTrader 5
O43 - CFD: 7/14/2009 - 9:45:56 AM - [148931122] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 10/13/2009 - 12:38:02 AM - [594846] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 7/14/2009 - 7:32:40 AM - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 8/1/2010 - 5:43:38 PM - [4548779] ----D- C:\Program Files\Nem's Tools
O43 - CFD: 8/9/2011 - 11:05:14 PM - [1835914653] ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD: 12/23/2009 - 8:39:34 PM - [12065952] ----D- C:\Program Files\Realtek
O43 - CFD: 7/14/2009 - 7:32:40 AM - [36813993] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 8/24/2010 - 3:19:02 PM - [5155532] ----D- C:\Program Files\Softland
O43 - CFD: 7/28/2011 - 3:27:40 PM - [21940849] ----D- C:\Program Files\TortoiseSVN
O43 - CFD: 10/22/2010 - 4:51:48 PM - [8037047] ----D- C:\Program Files\TrueCrypt
O43 - CFD: 7/14/2009 - 7:09:28 AM - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 3/5/2011 - 11:44:52 PM - [4039680] ----D- C:\Program Files\Windows Defender
O43 - CFD: 3/5/2011 - 11:44:54 PM - [9224824] ----D- C:\Program Files\Windows Journal
O43 - CFD: 3/5/2011 - 11:44:54 PM - [6667776] ----D- C:\Program Files\Windows Mail
O43 - CFD: 3/5/2011 - 11:44:54 PM - [7687085] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 7/14/2009 - 7:32:40 AM - [12627636] ----D- C:\Program Files\Windows NT
O43 - CFD: 3/5/2011 - 11:44:54 PM - [5516056] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 3/5/2011 - 11:44:54 PM - [244736] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 3/5/2011 - 11:44:54 PM - [8355930] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 6/11/2011 - 12:43:48 PM - [4475475] ----D- C:\Program Files\WinRAR
O43 - CFD: 1/16/2011 - 12:03:44 PM - [36] ----D- C:\Program Files\World of Warcraft
O43 - CFD: 10/14/2011 - 2:15:20 AM - [39270490479] ----D- C:\Program Files\World of
Warcraft_OFFICIAL
O43 - CFD: 9/22/2011 - 2:42:38 PM - [36] ----D- C:\Program Files\WOW SNIPE AH
O43 - CFD: 4/6/2011 - 3:50:28 PM - [6402582] ----D- C:\Program Files\Common Files\LogiShrd
O43 - CFD: 6/17/2011 - 3:02:48 AM - [66029463] ----D- C:\Program Files\Common Files\Microsoft
Shared
O43 - CFD: 7/14/2009 - 5:20:10 AM - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 7/14/2009 - 5:20:10 AM - [608768] ----D- C:\Program Files\Common
Files\SpeechEngines
O43 - CFD: 1/2/2009 - 1:54:34 AM - [12194291] ----D- C:\Program Files\Common Files\System
O43 - CFD: 7/28/2011 - 3:27:40 PM - [1147112] ----D- C:\Program Files\Common
Files\TortoiseOverlays
O43 - CFD: 10/13/2009 - 12:42:24 AM - [2490954] ----D- C:\ProgramData\Acer
O43 - CFD: 6/16/2011 - 2:31:48 AM - [62602962] ----D- C:\ProgramData\Adobe
O43 - CFD: 4/29/2011 - 8:30:14 PM - [25676] ----D- C:\ProgramData\Aiseesoft Studio
O43 - CFD: 10/3/2010 - 4:10:14 AM - [35411456] ----D- C:\ProgramData\Apple
O43 - CFD: 1/18/2011 - 11:23:06 PM - [26896384] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 3/5/2011 - 1:06:56 AM - [0] ----D- C:\ProgramData\ASign
O43 - CFD: 6/17/2010 - 2:51:18 PM - [319624037] ----D- C:\ProgramData\Avira
O43 - CFD: 3/15/2011 - 6:16:18 PM - [0] ----D- C:\ProgramData\AVS4YOU
O43 - CFD: 10/13/2009 - 12:36:56 AM - [81502] ----D- C:\ProgramData\BackupManager
O43 - CFD: 6/30/2010 - 10:48:40 PM - [8056] ----D- C:\ProgramData\Blizzard
O43 - CFD: 1/15/2011 - 1:38:32 AM - [7014278] ----D- C:\ProgramData\Blizzard Entertainment
O43 - CFD: 8/16/2010 - 1:24:04 AM - [40755] ----D- C:\ProgramData\Brother
O43 - CFD: 9/19/2011 - 9:18:20 PM - [0] ----D- C:\ProgramData\Canneverbe Limited
O43 - CFD: 12/23/2009 - 8:46:16 PM - [95775] ----D- C:\ProgramData\CyberLink
O43 - CFD: 9/26/2010 - 12:03:48 AM - [1584] ----D- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 2/27/2011 - 3:06:06 PM - [4533934] ----D- C:\ProgramData\DivX
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 10/13/2009 - 12:53:56 AM - [0] ----D- C:\ProgramData\EgisTec
O43 - CFD: 10/13/2009 - 12:52:12 AM - [420] ----D- C:\ProgramData\eSobi
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 2/23/2011 - 9:16:58 PM - [60870] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 2/23/2011 - 9:06:10 PM - [293496] ----D- C:\ProgramData\HP
O43 - CFD: 4/6/2011 - 3:50:34 PM - [1169] ----D- C:\ProgramData\Logishrd
O43 - CFD: 6/2/2011 - 1:51:26 AM - [1306860] ----D- C:\ProgramData\ma-config.com
O43 - CFD: 10/14/2010 - 1:20:14 PM - [3025260154] ----D- C:\ProgramData\MAGIX
O43 - CFD: 7/12/2010 - 2:52:00 AM - [19495102] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 6/17/2010 - 12:10:02 PM - [5114] ----D- C:\ProgramData\McAfee
O43 - CFD: 6/17/2010 - 11:49:32 AM - [289] ----D- C:\ProgramData\McQcModifier-5c47-a7b0
O43 - CFD: 7/1/2010 - 7:39:54 PM - [363373] ----D- C:\ProgramData\Messenger Plus!
O43 - CFD: 1/24/2011 - 12:21:46 AM - [0] ----D- C:\ProgramData\MetaQuotes
O43 - CFD: 3/5/2011 - 1:05:20 AM - [331069379] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 10/14/2011 - 3:01:42 AM - [433706] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 8/13/2010 - 10:25:08 PM - [16883] ----D- C:\ProgramData\N-Stalker
O43 - CFD: 10/31/2010 - 10:40:10 PM - [11654326] ----D- C:\ProgramData\Nero
O43 - CFD: 10/16/2011 - 5:15:02 PM - [2807210] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 3/19/2011 - 10:36:12 PM - [624257] ----D- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 6/17/2010 - 11:46:30 AM - [3595] ----D- C:\ProgramData\OEM
O43 - CFD: 6/17/2010 - 12:38:58 PM - [695] ----D- C:\ProgramData\Partner
O43 - CFD: 10/26/2010 - 3:44:50 PM - [1000] ----D- C:\ProgramData\PC Drivers HeadQuarters
O43 - CFD: 8/5/2010 - 2:43:32 PM - [26272] ----D- C:\ProgramData\Pinnacle
O43 - CFD: 8/5/2010 - 2:45:18 PM - [4092] ----D- C:\ProgramData\Pinnacle VideoSpin
O43 - CFD: 9/6/2011 - 2:27:28 AM - [662] ----D- C:\ProgramData\PMB Files
O43 - CFD: 10/13/2009 - 12:46:42 AM - [36] ----D- C:\ProgramData\SiteAdvisor
O43 - CFD: 8/5/2011 - 9:58:22 PM - [88305561] ----D- C:\ProgramData\Skype
O43 - CFD: 5/23/2011 - 5:26:08 PM - [6508115] ----D- C:\ProgramData\Skype Extras
O43 - CFD: 9/27/2010 - 10:51:18 PM - [1047] ----D- C:\ProgramData\Solidshield
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 7/3/2010 - 7:35:42 PM - [329] ----D- C:\ProgramData\Sun
O43 - CFD: 3/11/2011 - 7:31:46 PM - [16] -SH-D- C:\ProgramData\System Restore
O43 - CFD: 7/23/2011 - 10:01:08 PM - [90183] ---AD- C:\ProgramData\Temp
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 7/14/2010 - 4:19:12 PM - [544768] ----D- C:\ProgramData\TuneUp Software
O43 - CFD: 12/2/2010 - 12:40:36 AM - [4478] ----D- C:\ProgramData\UAB
O43 - CFD: 3/19/2011 - 3:30:38 AM - [425] ----D- C:\ProgramData\Ubisoft
O43 - CFD: 9/9/2011 - 12:41:56 PM - [3530419] ----D- C:\ProgramData\Xfire
O43 - CFD: 9/27/2010 - 10:25:42 PM - [607544] ----D- C:\ProgramData\Yahoo!
O43 - CFD: 6/30/2010 - 10:29:04 PM - [17244672] -SH-DC:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
O43 - CFD: 3/26/2011 - 10:39:46 PM - [8354] ----DC:\Users\ANONYMOUS\AppData\Roaming\.jfwupdate
O43 - CFD: 2/18/2011 - 12:59:14 PM - [92815] ----DC:\Users\ANONYMOUS\AppData\Roaming\.Kanton VS
O43 - CFD: 1/29/2011 - 4:25:44 PM - [2170622] ----DC:\Users\ANONYMOUS\AppData\Roaming\.minecraft
O43 - CFD: 10/14/2010 - 1:44:58 PM - [17456412] ----DC:\Users\ANONYMOUS\AppData\Roaming\ACAMPREF
O43 - CFD: 10/31/2010 - 10:48:52 PM - [0] ----DC:\Users\ANONYMOUS\AppData\Roaming\AccurateRip
O43 - CFD: 1/19/2011 - 12:26:02 AM - [12067063] ----DC:\Users\ANONYMOUS\AppData\Roaming\Adobe
O43 - CFD: 10/14/2010 - 1:42:34 PM - [51] ----D- C:\Users\ANONYMOUS\AppData\Roaming\Anvil
Studio
O43 - CFD: 7/12/2010 - 4:01:50 AM - [218] ----DC:\Users\ANONYMOUS\AppData\Roaming\asoftech
O43 - CFD: 6/17/2010 - 11:50:22 AM - [0] ----D- C:\Users\ANONYMOUS\AppData\Roaming\ATI
O43 - CFD: 7/22/2011 - 10:20:22 PM - [135405327] ----DC:\Users\ANONYMOUS\AppData\Roaming\Auslogics
O43 - CFD: 4/22/2011 - 12:41:52 PM - [0] ----D- C:\Users\ANONYMOUS\AppData\Roaming\AVI
ReComp
O43 - CFD: 4/30/2011 - 9:27:12 PM - [192] ----DC:\Users\ANONYMOUS\AppData\Roaming\AVS4YOU
O43 - CFD: 4/5/2011 - 10:21:26 AM - [3847783] ----DC:\Users\ANONYMOUS\AppData\Roaming\Azureus
O43 - CFD: 10/15/2011 - 11:11:24 AM - [995792673] ----DC:\Users\ANONYMOUS\AppData\Roaming\Bitcoin
O43 - CFD: 2/10/2011 - 3:12:44 AM - [0] ----D- C:\Users\ANONYMOUS\AppData\Roaming\BitSpirit
O43 - CFD: 8/16/2010 - 1:54:50 AM - [0] R---D- C:\Users\ANONYMOUS\AppData\Roaming\Brother
O43 - CFD: 9/19/2011 - 9:18:20 PM - [1548] ----DC:\Users\ANONYMOUS\AppData\Roaming\Canneverbe Limited
O43 - CFD: 9/11/2010 - 2:47:20 PM - [425] ----DC:\Users\ANONYMOUS\AppData\Roaming\Com.Comm100.LiveChat.AirVisitorMonitor.En.98637D
25BBBF4FE1AADC1A429B4293B71CBA63FE.1
O43 - CFD: 1/24/2011 - 6:37:26 PM - [765] ----DC:\Users\ANONYMOUS\AppData\Roaming\com.inruntime.clientapps.zulutrade
O43 - CFD: 9/26/2010 - 12:29:36 AM - [4288] ----DC:\Users\ANONYMOUS\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 9/21/2010 - 1:05:12 AM - [224256] ----DC:\Users\ANONYMOUS\AppData\Roaming\DivX
O43 - CFD: 9/13/2010 - 3:16:44 AM - [199] ----D- C:\Users\ANONYMOUS\AppData\Roaming\dvdcss
O43 - CFD: 1/12/2011 - 3:35:42 PM - [0] ----DC:\Users\ANONYMOUS\AppData\Roaming\EurekaLog
O43 - CFD: 8/9/2011 - 8:51:16 PM - [25184] ----DC:\Users\ANONYMOUS\AppData\Roaming\FileZilla
O43 - CFD: 3/11/2011 - 7:31:46 PM - [484534] ----DC:\Users\ANONYMOUS\AppData\Roaming\FireShot
O43 - CFD: 4/30/2011 - 9:49:16 AM - [52279] ----DC:\Users\ANONYMOUS\AppData\Roaming\FreeFLVConverter
O43 - CFD: 6/4/2011 - 12:30:40 AM - [16777224] ----DC:\Users\ANONYMOUS\AppData\Roaming\FreeStone Group
O43 - CFD: 3/18/2011 - 7:45:20 PM - [635] ----D-
C:\Users\ANONYMOUS\AppData\Roaming\GetRightToGo
O43 - CFD: 6/17/2010 - 12:15:24 PM - [0] ----D- C:\Users\ANONYMOUS\AppData\Roaming\Google
O43 - CFD: 3/31/2011 - 6:41:14 PM - [165] ----D- C:\Users\ANONYMOUS\AppData\Roaming\gtk-2.0
O43 - CFD: 6/4/2011 - 1:01:02 AM - [32] ----D- C:\Users\ANONYMOUS\AppData\Roaming\Gyazo
O43 - CFD: 4/25/2011 - 12:05:48 PM - [151] ----DC:\Users\ANONYMOUS\AppData\Roaming\HamsterSoft
O43 - CFD: 2/23/2011 - 9:13:46 PM - [2283] ----D- C:\Users\ANONYMOUS\AppData\Roaming\HP
O43 - CFD: 3/13/2011 - 1:11:20 AM - [152] ----D- C:\Users\ANONYMOUS\AppData\Roaming\HWM
BlackBox
O43 - CFD: 6/17/2010 - 11:48:58 AM - [0] ----DC:\Users\ANONYMOUS\AppData\Roaming\Identities
