domipj

Member
  • Content Count

    23
  • Joined

  • Last visited

Everything posted by domipj

  1. Hello Guys, I just runt EMISOFT Emergency Kit and I have been alert on this virus in this directory : \DosDevices\PhysicalDrive4 The message said that the sofware is not allowed to clean it to avoid destruction of the system Win. Can you help me to clean this signature ? Thank you for your answers Dominique
  2. AdwCleaner[S19].txt AdwCleaner[S18].txt AdwCleaner[S15].txt RKreport_SCN_03102018_105008.json RKreport_DEL_03102018_163544.json RKreport_SCN_03112018_225657.json RKreport_SCN_03122018_160538.json
  3. This Disk is a datas disk That run very good. I did a check disk earlier of all my Disks and I didn't have any pb. This is not the C:\ Disk and not the cause of my slow speed. when I run Marlwarebyte I have every time PUM and PUP signatures. Also regular PUP with AdwCleaner or Roguekiller. I just run a check disk again of the disk 3
  4. The partition was not marked as active. So I did it and now doing a check disk. Will send new a new report of FRST Addition_08-03-2018 08.39.25.txt FRST_08-03-2018 08.39.25.txt
  5. Ok Kevin! Addition.txt FRST.txt
  6. Hello Kevin, You're right the was a disk not link but now I think it is ok. But my machine is very slow. It looks that Kaspersky cleaner cleaned the rootkit but nothing really better. What do you want me to do ?
  7. Thank you Kevin for your reply. Here are the files for you best regards scan_180223-063740.txt Addition.txt FRST.txt
  8. Bonjour, y a t'il quelqu'un qui puisse m'aider ? J'ai le virus mentionne en objet ( Rootkit Vrabber A) . Sur deux machines. win7 et Win7 X64. Comment dois-je m'y prendre j'ai essaye plusieur chose mais rien n'y fait. Je joins deux rapports fait avec ZHPDiag. Merci pour votre aide Dominique PierreJustin
  9. ok, I did all the task.Did not read the doc yet but I will do it ! Thanks a lot for your nefficient help. If you need any report or feed back just say it. good luck Kevin
  10. Sorry Kevin, Im not shure wich one was the smart because I had to restart the machine because of a driver troubble. Waiting for your feedback
  11. EAM i ok in smart scan and looks ok in deep scan also. do you need the report ?
  12. dear Sir, here is the document report. Im running now the emisoft anti-virus. let me know what to do with the dirty files.
  13. The machine stop alone Kevin. And every time I try to run combofix it seem that it creat troubble with the video card. Now I m just after Kaspersky operation? How shall I continue ? Shall I start emisoft anti virus again? Thank's
  14. Kevin, Is it possible to reset the machine ? So I can use it for my work ? Thank's for ur answer Dominique
  15. Now I profit befor your answer that the machine run for more than one hour. Shat shal I do ?
  16. Kevin, The combofix run now more than 30' and internet is nt accessible. What