O43 - CFD: 3/22/2011 - 11:53:40 PM - [0] ----DC:\Users\ANONYMOUS\AppData\Roaming\InstallShield
O43 - CFD: 4/6/2011 - 3:45:52 PM - [353] ----DC:\Users\ANONYMOUS\AppData\Roaming\Leadertech
O43 - CFD: 8/5/2010 - 5:53:46 PM - [719] ----D- C:\Users\ANONYMOUS\AppData\Roaming\Leawo
O43 - CFD: 12/16/2010 - 2:09:30 AM - [24359286] ----DC:\Users\ANONYMOUS\AppData\Roaming\LimeWire
O43 - CFD: 1/18/2011 - 11:21:46 PM - [3909148291] ----DC:\Users\ANONYMOUS\AppData\Roaming\Local
O43 - CFD: 4/6/2011 - 3:44:58 PM - [161700] ----DC:\Users\ANONYMOUS\AppData\Roaming\Logishrd
O43 - CFD: 4/6/2011 - 3:46:16 PM - [0] ----D- C:\Users\ANONYMOUS\AppData\Roaming\Logitech
O43 - CFD: 1/6/2011 - 5:28:16 PM - [485] ----DC:\Users\ANONYMOUS\AppData\Roaming\LogoMaker
O43 - CFD: 8/27/2010 - 3:46:22 PM - [461] ----DC:\Users\ANONYMOUS\AppData\Roaming\LolClient
O43 - CFD: 6/17/2010 - 11:49:28 AM - [19582] ----DC:\Users\ANONYMOUS\AppData\Roaming\Macromedia
O43 - CFD: 10/14/2010 - 1:21:30 PM - [2950232] ----DC:\Users\ANONYMOUS\AppData\Roaming\MAGIX
O43 - CFD: 7/12/2010 - 2:52:06 AM - [4503774] ----DC:\Users\ANONYMOUS\AppData\Roaming\Malwarebytes
O43 - CFD: 7/14/2009 - 9:44:40 AM - [0] ----D- C:\Users\ANONYMOUS\AppData\Roaming\Media
Center Programs
O43 - CFD: 5/15/2011 - 12:02:06 AM - [12378683] -S--DC:\Users\ANONYMOUS\AppData\Roaming\Microsoft
O43 - CFD: 12/16/2010 - 2:03:34 AM - [16902833] ----DC:\Users\ANONYMOUS\AppData\Roaming\Mozilla
O43 - CFD: 8/24/2011 - 11:08:04 PM - [646317] ----DC:\Users\ANONYMOUS\AppData\Roaming\Mumble
O43 - CFD: 8/13/2010 - 10:23:40 PM - [4728815] ----DC:\Users\ANONYMOUS\AppData\Roaming\N-Stalker
O43 - CFD: 9/19/2011 - 9:13:38 PM - [39292] ----DC:\Users\ANONYMOUS\AppData\Roaming\Nero
O43 - CFD: 6/10/2011 - 1:21:50 AM - [355823] ----DC:\Users\ANONYMOUS\AppData\Roaming\Notepad++
O43 - CFD: 8/19/2011 - 10:20:50 PM - [0] ----D- C:\Users\ANONYMOUS\AppData\Roaming\NVIDIA
O43 - CFD: 9/21/2011 - 3:40:22 PM - [123822] ----DC:\Users\ANONYMOUS\AppData\Roaming\NVIDIA 3D Vision Video Player
O43 - CFD: 8/16/2010 - 10:34:04 PM - [2488948] ----DC:\Users\ANONYMOUS\AppData\Roaming\OpenOffice.org
O43 - CFD: 11/17/2010 - 3:36:22 AM - [12624692] ----DC:\Users\ANONYMOUS\AppData\Roaming\ProAct Traders v1
O43 - CFD: 3/19/2011 - 3:24:16 AM - [835440] ----DC:\Users\ANONYMOUS\AppData\Roaming\PunkBuster
O43 - CFD: 2/17/2011 - 12:23:24 AM - [63326] ----DC:\Users\ANONYMOUS\AppData\Roaming\RIFT
O43 - CFD: 8/26/2010 - 5:20:58 PM - [14418538] ----DC:\Users\ANONYMOUS\AppData\Roaming\SharePod
O43 - CFD: 10/15/2011 - 5:06:26 PM - [10623314] ----DC:\Users\ANONYMOUS\AppData\Roaming\Skype
O43 - CFD: 5/26/2011 - 1:47:42 PM - [8160] ----DC:\Users\ANONYMOUS\AppData\Roaming\skypePM
O43 - CFD: 8/24/2010 - 3:19:06 PM - [717] ----DC:\Users\ANONYMOUS\AppData\Roaming\Softland
O43 - CFD: 10/20/2010 - 3:59:02 PM - [1389] ----DC:\Users\ANONYMOUS\AppData\Roaming\Softpark
O43 - CFD: 7/28/2011 - 3:28:10 PM - [18944] ----DC:\Users\ANONYMOUS\AppData\Roaming\Subversion
O43 - CFD: 3/21/2011 - 5:20:04 AM - [1399728] ----DC:\Users\ANONYMOUS\AppData\Roaming\SystemRequirementsLab
O43 - CFD: 1/15/2011 - 7:24:18 PM - [4014] ----DC:\Users\ANONYMOUS\AppData\Roaming\TeamViewer
O43 - CFD: 12/17/2010 - 9:26:20 PM - [13824] ----DC:\Users\ANONYMOUS\AppData\Roaming\Template
O43 - CFD: 2/1/2011 - 2:02:14 AM - [114724] ----DC:\Users\ANONYMOUS\AppData\Roaming\Thinstall
O43 - CFD: 10/16/2011 - 8:11:54 PM - [9192348] ----DC:\Users\ANONYMOUS\AppData\Roaming\Tor
O43 - CFD: 7/28/2011 - 3:31:08 PM - [59387] ----DC:\Users\ANONYMOUS\AppData\Roaming\TortoiseSVN
O43 - CFD: 10/22/2010 - 4:53:32 PM - [2519] ----DC:\Users\ANONYMOUS\AppData\Roaming\TrueCrypt
O43 - CFD: 9/29/2011 - 1:04:46 AM - [3216955] ----DC:\Users\ANONYMOUS\AppData\Roaming\TS3Client
O43 - CFD: 6/30/2010 - 10:29:26 PM - [95503] ----DC:\Users\ANONYMOUS\AppData\Roaming\TuneUp Software
O43 - CFD: 2/1/2011 - 1:10:32 AM - [20533681] ----DC:\Users\ANONYMOUS\AppData\Roaming\TweakNow RegCleaner 2011
O43 - CFD: 9/6/2011 - 8:57:54 AM - [2705644] ----DC:\Users\ANONYMOUS\AppData\Roaming\Ubisoft
O43 - CFD: 2/10/2011 - 3:06:58 AM - [1825085] ----DC:\Users\ANONYMOUS\AppData\Roaming\uTorrent
O43 - CFD: 11/17/2010 - 3:41:40 AM - [5268176] ----DC:\Users\ANONYMOUS\AppData\Roaming\v1
O43 - CFD: 10/16/2011 - 5:15:24 PM - [70170] ----DC:\Users\ANONYMOUS\AppData\Roaming\Vidalia
O43 - CFD: 6/4/2011 - 1:09:58 AM - [770] ----DC:\Users\ANONYMOUS\AppData\Roaming\VirtuaWin
O43 - CFD: 7/4/2011 - 2:34:08 AM - [10179381] ----DC:\Users\ANONYMOUS\AppData\Roaming\vlc
O43 - CFD: 8/9/2011 - 4:33:12 PM - [683] ----DC:\Users\ANONYMOUS\AppData\Roaming\VoipCheapCom
O43 - CFD: 11/4/2010 - 1:31:48 PM - [13401929] ----DC:\Users\ANONYMOUS\AppData\Roaming\Warsow 0.5
O43 - CFD: 10/20/2010 - 6:15:38 PM - [0] ----DC:\Users\ANONYMOUS\AppData\Roaming\Windows Live Writer
O43 - CFD: 6/17/2010 - 1:51:22 PM - [12] ----D- C:\Users\ANONYMOUS\AppData\Roaming\WinRAR
O43 - CFD: 8/9/2011 - 4:10:58 AM - [240] -SH-DC:\Users\ANONYMOUS\AppData\Roaming\wyUpdate AU
O43 - CFD: 4/14/2011 - 11:08:48 PM - [2617378] ----DC:\Users\ANONYMOUS\AppData\Roaming\XericDesign
O43 - CFD: 9/7/2011 - 3:31:12 PM - [5668] ----D- C:\Users\ANONYMOUS\AppData\Roaming\Xfire
O43 - CFD: 1/8/2009 - 7:56:02 AM - [570457] ----DC:\Users\ANONYMOUS\AppData\Roaming\Yahoo!
O43 - CFD: 2/18/2011 - 12:59:16 PM - [354] ----D- C:\Users\ANONYMOUS\AppData\Local\.Kanton
VS
O43 - CFD: 1/18/2011 - 11:19:50 PM - [535709] ----DC:\Users\ANONYMOUS\AppData\Local\Adobe
O43 - CFD: 1/12/2011 - 1:38:44 PM - [856] ----D- C:\Users\ANONYMOUS\AppData\Local\Alex F
O43 - CFD: 10/3/2010 - 4:10:16 AM - [0] ----D- C:\Users\ANONYMOUS\AppData\Local\Apple
O43 - CFD: 6/17/2010 - 11:46:22 AM - [0] -SH-DC:\Users\ANONYMOUS\AppData\Local\Application Data
O43 - CFD: 6/12/2011 - 11:20:12 PM - [28633103] ----DC:\Users\ANONYMOUS\AppData\Local\Apps
O43 - CFD: 6/17/2010 - 11:50:22 AM - [60594] ----D- C:\Users\ANONYMOUS\AppData\Local\ATI
O43 - CFD: 6/17/2010 - 1:52:54 PM - [43016] ----D- C:\Users\ANONYMOUS\AppData\Local\Blizzard
Entertainment
O43 - CFD: 11/12/2010 - 2:27:08 AM - [38948352] ----DC:\Users\ANONYMOUS\AppData\Local\Bossland GmbH
O43 - CFD: 10/16/2011 - 1:35:48 AM - [0] ----DC:\Users\ANONYMOUS\AppData\Local\Deployment
O43 - CFD: 8/5/2010 - 2:43:28 PM - [143897600] ----DC:\Users\ANONYMOUS\AppData\Local\Downloaded Installations
O43 - CFD: 5/16/2011 - 4:41:00 PM - [4] ----D- C:\Users\ANONYMOUS\AppData\Local\DrWatson
O43 - CFD: 2/4/2011 - 12:50:14 AM - [2179] ----D- C:\Users\ANONYMOUS\AppData\Local\EA
Games
O43 - CFD: 6/17/2010 - 11:49:30 AM - [184] ----D- C:\Users\ANONYMOUS\AppData\Local\EgisTec
O43 - CFD: 10/10/2011 - 9:38:06 PM - [603985] ----DC:\Users\ANONYMOUS\AppData\Local\ElevatedDiagnostics
O43 - CFD: 3/15/2011 - 6:20:26 PM - [1006286] ----DC:\Users\ANONYMOUS\AppData\Local\Geckofx
O43 - CFD: 12/22/2010 - 5:49:34 PM - [1181079397] ----DC:\Users\ANONYMOUS\AppData\Local\Google
O43 - CFD: 6/17/2010 - 11:46:22 AM - [0] -SH-DC:\Users\ANONYMOUS\AppData\Local\Historique
O43 - CFD: 9/27/2011 - 1:51:58 PM - [671412680] ----DC:\Users\ANONYMOUS\AppData\Local\HonorbuddyMeshes
O43 - CFD: 10/15/2011 - 5:28:38 PM - [1823] ----D-
C:\Users\ANONYMOUS\AppData\Local\IsolatedStorage
O43 - CFD: 12/6/2010 - 11:02:04 PM - [1274] ----DC:\Users\ANONYMOUS\AppData\Local\Lowerping
O43 - CFD: 10/10/2011 - 10:22:32 PM - [2362] ----DC:\Users\ANONYMOUS\AppData\Local\MagicCamera
O43 - CFD: 10/10/2011 - 10:21:32 PM - [1302483610] ----DC:\Users\ANONYMOUS\AppData\Local\Microsoft
O43 - CFD: 9/1/2011 - 4:15:38 AM - [4845] ----D- C:\Users\ANONYMOUS\AppData\Local\Microsoft
Games
O43 - CFD: 6/17/2010 - 11:58:48 AM - [0] ----D- C:\Users\ANONYMOUS\AppData\Local\Microsoft
Help
O43 - CFD: 7/8/2010 - 10:13:44 PM - [50956347] ----DC:\Users\ANONYMOUS\AppData\Local\Mozilla
O43 - CFD: 10/19/2010 - 11:16:42 AM - [0] ----D- C:\Users\ANONYMOUS\AppData\Local\Mumble
O43 - CFD: 8/14/2010 - 7:05:58 PM - [4197] ----D- C:\Users\ANONYMOUS\AppData\Local\Nem's
Tools
O43 - CFD: 3/21/2011 - 12:28:32 AM - [3243] ----D- C:\Users\ANONYMOUS\AppData\Local\NVIDIA
Corporation
O43 - CFD: 12/16/2010 - 2:02:42 AM - [0] ----DC:\Users\ANONYMOUS\AppData\Local\PackageAware
O43 - CFD: 10/26/2010 - 3:44:54 PM - [6083] ----DC:\Users\ANONYMOUS\AppData\Local\PC_Drivers_Headquarters
O43 - CFD: 9/6/2011 - 2:27:38 AM - [331936] ----D- C:\Users\ANONYMOUS\AppData\Local\PMB
Files
O43 - CFD: 9/6/2011 - 8:57:58 AM - [484080] ----DC:\Users\ANONYMOUS\AppData\Local\PunkBuster
O43 - CFD: 12/16/2010 - 2:08:34 AM - [35318312] ----DC:\Users\ANONYMOUS\AppData\Local\Shareaza
O43 - CFD: 1/16/2011 - 1:04:06 PM - [1352] ----DC:\Users\ANONYMOUS\AppData\Local\Sheldon_Solutions
O43 - CFD: 5/3/2011 - 11:18:04 AM - [412] ----D- C:\Users\ANONYMOUS\AppData\Local\SKIDROW
O43 - CFD: 7/16/2011 - 12:33:06 AM - [1285] ----DC:\Users\ANONYMOUS\AppData\Local\SyderWare
O43 - CFD: 10/16/2011 - 9:15:20 PM - [95980] ----D- C:\Users\ANONYMOUS\AppData\Local\Temp
O43 - CFD: 6/17/2010 - 11:46:22 AM - [0] -SH-DC:\Users\ANONYMOUS\AppData\Local\Temporary Internet Files
O43 - CFD: 6/4/2011 - 1:36:38 AM - [1195] ----DC:\Users\ANONYMOUS\AppData\Local\TopWinPrio
O43 - CFD: 10/16/2011 - 5:15:40 PM - [0] ----D- C:\Users\ANONYMOUS\AppData\Local\TSVNCache
O43 - CFD: 9/6/2011 - 8:54:50 AM - [203] ----D- C:\Users\ANONYMOUS\AppData\Local\Ubisoft
Game Launcher
O43 - CFD: 6/17/2010 - 1:56:02 PM - [2576102] ----DC:\Users\ANONYMOUS\AppData\Local\VirtualStore
O43 - CFD: 8/5/2010 - 5:46:56 PM - [1927] ----D- C:\Users\ANONYMOUS\AppData\Local\WinAVI
O43 - CFD: 10/22/2010 - 1:08:18 PM - [36864] ----DC:\Users\ANONYMOUS\AppData\Local\Windows Live
O43 - CFD: 10/20/2010 - 6:15:38 PM - [0] ----D- C:\Users\ANONYMOUS\AppData\Local\Windows
Live Writer
O43 - CFD: 9/8/2010 - 1:47:24 PM - [392620] ----D- C:\Users\ANONYMOUS\AppData\Local\Yahoo
O43 - CFD: 8/9/2010 - 11:52:04 PM - [3321] ----D- C:\Users\ANONYMOUS\AppData\Local\zoug
O43 - CFD: 9/11/2011 - 4:48:56 AM - [4798002] ----D- C:\Program Files (x86)\3DRipperDX
O43 - CFD: 2/10/2011 - 3:37:22 PM - [11376005] ----D- C:\Program Files (x86)\AAALOGO2010
O43 - CFD: 12/23/2009 - 8:47:22 PM - [42292728] ----D- C:\Program Files (x86)\Acer
O43 - CFD: 6/17/2010 - 12:20:06 PM - [586833737] ----D- C:\Program Files (x86)\Acer GameZone
O43 - CFD: 5/16/2011 - 4:40:46 PM - [50431014] ----D- C:\Program Files (x86)\Acunetix
O43 - CFD: 6/16/2011 - 2:31:48 AM - [164526044] ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 4/29/2011 - 8:30:04 PM - [56477835] ----D- C:\Program Files (x86)\Aiseesoft Studio
O43 - CFD: 10/3/2010 - 4:10:16 AM - [2221118] ----D- C:\Program Files (x86)\Apple Software
Update
O43 - CFD: 3/15/2011 - 3:30:46 AM - [442312] ----D- C:\Program Files (x86)\Arbitro
O43 - CFD: 3/5/2011 - 1:07:30 AM - [4397] ----D- C:\Program Files (x86)\ARC SYSTEM WORKS
O43 - CFD: 2/18/2011 - 5:55:24 PM - [525647] ----D- C:\Program Files (x86)\ASIO4ALL v2
O43 - CFD: 7/13/2010 - 2:06:14 AM - [986902] ----D- C:\Program Files (x86)\Asoftech
O43 - CFD: 8/10/2010 - 9:52:16 PM - [18698623] ----D- C:\Program Files (x86)\Audacity
O43 - CFD: 11/27/2010 - 2:44:40 AM - [42800739] ----D- C:\Program Files (x86)\Auslogics
O43 - CFD: 11/8/2010 - 1:22:08 AM - [0] ----D- C:\Program Files (x86)\Autochartist
O43 - CFD: 8/18/2010 - 8:48:44 PM - [27139235] ----D- C:\Program Files (x86)\AV Vcs 6.0
DIAMOND
O43 - CFD: 4/22/2011 - 12:41:26 PM - [6145366] ----D- C:\Program Files (x86)\AVI ReComp
O43 - CFD: 6/17/2010 - 2:51:18 PM - [171890269] ----D- C:\Program Files (x86)\Avira
O43 - CFD: 9/21/2011 - 3:49:06 PM - [4859926] ----D- C:\Program Files (x86)\AviSynth 2.5
O43 - CFD: 4/30/2011 - 6:40:46 PM - [32879561] ----D- C:\Program Files (x86)\AVS4YOU
O43 - CFD: 10/15/2011 - 5:24:54 PM - [23910303] ----D- C:\Program Files (x86)\Better Explorer
O43 - CFD: 10/14/2011 - 11:28:36 PM - [19227379] ----D- C:\Program Files (x86)\Bitcoin
O43 - CFD: 2/10/2011 - 3:12:38 AM - [7256680] ----D- C:\Program Files (x86)\BitSpirit
O43 - CFD: 8/16/2010 - 1:24:30 AM - [28945733] ----D- C:\Program Files (x86)\Brother
O43 - CFD: 11/23/2010 - 6:18:34 PM - [1311132] ----D- C:\Program Files (x86)\Bytescout XLS
Viewer
O43 - CFD: 4/28/2011 - 8:33:34 PM - [3593727] ----D- C:\Program Files (x86)\Cacheman
O43 - CFD: 3/10/2011 - 6:12:10 PM - [8327481] ----D- C:\Program Files (x86)\CamStudio
O43 - CFD: 1/11/2011 - 2:59:18 AM - [0] ----D- C:\Program Files (x86)\Candleworks
O43 - CFD: 2/1/2011 - 2:01:40 AM - [1478508] ----D- C:\Program Files (x86)\CBS Software
O43 - CFD: 3/27/2011 - 2:22:10 PM - [19360839] ----D- C:\Program Files (x86)\Cheat Engine 6
O43 - CFD: 9/11/2010 - 2:47:20 PM - [1255001] ----D- C:\Program Files (x86)\Comm100 Live Chat
Visitor Monitor
O43 - CFD: 10/10/2011 - 10:06:40 PM - [839444764] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 3/22/2011 - 11:53:42 PM - [19810814] ----D- C:\Program Files (x86)\D-Link
O43 - CFD: 4/10/2011 - 12:20:16 PM - [18962205] ----D- C:\Program Files (x86)\DAEMON Tools
Lite
O43 - CFD: 4/10/2011 - 12:19:30 PM - [4048943] ----D- C:\Program Files (x86)\DAEMON Tools
Toolbar
O43 - CFD: 2/1/2011 - 1:56:14 AM - [1267680] ----D- C:\Program Files (x86)\DFÜ-Optimierer
O43 - CFD: 2/27/2011 - 3:06:04 PM - [97539256] ----D- C:\Program Files (x86)\DivX
O43 - CFD: 7/3/2010 - 2:26:48 AM - [2444391] ----D- C:\Program Files (x86)\DRKSpider
O43 - CFD: 6/12/2011 - 6:20:14 PM - [36643075] ----D- C:\Program Files (x86)\DsNET Corp
O43 - CFD: 10/13/2009 - 12:44:36 AM - [35392115] ----D- C:\Program Files (x86)\EgisTec
O43 - CFD: 10/13/2009 - 12:44:38 AM - [1683158] ----D- C:\Program Files (x86)\EgisTec Egis
Software Update
O43 - CFD: 3/28/2011 - 11:47:32 PM - [1044681] ----D- C:\Program Files (x86)\Elemental Trader
1.5
O43 - CFD: 9/8/2010 - 1:06:06 PM - [14030019] ----D- C:\Program Files (x86)\eToro
O43 - CFD: 7/30/2011 - 4:20:46 PM - [28423842] ----D- C:\Program Files (x86)\EVGA Precision
O43 - CFD: 10/11/2011 - 10:55:56 AM - [4143422] ----D- C:\Program Files (x86)\Fake Webcam
O43 - CFD: 10/31/2010 - 4:21:10 PM - [381086] ----D- C:\Program Files (x86)\FileHippo.com
O43 - CFD: 6/10/2011 - 1:22:40 AM - [17053952] ----D- C:\Program Files (x86)\FileZilla FTP Client
O43 - CFD: 10/10/2011 - 11:12:16 PM - [114529] ----D- C:\Program Files (x86)\Fire Heart Desktop
Gadget
O43 - CFD: 9/5/2010 - 2:08:54 PM - [5693171] ----D- C:\Program Files (x86)\Free Create-Burn ISO
Image
O43 - CFD: 4/30/2011 - 9:49:14 AM - [12268690] ----D- C:\Program Files (x86)\Free FLV Converter
O43 - CFD: 7/26/2011 - 3:57:32 AM - [16118091] ----D- C:\Program Files (x86)\FXCM MT4 powered
by BT
O43 - CFD: 2/10/2011 - 7:46:58 PM - [162087] ----D- C:\Program Files (x86)\FxPro - MetaTrader
O43 - CFD: 4/22/2011 - 12:41:10 PM - [446492] ----D- C:\Program Files (x86)\Gabest
O43 - CFD: 7/12/2010 - 3:52:26 AM - [353] ----D- C:\Program Files (x86)\Game Speed Changer
O43 - CFD: 3/19/2011 - 1:48:36 PM - [5548355] ----D- C:\Program Files (x86)\GameGain
O43 - CFD: 9/19/2010 - 8:31:46 PM - [113910565] ----D- C:\Program Files (x86)\GIMP-2.0
O43 - CFD: 9/21/2010 - 1:12:18 PM - [20368051] ----D- C:\Program Files (x86)\GnuWin32
O43 - CFD: 5/26/2011 - 9:51:32 PM - [50244906] ----D- C:\Program Files (x86)\Google
O43 - CFD: 6/4/2011 - 1:00:38 AM - [1456891] ----D- C:\Program Files (x86)\Gyazo
O43 - CFD: 10/14/2010 - 1:44:54 PM - [61461506] ----D- C:\Program Files (x86)\Harmony Assistant
O43 - CFD: 2/12/2011 - 4:03:18 PM - [7545663] ----D- C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 2/23/2011 - 9:12:18 PM - [84732343] ----D- C:\Program Files (x86)\HP
O43 - CFD: 8/3/2011 - 3:25:14 AM - [2453590] ----D- C:\Program Files (x86)\IDoser v4
O43 - CFD: 8/10/2010 - 6:09:30 PM - [18254930] ----D- C:\Program Files (x86)\Illustrate
O43 - CFD: 2/18/2011 - 5:54:58 PM - [255133429] ----D- C:\Program Files (x86)\Image-Line
O43 - CFD: 1/5/2011 - 8:52:12 PM - [3964798] ----D- C:\Program Files (x86)\Inpaint
O43 - CFD: 6/2/2011 - 1:49:18 AM - [95299915] --H-D- C:\Program Files (x86)\InstallShield
Installation Information
O43 - CFD: 10/13/2009 - 12:13:06 AM - [61802315] ----D- C:\Program Files (x86)\Intel
O43 - CFD: 10/14/2011 - 7:22:36 AM - [6459368] ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 8/20/2010 - 2:08:02 PM - [4738245] ----D- C:\Program Files (x86)\Invisible Secrets 4
O43 - CFD: 1/6/2011 - 11:27:10 AM - [3603722] ----D- C:\Program Files (x86)\IP Locator
O43 - CFD: 7/2/2011 - 7:20:50 PM - [180047901] ----D- C:\Program Files (x86)\Java
O43 - CFD: 8/16/2010 - 10:33:04 PM - [16295712] ----D- C:\Program Files (x86)\JRE
O43 - CFD: 8/5/2010 - 5:53:46 PM - [22128697] ----D- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 9/11/2011 - 3:54:26 AM - [14709909] ----D- C:\Program Files (x86)\Laggsta
O43 - CFD: 9/7/2010 - 1:56:44 AM - [3129922] ----D- C:\Program Files (x86)\LanTricks
O43 - CFD: 6/2/2011 - 1:49:56 AM - [0] ----D- C:\Program Files (x86)\Lavalys
O43 - CFD: 5/14/2011 - 10:45:34 PM - [3808001312] ----D- C:\Program Files (x86)\League of
Legends
O43 - CFD: 8/5/2010 - 5:53:38 PM - [40758689] ----D- C:\Program Files (x86)\Leawo
O43 - CFD: 12/16/2010 - 1:55:42 AM - [57150748] ----D- C:\Program Files (x86)\LimeWire
O43 - CFD: 6/2/2011 - 1:47:16 AM - [69120] ----D- C:\Program Files (x86)\LowerPing
O43 - CFD: 6/4/2011 - 12:57:36 AM - [1835263] ----D- C:\Program Files (x86)\LunaWorX.net
O43 - CFD: 9/1/2011 - 3:53:16 AM - [12955481] ----D- C:\Program Files (x86)\Magic Reversi
O43 - CFD: 10/14/2010 - 1:20:14 PM - [969833388] ----D- C:\Program Files (x86)\MAGIX
O43 - CFD: 9/15/2011 - 8:44:56 AM - [7067177] ----D- C:\Program Files (x86)\Malwarebytes' AntiMalware
O43 - CFD: 8/9/2010 - 11:51:50 PM - [11463108] ----D- C:\Program Files (x86)\MediaCUB
O43 - CFD: 12/3/2010 - 8:36:14 AM - [50628438] ----D- C:\Program Files (x86)\Melody Assistant
O43 - CFD: 9/29/2011 - 4:31:46 PM - [1881672573] ----D- C:\Program Files (x86)\MetaTrader AAAFx
O43 - CFD: 8/16/2011 - 6:43:36 PM - [116096020] ----D- C:\Program Files (x86)\MetaTrader AAAFx -101010
O43 - CFD: 7/26/2011 - 8:09:12 PM - [71114102] ----D- C:\Program Files (x86)\MetaTrader - Alpari
UK
O43 - CFD: 1/25/2011 - 9:25:02 AM - [393828] ----D- C:\Program Files (x86)\MetaTrader 4
O43 - CFD: 10/21/2010 - 1:23:32 PM - [226432] ----D- C:\Program Files (x86)\Microsoft
O43 - CFD: 5/6/2011 - 11:43:26 AM - [9362570] ----D- C:\Program Files (x86)\Microsoft Games for
Windows - LIVE
O43 - CFD: 7/7/2011 - 1:39:16 PM - [659582930] ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 10/13/2009 - 12:39:54 AM - [7791803] ----D- C:\Program Files (x86)\Microsoft Office
Suite Activation Assistant
O43 - CFD: 10/14/2011 - 7:23:26 AM - [38412395] ----D- C:\Program Files (x86)\Microsoft
Silverlight
O43 - CFD: 10/21/2010 - 1:23:46 PM - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL
Server Compact Edition
O43 - CFD: 11/25/2010 - 10:42:28 AM - [14904] ----D- C:\Program Files (x86)\Microsoft Visual
Studio
O43 - CFD: 6/17/2010 - 11:59:02 AM - [1653489] ----D- C:\Program Files (x86)\Microsoft Visual
Studio 8
O43 - CFD: 12/16/2010 - 4:01:46 AM - [145421942] ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 11/25/2010 - 10:42:12 AM - [8175999] ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 10/16/2011 - 3:49:52 AM - [33768031] ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 11/25/2010 - 10:42:34 AM - [26521] ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 11/21/2010 - 5:04:46 AM - [27892223] ----D- C:\Program Files (x86)\MSECache
O43 - CFD: 7/2/2010 - 1:53:44 AM - [0] ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 10/19/2010 - 11:15:42 AM - [37736965] ----D- C:\Program Files (x86)\Mumble
O43 - CFD: 8/13/2010 - 10:23:36 PM - [26245238] ----D- C:\Program Files (x86)\N-Stalker
O43 - CFD: 10/31/2010 - 10:40:08 PM - [492289345] ----D- C:\Program Files (x86)\Nero
O43 - CFD: 7/12/2010 - 9:44:34 PM - [79307694] ----D- C:\Program Files (x86)\Net Tools
O43 - CFD: 10/13/2009 - 12:36:46 AM - [236339896] ----D- C:\Program Files (x86)\NewTech
Infosystems
O43 - CFD: 2/6/2011 - 1:36:44 AM - [14762174] ----D- C:\Program Files (x86)\Notepad++
O43 - CFD: 9/21/2011 - 3:37:18 PM - [154545563] ----D- C:\Program Files (x86)\NVIDIA
Corporation
O43 - CFD: 8/16/2010 - 10:33:02 PM - [388118328] ----D- C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 10/18/2010 - 10:27:42 PM - [4842354] ----D- C:\Program Files (x86)\OpenVPN
O43 - CFD: 2/18/2011 - 5:54:36 PM - [3632870] ----D- C:\Program Files (x86)\Outsim
O43 - CFD: 8/27/2010 - 2:48:46 AM - [7310126] ----D- C:\Program Files (x86)\Pando Networks
O43 - CFD: 10/26/2010 - 3:44:22 PM - [7177557] ----D- C:\Program Files (x86)\PC Drivers
HeadQuarters
O43 - CFD: 8/5/2010 - 2:44:10 PM - [149402916] ----D- C:\Program Files (x86)\Pinnacle
O43 - CFD: 1/18/2011 - 11:23:14 PM - [76322555] ----D- C:\Program Files (x86)\QuickTime
O43 - CFD: 6/2/2011 - 1:56:02 AM - [14436531] ----D- C:\Program Files (x86)\Realtek
O43 - CFD: 7/14/2009 - 7:32:40 AM - [39159041] ----D- C:\Program Files (x86)\Reference
Assemblies
O43 - CFD: 3/15/2011 - 6:20:14 PM - [25015340] ----D- C:\Program Files (x86)\Regensoft
O43 - CFD: 6/2/2011 - 1:45:54 AM - [8118730463] ----D- C:\Program Files (x86)\RIFT Beta
O43 - CFD: 5/8/2011 - 5:39:42 PM - [2084732] ----D- C:\Program Files (x86)\SensePost
O43 - CFD: 12/16/2010 - 9:25:46 AM - [2427502] ----D- C:\Program Files (x86)\Shareaza
Applications
O43 - CFD: 1/16/2011 - 1:01:28 PM - [5349413] ----D- C:\Program Files (x86)\Sheldon Solutions
O43 - CFD: 10/10/2011 - 10:21:10 PM - [39700833] ----D- C:\Program Files (x86)\ShiningMorning
O43 - CFD: 6/4/2011 - 12:23:14 AM - [3017147] ----D- C:\Program Files (x86)\SIW
O43 - CFD: 8/5/2011 - 9:58:22 PM - [17361122] R---D- C:\Program Files (x86)\Skype
O43 - CFD: 7/13/2010 - 2:06:14 AM - [2174874] ----D- C:\Program Files (x86)\Speed Gear
O43 - CFD: 6/4/2011 - 12:52:58 PM - [5629765] ----D- C:\Program Files (x86)\SpeedFan
O43 - CFD: 11/6/2010 - 8:15:02 PM - [2888585] ----D- C:\Program Files (x86)\SQL-Splitter
O43 - CFD: 9/28/2011 - 2:30:04 AM - [37927377342] ----D- C:\Program Files (x86)\Steam
O43 - CFD: 7/22/2011 - 11:30:18 PM - [7640925] ----D- C:\Program Files (x86)\Super macro
O43 - CFD: 3/21/2011 - 5:20:06 AM - [1850744] ----D- C:\Program Files
(x86)\SystemRequirementsLab
O43 - CFD: 9/29/2011 - 12:43:50 AM - [67165567] ----D- C:\Program Files (x86)\TeamSpeak 3
Client
O43 - CFD: 1/15/2011 - 7:23:24 PM - [59375743] ----D- C:\Program Files (x86)\TeamViewer
O43 - CFD: 12/23/2009 - 8:39:38 PM - [0] --H-D- C:\Program Files (x86)\Temp
O43 - CFD: 8/10/2011 - 3:14:54 AM - [340006] ----D- C:\Program Files (x86)\THV
O43 - CFD: 10/10/2011 - 9:46:38 PM - [658557] ----D- C:\Program Files (x86)\Toolbar Cleaner
O43 - CFD: 3/15/2011 - 3:56:06 AM - [3210631] ----D- C:\Program Files (x86)\TRADEOLOGYFX
O43 - CFD: 2/1/2011 - 1:36:38 AM - [77942] ----D- C:\Program Files (x86)\TweakNow RegCleaner
2011
O43 - CFD: 6/2/2011 - 1:49:18 AM - [12773413738] ----D- C:\Program Files (x86)\Ubisoft
O43 - CFD: 8/7/2010 - 1:31:26 AM - [6120] ----D- C:\Program Files (x86)\UltraVPN
O43 - CFD: 7/14/2009 - 6:57:08 AM - [0] --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 5/3/2011 - 10:56:48 AM - [12311098830] ----D- C:\Program Files (x86)\Valve
O43 - CFD: 2/23/2011 - 8:47:26 PM - [96547825] ----D- C:\Program Files (x86)\VaudTax2010
O43 - CFD: 10/16/2011 - 3:29:56 AM - [26121725] ----D- C:\Program Files (x86)\Vidalia Bundle
O43 - CFD: 6/4/2011 - 12:30:38 AM - [5091668] ----D- C:\Program Files (x86)\Video Card Stability
Test
O43 - CFD: 7/11/2010 - 1:42:24 AM - [84295693] ----D- C:\Program Files (x86)\VideoLAN
O43 - CFD: 9/9/2011 - 1:28:16 PM - [5760857] ----D- C:\Program Files (x86)\VPNFacile
O43 - CFD: 3/26/2011 - 10:40:22 PM - [126109166] ----D- C:\Program Files (x86)\VSTax 2010
O43 - CFD: 6/2/2011 - 1:48:44 AM - [0] ----D- C:\Program Files (x86)\VstPlugins
O43 - CFD: 5/26/2011 - 11:38:20 PM - [58032] ----D- C:\Program Files (x86)\Warsow 0.5
O43 - CFD: 10/11/2011 - 10:55:56 AM - [4479294] ----D- C:\Program Files (x86)\Webcam Simulator
O43 - CFD: 1/2/2009 - 1:54:32 AM - [524800] ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 10/21/2010 - 1:24:24 PM - [95688318] ----D- C:\Program Files (x86)\Windows Live
O43 - CFD: 8/8/2010 - 8:12:48 PM - [0] ----D- C:\Program Files (x86)\Windows Live Safety Center
O43 - CFD: 10/21/2010 - 1:23:18 PM - [245112] ----D- C:\Program Files (x86)\Windows Live
SkyDrive
O43 - CFD: 3/5/2011 - 11:44:56 PM - [6181376] ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 3/5/2011 - 11:44:56 PM - [5024017] ----D- C:\Program Files (x86)\Windows Media
Player
O43 - CFD: 7/14/2009 - 7:32:40 AM - [12197556] ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 3/5/2011 - 11:44:56 PM - [4417800] ----D- C:\Program Files (x86)\Windows Photo
Viewer
O43 - CFD: 3/5/2011 - 11:44:56 PM - [189952] ----D- C:\Program Files (x86)\Windows Portable
Devices
O43 - CFD: 3/5/2011 - 11:44:56 PM - [5994626] ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2/2/2011 - 12:45:48 AM - [237576] ----D- C:\Program Files (x86)\WinPcap
O43 - CFD: 8/5/2010 - 9:37:30 PM - [17243031] ----D- C:\Program Files (x86)\WMV to AVI MPEG
DVD WMV Converter
O43 - CFD: 4/14/2011 - 11:08:34 PM - [26997016] ----D- C:\Program Files (x86)\XericDesign
O43 - CFD: 9/7/2011 - 2:20:52 PM - [19945301] ----D- C:\Program Files (x86)\Xfire
O43 - CFD: 4/22/2011 - 12:41:46 PM - [126412] ----D- C:\Program Files (x86)\Xvid
O43 - CFD: 1/13/2011 - 4:18:42 AM - [45938045] ----D- C:\Program Files (x86)\Yahoo!
O43 - CFD: 8/7/2010 - 2:56:40 PM - [46135666] ----D- C:\Program Files (x86)\Your Freedom
O43 - CFD: 3/24/2011 - 1:36:12 PM - [24420889] ----D- C:\Program Files (x86)\Yuna Software
O43 - CFD: 2/18/2011 - 12:58:52 PM - [2467] --H-D- C:\Program Files (x86)\Zero G Registry
O43 - CFD: 10/16/2011 - 9:15:36 PM - [5442776] ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 1/25/2011 - 9:14:20 AM - [0] ----D- C:\Program Files (x86)\ZuluTrade Widget
O43 - CFD: 6/16/2011 - 2:31:54 AM - [2991385] ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 1/18/2011 - 11:19:10 PM - [30826314] ----D- C:\Program Files (x86)\Common
Files\Adobe AIR
O43 - CFD: 10/3/2010 - 4:10:20 AM - [54774793] ----D- C:\Program Files (x86)\Common Files\Apple
Files\AVSMedia
O43 - CFD: 2/10/2011 - 3:12:38 AM - [1125376] ----D- C:\Program Files (x86)\Common
Files\BitSpirit
Files\Blizzard Entertainment
Files\DESIGNER
O43 - CFD: 6/30/2010 - 4:32:46 PM - [24006656] ----D- C:\Program Files (x86)\Common Files\DivX
Shared
Files\EgisTec
Files\Hewlett-Packard
O43 - CFD: 2/23/2011 - 9:12:32 PM - [96932] ----D- C:\Program Files (x86)\Common Files\HP
Files\InstallShield
O43 - CFD: 7/2/2011 - 7:21:08 PM - [1258951] ----D- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 4/6/2011 - 3:45:52 PM - [517484] ----D- C:\Program Files (x86)\Common Files\LogiShrd
Files\MAGIX Services
Files\microsoft shared
Files\Nero
Files\Oberon Media
O43 - CFD: 6/30/2010 - 4:32:54 PM - [4740928] ----D- C:\Program Files (x86)\Common Files\PX
Storage Engine
O43 - CFD: 7/14/2009 - 5:20:10 AM - [2702] ----D- C:\Program Files (x86)\Common Files\Services
Files\SpeechEngines
O43 - CFD: 3/5/2011 - 2:10:02 AM - [822864] ----D- C:\Program Files (x86)\Common Files\Steam
Files\System
Files\Windows Live
O43 - CFD: 8/5/2010 - 2:44:10 PM - [316847] ----D- C:\Program Files (x86)\Common Files\Yahoo!
~ Scan Program Folder in 03mn AMs
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.43BDE0E4D96D8AD2FDA809D55E8B4698] - 10/11/2011 - 7:47:17 PM ---A- . (...)
-- C:\Windows\MEMORY.DMP [561210797]
O44 - LFC:[MD5.629CFB9AF8E55E84CDB6B54BBFA8EFE7] - 10/11/2011 - 9:55:55 AM ---A- . (...)
-- C:\Windows\PFRO.log [6628]
O44 - LFC:[MD5.AEBAB12A361ECAA93A6F31AFCDEA58CC] - 10/14/2011 - 6:24:12 AM ---A- . (...)
-- C:\Windows\SysNative\FNTCACHE.DAT [483088]
O44 - LFC:[MD5.AEBAB12A361ECAA93A6F31AFCDEA58CC] - 10/14/2011 - 6:24:12 AM RSHAD .
(...) -- C:\Windows\system32\FNTCACHE.DAT [483088]
O44 - LFC:[MD5.F0A19691294A13AA56B4D8F88C083E84] - 10/15/2011 - 4:23:56 PM ---A- . (...) -C:\Windows\system32\PerfStringBackup.INI [1646958]
O44 - LFC:[MD5.3882E0715FE163530668C146BCE7ECCE] - 10/15/2011 - 7:46:06 PM ---A- . (...) -C:\AdwCleaner[R1].txt [1147]
O44 - LFC:[MD5.CA094F26C3C366C2AD6F3DEA652582D6] - 10/15/2011 - 8:02:42 PM ---A- . (...) - C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.B308E3C689DE2C374C510315EBB41431] - 10/16/2011 - 4:15:00 PM -S-A- . (...) - C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.85F982638DDE1EC3987E5487127AE20D] - 10/16/2011 - 4:15:02 PM ---A- . (...) -C:\Windows\setupact.log [4444]
O44 - LFC:[MD5.DCC288DF0D77411B52C91C112C582D5F] - 10/16/2011 - 8:15:11 PM ---A- . (...) - C:\Windows\WindowsUpdate.log [1778587]
O44 - LFC:[MD5.DDCDFFCB31DB6272D7BDAF4BFEE90F47] - 10/16/2011 - 8:15:24 PM RSHAD .
(...) -- C:\Windows\system32\perfc009.dat [120514]
O44 - LFC:[MD5.1502F6130139CE4C05AA57FFF0ECFAB7] - 10/16/2011 - 8:15:24 PM RSHAD .
(...) -- C:\Windows\system32\perfc00C.dat [148252]
O44 - LFC:[MD5.A8A994B3B5913C30A782D899E4A320D1] - 10/16/2011 - 8:15:24 PM RSHAD .
(...) -- C:\Windows\system32\perfh009.dat [652810]
O44 - LFC:[MD5.CA56E7F3695351F1203BE873A3BDE998] - 10/16/2011 - 8:15:24 PM RSHAD .
(...) -- C:\Windows\system32\perfh00C.dat [745728]
O44 - LFC:[MD5.F0A19691294A13AA56B4D8F88C083E84] - 10/16/2011 - 8:15:50 PM ---A- . (...) -C:\Windows\SysNative\PerfStringBackup.INI [1690638]
O44 - LFC:[MD5.DDCDFFCB31DB6272D7BDAF4BFEE90F47] - 10/16/2011 - 8:15:50 PM ---A- . (...)
-- C:\Windows\SysNative\perfc009.dat [121704]
O44 - LFC:[MD5.1502F6130139CE4C05AA57FFF0ECFAB7] - 10/16/2011 - 8:15:50 PM ---A- . (...) -C:\Windows\SysNative\perfc00C.dat [149442]
O44 - LFC:[MD5.A8A994B3B5913C30A782D899E4A320D1] - 10/16/2011 - 8:15:50 PM ---A- . (...) -C:\Windows\SysNative\perfh009.dat [654832]
O44 - LFC:[MD5.CA56E7F3695351F1203BE873A3BDE998] - 10/16/2011 - 8:15:50 PM ---A- . (...) -C:\Windows\SysNative\perfh00C.dat [747802]
O44 - LFC:[MD5.1133A02C91FB85A00ED30EA886C3F3E0] - 4/28/2011 - 9:24:14 PM ---A- . (...) -C:\lol.mp3 [12948744]
O44 - LFC:[MD5.24BC466FACC5512EED3B9A437F762233] - 9/24/2011 - 12:48:28 PM ---A- . (...) -C:\01-raelsan.mp3 [7648314]
~ Scan Files in 11mn AMs
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super
VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume
Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote
d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP
Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI
Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP
Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote
d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys
~ Scan CSB in 00mn AMs
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{20476f48-c8f4-11df-8a81-90fba62e6b15}\AutoRun\command. (...) -- F:\autorun.exe
(.not file.)
O51 - MPSK:{ad736f35-635b-11e0-9d4c-90fba62e6b15}\AutoRun\command. (...) -- F:\setup.exe
(.not file.)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer
Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.FPS1"="frapsv64.dll" . (.Beepa P/L - Fraps.) --
C:\Windows\system32\frapsv64.dll
O52 - TDSD: \Drivers32\"VIDC.XFR1"="xfcodec64.dll" . (.Pas de propriétaire - Xfire Video Codec.)
-- C:\Windows\system32\xfcodec64.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3
Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) - C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"frapsv64.dll"="Fraps Video Decompressor" . (.Beepa P/L - Fraps.) -C:\Windows\system32\frapsv64.dll
O52 - TDSD: \drivers.desc\"xfcodec64.dll"="Xfire video codec [XFR1]" . (.Pas de propriétaire Xfire Video Codec.) -- C:\Windows\system32\xfcodec64.dll
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe
Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common
Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems
Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader
10.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\ArcadeDeluxeAgent [Key] . (...) -- C:\Program Files (x86)\Acer
Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\avgnt [Key] . (.Avira GmbH - Antivirus System Tray Tool.) -C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O53 - SMSR:HKLM\...\startupreg\BackupManagerTray [Key] . (.NewTech Infosystems, Inc. - Acer
Backup Manager.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup
Manager\BackupManagerTray.exe
O53 - SMSR:HKLM\...\startupreg\BrMfcWnd [Key] . (.Brother Industries, Ltd. - Brother Status
Monitor Application.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
O53 - SMSR:HKLM\...\startupreg\CachemanTray [Key] . (.Outertech - Cacheman Tray Icons.) -C:\Program Files (x86)\Cacheman\CachemanTray.exe
O53 - SMSR:HKLM\...\startupreg\ControlCenter3 [Key] . (.Brother Industries, Ltd. - ControlCenter
Program.) -- C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
O53 - SMSR:HKLM\...\startupreg\D-Link D-Link DWA-125 [Key] . (.D-Link Corp. - D-Link WLAN
Application.) -- C:\Program Files (x86)\D-Link\DWA-125 revA\AirGCFG.exe
O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.DT Soft Ltd - DAEMON Tools Lite.)
-- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
O53 - SMSR:HKLM\...\startupreg\DivX Download Manager [Key] . (.DivX, LLC - DivX Download
Manager Service.) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe
O53 - SMSR:HKLM\...\startupreg\DivXUpdate [Key] . (.Pas de propriétaire - DivX Update.) -C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O53 - SMSR:HKLM\...\startupreg\EgisTecLiveUpdate [Key] . (.Egis Technology Inc. - EgisUpdate
Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
O53 - SMSR:HKLM\...\startupreg\Global Registration [Key] . (.Acer Incorporated - Global
Registration.) -- C:\Program Files (x86)\Acer\Registration\GREG.exe
O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Programme d'installation
de Google.) -- C:\Users\ANONYMOUS\AppData\Local\Google\Update\GoogleUpdate.exe
O53 - SMSR:HKLM\...\startupreg\googletalk [Key] . (.Google - Google Talk.) -- C:\Program Files
(x86)\Google\Google Talk\googletalk.exe
O53 - SMSR:HKLM\...\startupreg\Hotkey Utility [Key] . (.Pas de propriétaire - Hotkey Utility.) -C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O53 - SMSR:HKLM\...\startupreg\IAAnotif [Key] . (.Intel Corporation - Event Monitor User
Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
O53 - SMSR:HKLM\...\startupreg\Invisible Secrets 4 [Key] . (...) -C:\PROGRA~2\INVISI~1\invtray.exe
O53 - SMSR:HKLM\...\startupreg\JMB36X IDE Setup [Key] . (...) -C:\Windows\RaidTool\xInsIDE.exe
O53 - SMSR:HKLM\...\startupreg\Malwarebytes' Anti-Malware [Key] . (.Malwarebytes Corporation
- Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' AntiMalware\mbamgui.exe
O53 - SMSR:HKLM\...\startupreg\Messenger (Yahoo!) [Key] . (.Yahoo! Inc. - Yahoo! Messenger.) -C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe
O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live
Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O53 - SMSR:HKLM\...\startupreg\mwlDaemon [Key] . (.Egis Technology Inc. - MyWinLocker.) -C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
O53 - SMSR:HKLM\...\startupreg\NortonOnlineBackupReminder [Key] . (...) -- C:\Program Files
(x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\PlayMovie [Key] . (...) -- C:\Program Files (x86)\Acer Arcade
Deluxe\PlayMovie\PMVService.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\PLD_FrameworkRun [Key] . (...) -c:\windows\system32\oem\setEvent.exe
O53 - SMSR:HKLM\...\startupreg\PlusService [Key] . (.Yuna Software - Messenger Plus! 5.) -C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -C:\Program Files (x86)\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - HD Audio Control
Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program
Files (x86)\Skype\Phone\Skype.exe
O53 - SMSR:HKLM\...\startupreg\Skytel [Key] . (.Realtek Semiconductor Corp. - Realtek Voice
Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O53 - SMSR:HKLM\...\startupreg\StartCCC [Key] . (...) -- C:\Program Files (x86)\ATI
Technologies\ATI.ACE\Core-Static\CLIStart.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Steam [Key] . (.Valve Corporation - Steam.) -- c:\program files
(x86)\steam\steam.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java(TM)
Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O53 - SMSR:HKLM\...\startupreg\VoipCheapCom [Key] . (...) -- C:\Program Files
(x86)\VoipCheapCom.com\VoipCheapCom\VoipCheapCom.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\WZCSLDR2 [Key] . (.Wireless Service - ANIWZCS2 launcher for
Windows..) -- C:\Program Files (x86)\D-Link\DWA-125 revA\WZCSLDR2.exe
~ Scan SMSR Keys in 00mn AMs
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation
- Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=255
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutorun"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDesktopCleanupWizard"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoThumbnailCache"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "DisableThumbnailsOnNetworkFolders"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=255
O56 - MWPE:[HKLM\...\policies\Explorer] - "LinkResolveIgnoreLinkInfo"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoResolveSearch"=1
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 6/10/2009 - 2:52:21 AM ---A- .
(.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -C:\Windows\system32\drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 7/13/2009 - 2:52:21 AM RSHAD .
(.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -C:\Windows\system32\drivers\adpahci.sys [339536]
O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 7/13/2009 - 2:52:21 AM RSHAD .
(.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -C:\Windows\system32\drivers\adpu320.sys [182864]
O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 7/14/2009 - 2:52:21 AM RSHAD .
(.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]
O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 4/27/2011 - 7:41:12 AM RSHAD .
(.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys
[107904]
O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 6/10/2009 - 2:52:20 AM RSHAD .
(.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -C:\Windows\system32\drivers\amdsbs.sys [194128]
O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 4/27/2011 - 7:41:12 AM RSHAD .
(.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys
[27008]
O58 - SDL:[MD5.4CCF421E6C4B2A4CBCE000715911F7CC] - 11/5/2010 - 6:10:10 PM RSHAD .
(.Pas de propriétaire - NDIS 6.0 Filter Driver.) -- C:\Windows\system32\drivers\anodlwfx.sys
[15872]
O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 7/13/2009 - 2:52:21 AM RSHAD .
(.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]
O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 7/13/2009 - 2:52:21 AM RSHAD .
(.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys
[97856]
O58 - SDL:[MD5.FB7602C5C508BE281368AAE0B61B51C6] - 12/7/2009 - 2:34:30 AM RSHAD .
(.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -C:\Windows\system32\drivers\AtiHdmi.sys [121872]
O58 - SDL:[MD5.B5FB227A09A9EC28163FA4B45487C3C7] - 12/7/2009 - 7:21:18 AM RSHAD .
(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -C:\Windows\system32\drivers\atikmdag.sys [6171136]
O58 - SDL:[MD5.C30B5FC0ADCDFBA7668E99BAF0CBF58E] - 6/17/2010 - 2:03:07 PM RSHAD .
(.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [74880]
O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 6/10/2009 - 9:34:23 PM RSHAD .
(.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -C:\Windows\system32\drivers\b57nd60a.sys [270848]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 7/14/2009 - 9:41:06 PM RSHAD .
(.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -C:\Windows\system32\drivers\BrFiltLo.sys [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 7/14/2009 - 9:41:06 PM RSHAD .
(.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -C:\Windows\system32\drivers\BrFiltUp.sys [8704]
O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 7/14/2009 - 2:19:07 AM RSHAD .
(.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -C:\Windows\system32\drivers\BrSerId.sys [286720]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 7/14/2009 - 9:41:10 PM RSHAD .
(.Brother Industries Ltd. - Brother Serial driver (WDM version).) -C:\Windows\system32\drivers\BrSerWdm.sys [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 7/14/2009 - 9:41:10 PM RSHAD .
(.Brother Industries Ltd. - Brother USB MDM Driver.) -C:\Windows\system32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 7/14/2009 - 9:41:10 PM RSHAD .
(.Brother Industries Ltd. - Brother USB Serial Driver.) -C:\Windows\system32\drivers\BrUsbSer.sys [14720]
O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 6/10/2009 - 9:34:28 PM RSHAD .
(.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -C:\Windows\system32\drivers\bxvbda.sys [468480]
O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 7/14/2009 - 2:52:31 AM RSHAD .
(.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys
[17488]
O58 - SDL:[MD5.EED1FBDE98CF5F6D5C0C5B27AB1F68EC] - 11/5/2010 - 12:36:48 PM RSHAD .
(.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -C:\Windows\system32\drivers\Dnetr28ux.sys [1061888]
O58 - SDL:[MD5.FB9BEF3401EE5ECC2603311B9C64F44A] - 4/10/2011 - 11:19:33 AM RSHAD .
(.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -C:\Windows\system32\drivers\dtsoftbus01.sys [254528]
O58 - SDL:[MD5.60C5B36E07BE8B3AF3911C3D10303CFE] - 7/28/2010 - 11:37:42 PM RSHAD .
(.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -C:\Windows\system32\drivers\e1k62x64.sys [301232]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 6/10/2009 - 2:47:48 AM RSHAD .
(.Emulex - Storport Miniport Driver for LightPulse HBAs.) -C:\Windows\system32\drivers\elxstor.sys [530496]
O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 6/10/2009 - 9:34:33 PM RSHAD .
(.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -C:\Windows\system32\drivers\evbda.sys [3286016]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 7/14/2009 - 9:31:59 PM RSHAD .
(.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -C:\Windows\system32\drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 3/5/2011 - 2:33:35 PM RSHAD .
(.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -C:\Windows\system32\drivers\HpSAMD.sys [78720]
O58 - SDL:[MD5.CE8EB53B5111042525620CA91A968447] - 7/28/2010 - 3:49:06 AM RSHAD .
(.Intel Corporation - NDIS 6.1 Advanced Networking Services..) -C:\Windows\system32\drivers\iANSW60e.sys [154088]
O58 - SDL:[MD5.1D004CB1DA6323B1F55CAEF7F94B61D9] - 10/13/2009 - 2:54:36 AM RSHAD .
(.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -C:\Windows\system32\drivers\iaStor.sys [408600]
O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 4/27/2011 - 7:41:26 AM RSHAD .
(.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -C:\Windows\system32\drivers\iaStorV.sys [410496]
O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 7/13/2009 - 2:48:04 AM RSHAD .
(.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -C:\Windows\system32\drivers\iirsp.sys [44112]
O58 - SDL:[MD5.81B0C6C43AB4909395E66E9805ED20F2] - 7/28/2010 - 11:47:26 PM RSHAD .
(.Intel Corporation - Intel(R) Network Adapter Diagnostic Driver.) -C:\Windows\system32\drivers\iqvw64e.sys [34472]
O58 - SDL:[MD5.1C368C1A2733DCC5B8E15420AA2B0F6D] - 6/30/2010 - 3:58:38 PM RSHAD .
(.JMicron Technology Corp. - JMicron JMB36X RAID Driver.) -C:\Windows\system32\drivers\jraid.sys [115312]
O58 - SDL:[MD5.00BA093A3F316D43A4C3E098A96AE912] - 4/6/2011 - 6:28:58 PM RSHAD .
(.Logitech, Inc. - Logitech Equad USB Driver..) -- C:\Windows\system32\drivers\LEqdUsb.sys
[74320]
O58 - SDL:[MD5.24E09882BA51B9830AE029888A3AAF18] - 4/6/2011 - 6:29:10 PM RSHAD .
(.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\system32\drivers\LHidFilt.Sys
[63568]
O58 - SDL:[MD5.2F94325D8C10E2B715F3D753C2422AAC] - 4/6/2011 - 6:29:32 PM RSHAD .
(.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\Windows\system32\drivers\LMouFilt.Sys
[57936]
O58 - SDL:[MD5.64AEB5790901EA8854884981F104CAA6] - 4/6/2011 - 2:46:10 PM RSHAD .
(.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -C:\Windows\system32\drivers\LNonPnP.sys [18960]
O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 7/13/2009 - 2:48:04 AM RSHAD .
(.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -C:\Windows\system32\drivers\lsi_fc.sys [114752]
O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 7/13/2009 - 2:48:04 AM RSHAD .
(.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -C:\Windows\system32\drivers\lsi_sas.sys [106560]
O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 7/13/2009 - 2:48:04 AM RSHAD .
(.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys
[65600]
O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 7/13/2009 - 2:48:04 AM RSHAD .
(.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -C:\Windows\system32\drivers\lsi_scsi.sys [115776]
O58 - SDL:[MD5.23A854450DAB5C9B7A42AB9BE6F2E4BD] - 7/12/2010 - 4:00:50 PM RSHAD .
(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -C:\Windows\system32\drivers\mbam.sys [25416]
O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 6/10/2009 - 2:48:04 AM RSHAD .
(.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -C:\Windows\system32\drivers\megasas.sys [35392]
O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 7/13/2009 - 2:48:04 AM RSHAD .
(.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -C:\Windows\system32\drivers\MegaSR.sys [284736]
O58 - SDL:[MD5.6FFECC25B39DC7652A0CEC0ADA9DB589] - 10/13/2009 - 12:15:30 PM RSHAD .
(.Egis Technology Inc. - PSD Filter Driver.) -- C:\Windows\system32\drivers\mwlPSDFilter.sys
[22576]
O58 - SDL:[MD5.0BEFE32CA56D6EE89D58175725596A85] - 10/13/2009 - 12:15:30 PM RSHAD .
(.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) -C:\Windows\system32\drivers\mwlPSDNserv.sys [20016]
O58 - SDL:[MD5.D43BC633B8660463E446E28E14A51262] - 10/13/2009 - 12:15:30 PM RSHAD .
(.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) -C:\Windows\system32\drivers\mwlPSDVDisk.sys [60464]
O58 - SDL:[MD5.D66596DB0A0739A89C25B590CE36D628] - 10/13/2009 - 11:56:08 PM RSHAD .
(.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -C:\Windows\system32\drivers\netr28x.sys [712704]
O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 7/13/2009 - 2:48:26 AM RSHAD .
(.IBM Corporation - IBM ServeRAID Controller Driver.) -C:\Windows\system32\drivers\nfrd960.sys [51264]
O58 - SDL:[MD5.351533ACC2A069B94E80BBFC177E8FDF] - 2/2/2011 - 6:07:26 PM RSHAD .
(.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -C:\Windows\system32\drivers\npf.sys [35344]
O58 - SDL:[MD5.64DDD0DEE976302F4BD93E5EFCC2F013] - 10/13/2009 - 12:46:08 AM RSHAD .
(.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -C:\Windows\system32\drivers\NTIDrvr.sys [18432]
O58 - SDL:[MD5.960E39A54E525DF58CB29193147DFFA1] - 6/2/2011 - 10:41:27 AM RSHAD .
(.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -C:\Windows\system32\drivers\nvhda64v.sys [174184]
O58 - SDL:[MD5.CC1EFEA1F0AB17E59BD4B5BAFF3E5CB0] - 8/9/2011 - 12:50:00 PM RSHAD .
(.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 280.26.) -C:\Windows\system32\drivers\nvlddmkm.sys [12909672]
O58 - SDL:[MD5.8C1D181480796D7D3366A9381FD7782D] - 3/21/2011 - 2:59:30 PM RSHAD .
(.NVIDIA Corp. - NVIDIA System Utility Driver.) -- C:\Windows\system32\drivers\nvoclk64.sys
[42088]
O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 4/27/2011 - 7:41:34 AM RSHAD .
(.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -C:\Windows\system32\drivers\nvraid.sys [148352]
O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 4/27/2011 - 7:41:34 AM RSHAD .
(.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -C:\Windows\system32\drivers\nvstor.sys [166272]
O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 6/10/2009 - 2:45:46 AM RSHAD .
(.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -C:\Windows\system32\drivers\ql2300.sys [1524816]
O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 7/13/2009 - 2:45:45 AM RSHAD .
(.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -C:\Windows\system32\drivers\ql40xx.sys [128592]
O58 - SDL:[MD5.135856AC71116CCFF05ED8481745241B] - 12/23/2009 - 11:12:56 AM RSHAD .
(.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -C:\Windows\system32\drivers\RTKVHD64.sys [1778592]
O58 - SDL:[MD5.BE29B0A3AC1E8BD02FFAB8CEE86BADFA] - 6/2/2011 - 3:11:42 PM RSHAD .
(.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -C:\Windows\system32\drivers\RtsUStor.sys [250984]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 7/14/2009 - 9:37:19 PM RSHAD .
(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -C:\Windows\system32\drivers\secdrv.sys [23040]
O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 6/10/2009 - 2:45:45 AM RSHAD .
(.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -C:\Windows\system32\drivers\sisraid2.sys [43584]
O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 7/13/2009 - 2:45:46 AM RSHAD .
(.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -C:\Windows\system32\drivers\sisraid4.sys [80464]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/26/2010 - 12:00:00 AM RSHAD .
(...) -- C:\Windows\system32\drivers\sptd.sys [834544]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 7/13/2009 - 2:45:55 AM RSHAD .
(.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -C:\Windows\system32\drivers\stexstor.sys [24656]
O58 - SDL:[MD5.F0B9D3ED88E56D3CD713DFF21E42AAF0] - 9/9/2011 - 10:21:06 AM RSHAD .
(.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -C:\Windows\system32\drivers\tap0901.sys [31232]
O58 - SDL:[MD5.EA43DE1743C1BA0D2D17B8DB90C91D88] - 10/22/2010 - 3:51:47 PM RSHAD .
(.TrueCrypt Foundation - TrueCrypt Driver.) -- C:\Windows\system32\drivers\truecrypt.sys
[230352]
O58 - SDL:[MD5.2E22C1FD397A5A9FFEF55E9D1FC96C00] - 10/13/2009 - 12:46:08 AM RSHAD .
(.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -C:\Windows\system32\drivers\UBHelper.sys [16896]
O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 7/14/2009 - 2:45:55 AM RSHAD .
(.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -C:\Windows\system32\drivers\viaide.sys [17488]
O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 6/10/2009 - 2:45:55 AM RSHAD .
(.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -C:\Windows\system32\drivers\vsmraid.sys [161872]
O58 - SDL:[MD5.5B01AF89D16D562825C4DB4530F20CBB] - 9/5/2010 - 7:53:02 AM ---A- .
(.Adaptec - ASPI for WIN32 Kernel Driver.) -- C:\Windows\SysWOW64\drivers\ASPI32.SYS [16877]
O58 - SDL:[MD5.20ED5DBEE3FB56FA7A272BE2A0970E58] - 6/17/2010 - 11:49:30 AM ---A- .
(.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\SysWOW64\drivers\ssmdrv.sys [28376]
O58 - SDL:[MD5.7455ED832A33FEF453407F5411C3342D] - 6/4/2011 - 12:03:58 PM ---A- .
(.Almico Software - Speed Fan x64 Driver.) -- C:\Windows\SysWOW64\speedfan.sys [25280]
~ Scan Drivers in 32mn AMs
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn AMs
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 3/6/2009 - C:\Windows\system32\DRIVERS\anodlwfx.sys - No object(No
service) .(.Pas de propriétaire - NDIS 6.0 Filter Driver.) - LEGACY_ANODLWF
O64 - Services: CurCS - 1/8/2009 - C:\Windows\system32\DRIVERS\avgntflt.sys - No object(No
service) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 12/18/2009 - C:\Program Files
(x86)\systemRequirementsLab\cpudrv64.sys - No object (No service) .(...) - LEGACY_CPUDRV64
O64 - Services: CurCS - 12/30/1899 C:\Users\ANONYM~1\AppData\Local\Temp\cpuz132\cpuz132_x64.sys (.not file.) - No object (No
service) .(...) - LEGACY_CPUZ132
O64 - Services: CurCS - 8/31/2011 - C:\Windows\system32\drivers\mbam.sys - No object(No
service) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 6/2/2009 - C:\Windows\system32\DRIVERS\mwlPSDFilter.sys - No
object(No service) .(.Egis Technology Inc. - PSD Filter Driver.) - LEGACY_MWLPSDFILTER
O64 - Services: CurCS - 6/2/2009 - C:\Windows\system32\DRIVERS\mwlPSDNServ.sys - No
object(No service) .(.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) LEGACY_MWLPSDNSERV
O64 - Services: CurCS - 6/2/2009 - C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys - No
object(No service) .(.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) LEGACY_MWLPSDVDISK
O64 - Services: CurCS - 6/25/2010 - C:\Windows\system32\drivers\npf.sys - No object(No service)
.(.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) - LEGACY_NPF
O64 - Services: CurCS - 12/18/2010 - C:\Windows\Syswow64\speedfan.sys - No object(No service)
.(.Almico Software - Speed Fan x64 Driver.) - LEGACY_SPEEDFAN
O64 - Services: CurCS - 12/30/1899 - C:\Windows\system32\Drivers\sptd.sys - No object (No
service) .(...) - LEGACY_SPTD
O64 - Services: CurCS - 10/22/2010 - C:\Windows\system32\drivers\truecrypt.sys - No object(No
service) .(.TrueCrypt Foundation - TrueCrypt Driver.) - LEGACY_TRUECRYPT
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Google Inc. - Google
Chrome.) -- C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google
Chrome.) -- C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation Éditeur du Registre.) -- C:\Windows\regedit.exe
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command]
(.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command]
(.Google Inc. - Google Chrome.) -C:\Users\ANONYMOUS\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command]
(.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet
Explorer\iexplore.exe
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Bing) http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} - (DAEMON
Search) - http://www.daemon-search.com
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.8A3F278E8F15843E8C738EDA0746824B] [SPRF][10/15/2011] (...) -C:\Users\ANONYMOUS\Desktop\adwcleaner0.exe [498502]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][2/22/2007] (.Microsoft Corporation Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program
Files\MessengerStatsPAClient.dll [304544]
[MD5.1E5CFDF9AEBDD84305A4C8154277A269] [SPRF][2/28/2007] (.Microsoft Corporation Zone.com Checkers for MSN Messenger.) -- C:\Windows\Downloaded Program Files\msgrchkr.dll
[131472]
~ Scan Files in 00mn AMs
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{46084C5B-CD98-4D84-8B9F-9F4A7FA405F8}" | In - Private - P6 - TRUE | .(.Yahoo!
Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O87 - FAEL: "{D9A26E9C-4A09-44F3-BD62-0D2E18514A36}" | In - Private - P17 - TRUE |
.(.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files
(x86)\Yahoo!\Messenger\YahooMessenger.exe
O87 - FAEL: "TCP Query User{26AA9DF5-3E7D-4920-AE53-CDE28617006E}C:\program files
(x86)\yahoo!\messenger\yahoomessenger.exe" | In - Public - P6 - TRUE | .(.Yahoo! Inc..) -C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe
O87 - FAEL: "UDP Query User{9D6E00AB-BBDE-4CE1-AE3A-EFD9F8548688}C:\program files
(x86)\yahoo!\messenger\yahoomessenger.exe" | In - Public - P17 - TRUE | .(.Yahoo! Inc..) -C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe
O87 - FAEL: "{12E8BCFF-3198-4F64-82B0-ECA04FD09BCA}" | In - Private - P6 - TRUE | .(.Valve
Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe
O87 - FAEL: "{1A4DF61B-415C-43D7-BD04-FB13B56B0F71}" | In - Private - P17 - TRUE | .(.Valve
Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe
O87 - FAEL: "{97ECCE57-1582-4B8E-B66D-C34836355168}" | In - Private - P6 - TRUE |
.(.Pinnacle Systems - Render Manager.) -- C:\Program Files
(x86)\Pinnacle\VideoSpin\Programs\RM.exe
O87 - FAEL: "{4D6D1882-CEE0-4994-B9E4-B1FC4FF89CC0}" | In - Private - P17 - TRUE |
.(.Pinnacle Systems - Render Manager.) -- C:\Program Files
(x86)\Pinnacle\VideoSpin\Programs\RM.exe
O87 - FAEL: "{FA9A9727-7D55-4539-BFE7-0D025D8A6C1B}" | In - Private - P6 - TRUE |
.(.Pinnacle Systems - umi.) -- C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
O87 - FAEL: "{5960A6C8-C6C4-4DB0-A766-D330421F58EC}" | In - Private - P17 - TRUE |
.(.Pinnacle Systems - umi.) -- C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
O87 - FAEL: "{F5110744-4D66-4D82-A177-1595FB6C3C6D}" | In - Private - P6 - TRUE |
.(.Pinnacle Systems - Pinnacle VideoSpin program file.) -- C:\Program Files
(x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
O87 - FAEL: "{EB737F10-E30D-4094-AA48-FF3AD163000D}" | In - Private - P17 - TRUE |
.(.Pinnacle Systems - Pinnacle VideoSpin program file.) -- C:\Program Files
(x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
O87 - FAEL: "TCP Query User{D6EA07CA-002B-4D32-AAC5-D062BF762E55}C:\program files
(x86)\your freedom\freedom.exe" | In - Private - P6 - TRUE | .(.resolution Reichert Network
Solutions GmbH.) -- C:\program files (x86)\your freedom\freedom.exe
O87 - FAEL: "UDP Query User{E4F09C91-5277-48FC-8057-28A019A95206}C:\program files
(x86)\your freedom\freedom.exe" | In - Private - P17 - TRUE | .(.resolution Reichert Network
Solutions GmbH.) -- C:\program files (x86)\your freedom\freedom.exe
O87 - FAEL: "TCP Query User{08A3A84FECDA-45B2-9BBF-70F8EE4E9CF0}C:\users\anonymous\desktop\rev-emu_9_8_3nologging\hl2.exe" | In - Private - P6 - TRUE | .(...) -- C:\users\anonymous\desktop\rev-emu_9_8_3nologging\hl2.exe
O87 - FAEL: "UDP Query User{B020856E-693C-46B5B223-0F63A8363485}C:\users\anonymous\desktop\rev-emu_9_8_3-nologging\hl2.exe" | In - Private
- P17 - TRUE | .(...) -- C:\users\anonymous\desktop\rev-emu_9_8_3-nologging\hl2.exe
O87 - FAEL: "{2577EABF-8779-4235-BDDC-F1035B9A4278}" | In - Public - P17 - TRUE | .(...) -C:\users\anonymous\desktop\rev-emu_9_8_3-nologging\hl2.exe
O87 - FAEL: "{A843CF9A-0E76-4520-AA19-CC434FDB15E0}" | In - Public - P6 - TRUE | .(...) -C:\users\anonymous\desktop\rev-emu_9_8_3-nologging\hl2.exe
O87 - FAEL: "{5381954D-E118-4569-AFA8-BC1187C93926}" | In - Domain - P6 - TRUE | .(.Pas de
propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media
Booster\PMB.exe
O87 - FAEL: "{60CA3ACB-374F-40FF-9D85-9C98CBB64F29}" | In - Domain - P17 - TRUE | .(.Pas
de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media
Booster\PMB.exe
O87 - FAEL: "{CC000F9B-4241-4229-9C2C-6554C98E40AA}" | In - Private - P6 - TRUE | .(.Pas de
Booster\PMB.exe
O87 - FAEL: "{C7670BCA-1F6E-4F96-A960-970E5663FEB8}" | In - Private - P17 - TRUE | .(.Pas de
Booster\PMB.exe
O87 - FAEL: "{038A226E-70EC-421D-BF6C-2CB27B90280B}" | In - None - P17 - TRUE | .(.Pas de
Booster\PMB.exe
O87 - FAEL: "{61765015-923E-4999-9281-BEABD680CA02}" | In - Private - P6 - TRUE | .(.Ubisoft
Entertainment - James Cameron's Avatar: The Game.) -- C:\Program Files (x86)\Ubisoft\James
Cameron's AVATAR - THE GAME\bin\Avatar.exe
O87 - FAEL: "{085E54DC-E684-4F63-8A11-44EC236F4D8D}" | In - Private - P17 - TRUE |
.(.Ubisoft Entertainment - James Cameron's Avatar: The Game.) -- C:\Program Files
(x86)\Ubisoft\James Cameron's AVATAR - THE GAME\bin\Avatar.exe
O87 - FAEL: "{F8499D17-2D64-417B-A549-EC7A886A2B81}" | In - Private - P6 - TRUE | .(.Ubisoft
- Autopatch system.) -- C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE
GAME\bin\AvatarLauncher.exe
O87 - FAEL: "{EF765F92-E644-40FE-8173-6DAC09BD0A5D}" | In - Private - P17 - TRUE |
.(.Ubisoft - Autopatch system.) -- C:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - THE
GAME\bin\AvatarLauncher.exe
O87 - FAEL: "TCP Query User{2B6A3413-8120-4B95-909B-19EE572081DC}C:\program files
(x86)\videolan\vlc\vlc.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files
(x86)\videolan\vlc\vlc.exe
O87 - FAEL: "UDP Query User{850DBFC2-B949-4A30-97F6-3D7B3979F964}C:\program files
(x86)\videolan\vlc\vlc.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files
O87 - FAEL: "{84F6E6B1-A536-409B-9972-8ACCF1BBDE6F}" | In - Public - P6 - TRUE | .(.Lime
Wire, LLC - LimeWire.) -- C:\Program Files (x86)\LimeWire\LimeWire.exe
O87 - FAEL: "{B9426EC9-5EDF-435E-99DC-0A74B042CD98}" | In - Public - P17 - TRUE | .(.Lime
Wire, LLC - LimeWire.) -- C:\Program Files (x86)\LimeWire\LimeWire.exe
O87 - FAEL: "TCP Query User{17BA47F3-C16E-4776-963D-EA382B96597C}C:\program files
(x86)\limewire\limewire.exe" | In - Private - P6 - TRUE | .(.Lime Wire, LLC - LimeWire.) -C:\program files (x86)\limewire\limewire.exe
O87 - FAEL: "UDP Query User{F4867381-DCB7-4234-A1C7-A61F5E952C57}C:\program files
(x86)\limewire\limewire.exe" | In - Private - P17 - TRUE | .(.Lime Wire, LLC - LimeWire.) -C:\program files (x86)\limewire\limewire.exe
O87 - FAEL: "{6F1D3A52-548F-4CEA-9E07-DECA347683EA}" | In - Private - P6 - TRUE | .(.Adobe
Systems Inc. - Adobe AIR Debug Launcher.) -- C:\Games\League of Legends\air\LolClient.exe
O87 - FAEL: "{636F65FB-529E-4B2A-A578-1DBEB6956770}" | In - Private - P17 - TRUE | .(.Adobe
Systems Inc. - Adobe AIR Debug Launcher.) -- C:\Games\League of Legends\air\LolClient.exe
O87 - FAEL: "{2BF0C792-A702-46AA-ACE0-04D803F23866}" | In - Private - P6 - TRUE | .(.Pas de
propriétaire - League of Legends (TM) Client.) -- C:\Games\League of Legends\game\League of
Legends.exe
O87 - FAEL: "{680116C4-317A-44BB-AE9C-D670E4A08E0E}" | In - Private - P17 - TRUE | .(.Pas
de propriétaire - League of Legends (TM) Client.) -- C:\Games\League of Legends\game\League of
Legends.exe
O87 - FAEL: "{70D74299-3F43-4CE5-B8C8-20B8FEFEA848}" | In - Private - P6 - TRUE | .(.Google
- Google Talk.) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe
O87 - FAEL: "{6B73D128-3145-48AA-95F8-E2720BBB41C0}" | In - Private - P17 - TRUE |
.(.Google - Google Talk.) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe
O87 - FAEL: "TCP Query User{5CB70304-B079-4566-84A8-AE7592866D6F}C:\program files
(x86)\java\jre6\bin\java.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM)
Platform SE binary.) -- C:\program files (x86)\java\jre6\bin\java.exe
O87 - FAEL: "UDP Query User{E9180C3E-00F4-4038-8848-72BD229373BD}C:\program files
(x86)\java\jre6\bin\java.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java(TM)
Platform SE binary.) -- C:\program files (x86)\java\jre6\bin\java.exe
O87 - FAEL: "TCP Query User{327C2775-3E98-4325-B013-E90A402D3483}C:\program files
(x86)\java\jre6\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM)
Platform SE binary.) -- C:\program files (x86)\java\jre6\bin\javaw.exe
O87 - FAEL: "UDP Query User{BD44EDE8-DB70-4851-B36D-FC7D58737CFE}C:\program files
(x86)\java\jre6\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc..) -- C:\program
files (x86)\java\jre6\bin\javaw.exe
O87 - FAEL: "TCP Query User{8202C1E4-83B9-451FB990-41F05613C287}C:\users\anonymous\appdata\local\google\chrome\application\chrome.exe" |
In - Private - P6 - TRUE | .(.Google Inc..) -C:\users\anonymous\appdata\local\google\chrome\application\chrome.exe
O87 - FAEL: "UDP Query User{56A3AE6C-47CD-4892BD46-84AA458D298E}C:\users\anonymous\appdata\local\google\chrome\application\chrome.exe"
| In - Private - P17 - TRUE | .(.Google Inc..) -C:\users\anonymous\appdata\local\google\chrome\application\chrome.ex
O87 - FAEL: "{3601BFBA-7CBF-47E8-9D34-6E797B760F91}" | In - Private - P6 - TRUE | .(...) -C:\Users\ANONYMOUS\Desktop\WoW-Private\World of Warcraft\Launcher.exe
O87 - FAEL: "{0F8C08A2-D372-4338-AF13-4F717064979C}" | In - Private - P17 - TRUE | .(...) -C:\Users\ANONYMOUS\Desktop\WoW-Private\World of Warcraft\Launcher.exe
O87 - FAEL: "{AEB256EB-F380-4EF7-A629-6512EFCA165B}" | In - Private - P6 - TRUE |
.(.Blizzard Entertainment - Blizzard Downloader.) -- C:\Users\ANONYMOUS\Desktop\WoWPrivate\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
O87 - FAEL: "{A0C29F4B-FD57-4D4F-9D47-F40BB1A48DD5}" | In - Private - P17 - TRUE |
.(.Blizzard Entertainment - Blizzard Downloader.) -- C:\Users\ANONYMOUS\Desktop\WoWPrivate\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
O87 - FAEL: "{8BF34398-3B5F-43C2-8E14-5C0DF0507087}" | In - Private - P6 - TRUE |
.(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files
(x86)\TeamViewer\Version6\TeamViewer.exe
O87 - FAEL: "{3A3B9158-90B8-443E-94CA-AC5492FA9C3E}" | In - Private - P17 - TRUE |
(x86)\TeamViewer\Version6\TeamViewer.exe
O87 - FAEL: "{31369C6F-FE9F-4E5C-9AF6-A0D93EA4694F}" | In - Private - P6 - TRUE |
(x86)\TeamViewer\Version6\TeamViewer_Service.exe
O87 - FAEL: "{EDC209CD-4CB5-4650-B480-4D76556A1685}" | In - Private - P17 - TRUE |
O87 - FAEL: "{4011DD8C-40CB-4A3E-8AD0-638A07AE3263}" | In - Private - P6 - TRUE |
.(.Blizzard Entertainment - Blizzard Launcher.) -- C:\Program Files\World of
Warcraft_OFFICIAL\Launcher.exe
O87 - FAEL: "{88198928-57C1-430E-B1E5-906C4669630E}" | In - Private - P17 - TRUE |
O87 - FAEL: "{8F2E4F88-5B29-4975-9161-62042CA7DA41}" | In - Private - P6 - TRUE |
.(.LANSPIRIT.NET - The powerful and easy-to-use BitTorrent Client.) -- C:\Program Files
(x86)\BitSpirit\BitSpirit.exe
O87 - FAEL: "{CCCAA4F2-79E6-4D15-9050-D4FC64402ED6}" | In - Private - P17 - TRUE |
.(.LANSPIRIT.NET - The powerful and easy-to-use BitTorrent Client.) -- C:\Program Files
(x86)\BitSpirit\BitSpirit.exe
O87 - FAEL: "TCP Query User{C5F4B046-C12F-4F35-B69B-316BB88F8A4E}C:\program files
(x86)\xfire\xfire.exe" | In - Private - P6 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\program files
(x86)\xfire\xfire.exe
O87 - FAEL: "UDP Query User{15737CCB-B6FF-421A-903E-8AB83DF7B2C1}C:\program files
(x86)\xfire\xfire.exe" | In - Private - P17 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\program files
O87 - FAEL: "{381165C8-8349-4109-BA3B-DC52B055AB72}" | In - Private - P6 - TRUE | .(.EA
Digital Illusions CE AB - Mirror's Edge™.) -- C:\Program Files
(x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe
O87 - FAEL: "{BE3B2E5B-B7AB-44DD-9757-FE3EA33AB494}" | In - Private - P17 - TRUE | .(.EA
O87 - FAEL: "{FEEBD638-E954-4C08-B122-D382F6B93C36}" | In - Private - P6 - TRUE | .(...) -C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA
Help\Electronic_Arts_Technical_Support.htm
O87 - FAEL: "{0D8141B7-E357-498A-A3D8-0DA2156C3020}" | In - Private - P17 - TRUE | .(...) --
C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA
O87 - FAEL: "{054D9E46-9106-41CD-932A-23D6AC5DAE3E}" | In - Private - P6 - TRUE | .(...) -C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
O87 - FAEL: "{3834B36D-567D-4B9C-91DC-94C03BEA0615}" | In - Private - P17 - TRUE | .(...) -C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
O87 - FAEL: "{FAB0404E-887F-43B0-9B24-FFE103732731}" | In - Private - P6 - TRUE | .(...) -C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
O87 - FAEL: "{BDD59CCA-00E3-47A0-99EE-C955F0CC13D0}" | In - Private - P17 - TRUE | .(...) -C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
O87 - FAEL: "{B7CE01E8-D2B9-47FD-ADDC-BC9274326310}" | In - Private - P6 - TRUE | .(...) -C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
O87 - FAEL: "{1B29AC5E-6FC9-440D-8E7F-E6F2095AEECE}" | In - Private - P17 - TRUE | .(...) -C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
O87 - FAEL: "{F8408F9E-7E92-40A7-949F-8B617A0238B6}" | In - Private - P6 - TRUE | .(...) -C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
O87 - FAEL: "{8194D5C0-03B2-40E1-9335-070A380E2214}" | In - Private - P17 - TRUE | .(...) -C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
O87 - FAEL: "{15FA6913-5D11-4C2C-8AEB-28676A437237}" | In - Private - P6 - TRUE | .(.Ubisoft
Entertainment - UPlayBrowser Application.) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed
Brotherhood\UPlayBrowser.exe
O87 - FAEL: "{0724E1D1-31A6-431B-B9B4-8B3063EEAE3E}" | In - Private - P17 - TRUE |
.(.Ubisoft Entertainment - UPlayBrowser Application.) -- C:\Program Files (x86)\Ubisoft\Assassin's
Creed Brotherhood\UPlayBrowser.exe
O87 - FAEL: "TCP Query User{2F82D1D4-8C2A-4F2F-BCEA-A44771FEB777}C:\program files
(x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" | In - Public - P6 - TRUE | .(...) -- C:\program
files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe
O87 - FAEL: "UDP Query User{F311FEB5-3881-4624-97BE-0B65BF797C3C}C:\program files
(x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" | In - Public - P17 - TRUE | .(...) -C:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe
O87 - FAEL: "TCP Query User{E5CF1DD0-002F-41FC-B322-59DD1E86D587}C:\program files
(x86)\videolan\vlc\vlc.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files
O87 - FAEL: "UDP Query User{A3338DCF-8EE1-4058-B4B3-EBAC7D2C5BF9}C:\program files
(x86)\videolan\vlc\vlc.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files
O87 - FAEL: "TCP Query User{8FBA596B-D81D-4B02-A3AF-D9272F3BA9AD}C:\program files
(x86)\google\google earth\plugin\geplugin.exe" | In - Public - P6 - TRUE | .(.Google - Google Earth.)
-- C:\program files (x86)\google\google earth\plugin\geplugin.exe
O87 - FAEL: "UDP Query User{E71C8D4C-04A4-4B88-9A97-5B96B1F99589}C:\program files
(x86)\google\google earth\plugin\geplugin.exe" | In - Public - P17 - TRUE | .(.Google.) -- C:\program
files (x86)\google\google earth\plugin\geplugin.exe
O87 - FAEL: "{7F12D06C-3F34-4DD1-B106-EAFD86D8D7EA}" | In - Public - P6 - TRUE | .(.Valve Half-Life Launcher.) -- C:\Program Files (x86)\Steam\steamapps\deglingoss57\condition
zero\hl.exe
O87 - FAEL: "{681D4967-5C72-4AFE-B3CD-68C912558103}" | In - Public - P17 - TRUE | .(.Valve Half-Life Launcher.) -- C:\Program Files (x86)\Steam\steamapps\deglingoss57\condition
zero\hl.exe
O87 - FAEL: "{0E7D04D6-EF7B-4F48-9E2D-C6032BACBE9A}" | In - Public - P6 - TRUE |
.(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-
config.com\x64\maconfservice.exe
O87 - FAEL: "{3C364538-80F8-4CD4-B7E5-A81BC466E41B}" | In - Public - P17 - TRUE |
.(.CybelSoft - Service de détection matériel.) -- C:\Program Files\maconfig.com\x64\maconfservice.exe
O87 - FAEL: "TCP Query User{CF89D32A-5B86-4B1C-82E9C78F820801F7}C:\users\anonymous\appdata\local\google\chrome\application\chrome.exe" | In Public - P6 - TRUE | .(.Google Inc..) -C:\users\anonymous\appdata\local\google\chrome\application\chrome.exe
O87 - FAEL: "UDP Query User{E12CDBF9-7514-453C-B7FEEC19A3F2A7B3}C:\users\anonymous\appdata\local\google\chrome\application\chrome.exe" | In Public - P17 - TRUE | .(.Google Inc..) -C:\users\anonymous\appdata\local\google\chrome\application\chrome.exe
O87 - FAEL: "TCP Query User{9B34C55C-6785-4270-8374-EAF8FE3EB0BA}C:\program files
(x86)\valve\portal 2\portal2.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files
(x86)\valve\portal 2\portal2.exe
O87 - FAEL: "UDP Query User{7BBDAE48-212E-4C39-8BEE-B8A82FBDF9E9}C:\program files
(x86)\valve\portal 2\portal2.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files
O87 - FAEL: "{67F89404-292C-4EC6-AABD-68D6A1C9D1F8}" | In - Private - P6 - TRUE | .(...) -C:\Program Files (x86)\League of Legends\lol.launcher.exe
O87 - FAEL: "{630B5442-91A4-4747-B578-66742B158472}" | In - Private - P17 - TRUE | .(...) -C:\Program Files (x86)\League of Legends\lol.launcher.exe
O87 - FAEL: "{4789815A-EF19-469E-A123-EEE8A09F4ED0}" | In - Private - P6 - TRUE | .(...) -C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{1F7CABD5-DDCF-4A5F-97F8-F39A2E5B772D}" | In - Private - P17 - TRUE | .(...) -C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{65DC441D-C258-4AA0-AEAA-51B41A758C01}" | In - Private - P6 - TRUE | .(...) -C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{9EADBDD6-2595-4B20-AA3B-CD40B12D03C4}" | In - Private - P17 - TRUE | .(...) -C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{7BC27EF3-172D-4324-85ED-3513AA40EF05}" | In - Private - P6 - TRUE | .(.Valve Half-Life Launcher.) -- C:\Program Files (x86)\Steam\steamapps\deglingoss57\condition
zero\hl.exe
O87 - FAEL: "{6340F5E8-8647-4C2B-BA58-B3EB85A97FA0}" | In - Private - P17 - TRUE | .(.Valve
- Half-Life Launcher.) -- C:\Program Files (x86)\Steam\steamapps\deglingoss57\condition
zero\hl.exe
O87 - FAEL: "{D62C6C05-8711-4C04-A19F-505BEBBFC79D}" | In - Private - P6 - TRUE |
O87 - FAEL: "{5EA5E5B3-3A57-48F4-9F89-058546076EC5}" | In - Private - P17 - TRUE |
O87 - FAEL: "{BE423BA4-ACC4-48F7-8477-B4174526741A}" | In - Private - P6 - TRUE | .(...) -C:\Program Files (x86)\Steam\steamapps\common\thief deadly shadows\System\runme.exe
O87 - FAEL: "{F3DE9BB7-2355-4F5A-BD2A-EAC1106C3C8F}" | In - Private - P17 - TRUE | .(...) -C:\Program Files (x86)\Steam\steamapps\common\thief deadly shadows\System\runme.exe
O87 - FAEL: "TCP Query User{0040E398-1CFD-4B78-B73F-93990608BE45}C:\program files
(x86)\dsnet corp\atube catcher 2.0\yct.exe" | In - Private - P6 - TRUE | .(.DsNET.) -- C:\program
files (x86)\dsnet corp\atube catcher 2.0\yct.exe
O87 - FAEL: "UDP Query User{944C70A8-BF4A-4C54-81E8-F8E767BB03FB}C:\program files
(x86)\dsnet corp\atube catcher 2.0\yct.exe" | In - Private - P17 - TRUE | .(.DsNET.) -- C:\program
files (x86)\dsnet corp\atube catcher 2.0\yct.exe
O87 - FAEL: "TCP Query User{3F1BB156-A3D6-4FF2-81EE-8313321C2B19}C:\program
files\world of warcraft_official\backgrounddownloader.exe" | In - Private - P6 - TRUE | .(.Blizzard
Entertainment.) -- C:\program files\world of warcraft_official\backgrounddownl
O87 - FAEL: "UDP Query User{A227F9E5-8F61-43B9-B399-5E4514F5D22C}C:\program
files\world of warcraft_official\backgrounddownloader.exe" | In - Private - P17 - TRUE | .(.Blizzard
Entertainment.) -- C:\program files\world of warcraft_official\backgrounddown
O87 - FAEL: "{772FA3BB-E467-42FE-9F62-AB07329B32B9}" | In - Private - P6 - FALSE |
.(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe
O87 - FAEL: "{1DA8C75C-4F19-455E-8077-FE4CED1AA32F}" | In - Private - P17 - FALSE |
O87 - FAEL: "{C84F532C-FE7C-4EBE-8F2B-0F60888F7DD9}" | In - Private - P6 - TRUE | .(.Valve Half-Life Launcher.) -- C:\Program Files (x86)\Steam\steamapps\deglingoss57\counter-strike\hl.exe
O87 - FAEL: "{CF7BED37-3D15-489A-893A-3908BA9F38C7}" | In - Private - P17 - TRUE | .(.Valve
- Half-Life Launcher.) -- C:\Program Files (x86)\Steam\steamapps\deglingoss57\counterstrike\hl.exe
O87 - FAEL: "{8382E228-C2F6-4654-9661-C13F6600698E}" | In - None - P17 - TRUE | .(.Skype
Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O87 - FAEL: "{CEE9D9C3-0AF6-4638-BE41-CFCBAC08A62B}" | In - Public - P6 - TRUE |
O87 - FAEL: "{622AB38B-5A7C-46A3-B522-24B0411FE261}" | In - Public - P17 - TRUE |
O87 - FAEL: "TCP Query User{24B7878C-B843-44CE-8846-B0668B040598}C:\program
files\world of warcraft_official\backgrounddownloader.exe" | In - Public - P6 - TRUE | .(.Blizzard
Entertainment.) -- C:\program files\world of warcraft_official\backgrounddownlo
O87 - FAEL: "UDP Query User{6378775F-B93F-424B-8402-247C51FF8C53}C:\program
files\world of warcraft_official\backgrounddownloader.exe" | In - Public - P17 - TRUE | .(.Blizzard
Entertainment.) -- C:\program files\world of warcraft_official\backgrounddownl
O87 - FAEL: "{ED687E8B-9DE3-408F-AA51-7D0BBF632A90}" | In - Public - P6 - FALSE |
O87 - FAEL: "{AABC406A-DF49-45AD-8EA3-01A7702E8F0B}" | In - Public - P17 - FALSE |
O87 - FAEL: "{F1677CEC-155B-4DF2-9DC2-1CBCFB781A42}" | In - Public - P6 - TRUE | .(...) -C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed Brotherhood\ACBSP.exe
O87 - FAEL: "{29164446-5F36-44CC-9D05-C7349596E205}" | In - Public - P17 - TRUE | .(...) -C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed Brotherhood\ACBSP.exe
O87 - FAEL: "{959783FA-523F-4F29-BB38-C2D22D3F5EBF}" | In - Public - P6 - TRUE | .(...) -C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{639C2461-36A4-43D1-8FA7-55BB5F0D2096}" | In - Public - P17 - TRUE | .(...) -C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{1B15BC3B-F57A-40DF-8AD7-61EFB8A4F6E1}" | In - Public - P6 - TRUE | .(...) -C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{6E2D8AC3-D5AC-4D81-8365-81AA7CDD8A97}" | In - Public - P17 - TRUE | .(...) --
C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{CA15FE2B-EA8F-4132-BEB1-91F0C77C4364}" | In - Public - P6 - TRUE | .(...) -C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
O87 - FAEL: "{BCE7369D-BB0F-49E3-A300-0BFED3F958CD}" | In - Public - P17 - TRUE | .(...) -C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
O87 - FAEL: "TCP Query User{A520FD53-7895-4450-98E8-59FA4033262A}C:\program files
(x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe" | In - Public - P6 - TRUE
| .(...) -- C:\program files (x86)\steam\steamapps\common\assassins creed brot
O87 - FAEL: "UDP Query User{0228FC3E-61D6-4A60-A35D-48CF37879AE7}C:\program files
(x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe" | In - Public - P17 TRUE | .(...) -- C:\program files (x86)\steam\steamapps\common\assassins creed bro
O87 - FAEL: "TCP Query User{31B75038-4FD0-44E3-81EA-945969A9F73E}C:\program files
(x86)\steam\steamapps\common\assassins creed brotherhood\uplaybrowser.exe" | In - Public - P6 TRUE | .(.Ubisoft Entertainment.) -- C:\program files (x86)\steam\steamapps\
O87 - FAEL: "UDP Query User{B2F9D945-183A-4C96-9396-950A83AA540A}C:\program files
(x86)\steam\steamapps\common\assassins creed brotherhood\uplaybrowser.exe" | In - Public - P17
- TRUE | .(.Ubisoft Entertainment.) -- C:\program files (x86)\steam\steamapps
O87 - FAEL: "{CC60F9A6-5562-44D9-AA66-E0711147B77F}" | In - Public - P6 - TRUE | .(.EA
O87 - FAEL: "{E302D35F-ACB0-4871-90ED-1E0774CAE930}" | In - Public - P17 - TRUE | .(.EA
O87 - FAEL: "{F1DF9078-231C-4E14-BDC8-C4FD00927F9A}" | In - Public - P6 - TRUE | .(...) -C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA
O87 - FAEL: "{E5FDE733-A7A3-4904-A302-D94F8C62B4A8}" | In - Public - P17 - TRUE | .(...) -C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Support\EA
O87 - FAEL: "TCP Query User{8940F6F6-B4CE-4F31-84ED-A9E3571A81A5}C:\program files
(x86)\xfire\xfire.exe" | In - Public - P6 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\program files
O87 - FAEL: "UDP Query User{EDF3D38F-A935-4454-A8BE-9AC0A8128406}C:\program files
(x86)\xfire\xfire.exe" | In - Public - P17 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\program files
O87 - FAEL: "TCP Query User{D2A6A6FA-2A17-47B5-BAE0-927201F9BE1E}C:\program files
(x86)\steam\steamapps\common\assassins creed brotherhood\acbsp.exe" | In - Private - P6 - TRUE
| .(...) -- C:\program files (x86)\steam\steamapps\common\assassins creed bro
O87 - FAEL: "UDP Query User{4C4624EF-B8A6-478A-BDB3-74380642981C}C:\program files
(x86)\steam\steamapps\common\assassins creed brotherhood\acbsp.exe" | In - Private - P17 TRUE | .(...) -- C:\program files (x86)\steam\steamapps\common\assassins creed br
O87 - FAEL: "TCP Query User{AB2456B6-6D6E-4F2F-B6DF-AB6BDB4AD8F1}C:\program files
(x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe" | In - Private - P6 - TRUE
| .(...) -- C:\program files (x86)\steam\steamapps\common\assassins creed bro
O87 - FAEL: "UDP Query User{416CCD21-8FE0-4ACA-832A-E8FE3BA19C5E}C:\program files
(x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe" | In - Private - P17 TRUE | .(...) -- C:\program files (x86)\steam\steamapps\common\assassins creed br
O87 - FAEL: "TCP Query User{F269843B-27EC-4D4D-9DB3-2295FAEBD4AC}C:\program files
(x86)\valve\portal 2\portal2.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files
O87 - FAEL: "UDP Query User{C6AF61BA-E379-46FB-8866-9C69870F43E7}C:\program files
(x86)\valve\portal 2\portal2.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files
O87 - FAEL: "{3B4CD1C1-B83A-4085-BAF0-CD19BA20F76A}" | In - Private - P6 - TRUE | .(.Curse
- Curse Client.) -C:\Users\ANONYMOUS\AppData\Local\Apps\2.0\MC48VRY1.1ZC\3CJPQ65G.CQ6\curs..tion_eee71
1038731a406_0004.0000_0d453ed5fea2fe48\CurseClient.exe
O87 - FAEL: "{8F361E62-5E36-4BFE-94A1-0408124D70D5}" | In - Private - P17 - TRUE |
.(.Curse.) -C:\Users\ANONYMOUS\AppData\Local\Apps\2.0\MC48VRY1.1ZC\3CJPQ65G.CQ6\curs..tion_eee71
O87 - FAEL: "TCP Query User{726BDFAC-569C-4235-92FE-0E1A1068DB1E}C:\program files
(x86)\bitspirit\bitspirit.exe" | In - Public - P6 - TRUE | .(.LANSPIRIT.NET.) -- C:\program files
(x86)\bitspirit\bitspirit.exe
O87 - FAEL: "UDP Query User{4698BE12-D0BF-4279-B7EA-C6FE88F6EEE9}C:\program files
(x86)\bitspirit\bitspirit.exe" | In - Public - P17 - TRUE | .(.LANSPIRIT.NET.) -- C:\program files
(x86)\bitspirit\bitspirit.exe
O87 - FAEL: "TCP Query User{46991755-A486-4AD3-A9E9-B3E221E3FD5E}C:\program files
(x86)\bitcoin\bitcoin.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files
(x86)\bitcoin\bitcoin.exe
O87 - FAEL: "UDP Query User{7B3D3FD9-383D-4310-A573-57370097D343}C:\program files
(x86)\bitcoin\bitcoin.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files
(x86)\bitcoin\bitcoin.exe
O87 - FAEL: "{E62F6301-0B80-4817-A577-2735FCE3743D}" | In - Public - P6 - TRUE | .(.Curse Curse Client.) -C:\Users\ANONYMOUS\AppData\Local\Apps\2.0\MC48VRY1.1ZC\3CJPQ65G.CQ6\curs..tion_eee71
O87 - FAEL: "{CE4C97FD-24DB-4119-9297-0B372DA27583}" | In - Public - P17 - TRUE | .(.Curse Curse Client.) -C:\Users\ANONYMOUS\AppData\Local\Apps\2.0\MC48VRY1.1ZC\3CJPQ65G.CQ6\curs..tion_eee71
~ Scan Firewall in 03mn AMs
---\\ Scan Additionnel (O88)
Database Version : 8762 - (05/10/2011)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 0
[HKLM\Software\Wow6432Node\Xfire\OpenCandy] =>Adware.OpenCandy
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aacc132-4136-9e9a-4e364a424e17} =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{32099aacc132-4136-9e9a-4e364a424e17} =>Toolbar.Agent
C:\Program Files (x86)\DAEMON Tools Toolbar =>Toolbar.Agent
~ Scan Additionnel in 12mn AMs
---\\ Recherche détournement de DNS routeur (O89)
Serveur : google-public-dns-a.google.com
Address: 8.8.8.8
Nom : www.l.google.com
Addresses: 209.85.148.104
209.85.148.106
209.85.148.103
209.85.148.99
209.85.148.105
209.85.148.147
Aliases: www.google.fr
www.google.com
~ Scan DNS in 02mn AMs
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 5/15/2011 675128 | (AcuWVSSchedulerv7) . (.Acunetix Ltd..) - C:\Program Files
(x86)\Acunetix\Web Vulnerability Scanner 7\WVSScheduler7.exe
SR - | Auto 6/16/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program
Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 12/7/2009 202752 | (AMD External Events Utility) . (.AMD.) C:\Windows\system32\atiesrxx.exe
SR - | Auto 6/17/2010 108289 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files
(x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 6/17/2010 185089 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files
(x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 4/28/2011 235872 | (CachemanService) . (.Outertech.) - C:\Program Files
(x86)\Cacheman\CachemanServ.exe
SS - | Auto 3/22/2011 126976 | (D_Link_DWA-125) . (.Wireless Service.) - C:\Program Files (x86)\DLink\DWA-125 revA\ANIWZCSdS.exe
SS - | Auto 40960 | (D_Link_DWA-125_WPS) . (...) - C:\Program Files (x86)\D-Link\DWA-125
revA\ANIWConnService.exe
SS - | Auto 10/14/2010 1220608 | (Fabs) . (.MAGIX AG.) - C:\Program Files (x86)\Common
Files\MAGIX Services\Database\bin\FABS.exe
SS - | Demand 10/14/2010 3276800 | (FirebirdServerMAGIXInstance) . (.MAGIX®.) - C:\Program
Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
SR - | Auto 10/13/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files
(x86)\Acer\Registration\GregHSRW.exe
SS - | Auto 4/6/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 4/6/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 10/13/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files
(x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SS - | Demand 6/2/2011 420864 | (maconfservice) . (.CybelSoft.) - C:\Program Files\maconfig.com\x64\maconfservice.exe
SR - | Auto 9/14/2011 366152 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files
(x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 10/13/2009 305448 | (MWLService) . (.Egis Technology Inc..) - C:\Program Files
(x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
SR - | Auto 10/31/2010 503080 | C:\Program Files (x86)\Nero\Update\NASvc.exe (NAUpdate) .
(.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SS - | Demand 10/13/2009 935208 | Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) .
(.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 10/13/2009 62208 | (NTI IScheduleSvc) . (.NewTech Infosystems, Inc..) - C:\Program
Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
SR - | Auto 3/21/2011 276584 | (nTuneService) . (.NVIDIA.) - C:\Program Files (x86)\NVIDIA
Corporation\nTune\nTuneService.exe
SR - | Auto 4/20/2011 980072 | (NVSvc) . (.NVIDIA Corporation.) C:\Windows\system32\nvvsvc.exe
SR - | Auto 4/12/2011 2255464 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files
(x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
SS - | Demand 36352 | (OpenVPNService) . (...) - C:\Program Files
(x86)\OpenVPN\bin\openvpnserv.exe
SR - | Auto 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SS - | Demand 0 | Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (...) %ProgramFiles(x86)%\WinPcap\rpcapd.exe
SS - | Demand 7/9/2010 411432 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files
(x86)\Common Files\Steam\SteamService.exe
SR - | Auto 8/9/2011 379496 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files
(x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 5/31/2011 2337144 | (TeamViewer6) . (.TeamViewer GmbH.) - C:\Program Files
SR - | Auto 10/13/2009 240160 | (Updater Service) . (.Acer.) - C:\Program Files\Acer\Acer
Updater\UpdaterService.exe
SR - | Auto 7/14/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft
Corporation.) - C:\Windows\system32\svchost.exe
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
device: opened successfully
user: error reading MBR
Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ Scan MBR in 07mn AMs
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 09mn AMs
End of the scan (2113 lines in 30mn AMs)(0)

Rapport de ZHPDiag v1.28.1367 par Nicolas Coolman

Transcription

Documents pareils

Rapport de ZHPDiag v1.31.095 par Nicolas Coolman, Update du 24

Rapport de ZHPDiag v1.28.2155 par Nicolas Coolman, Update du

Web Browser - Forums CNET France

Rapport de ZHPDiag v2015.1.9.4

SeafLog.txt - Bloc-notes scan pour danakil

1. RASHED, R., et Chr. HOUZEL - Recherche et

Windows 8 - CDRom non reconnu Tapez dans l`invite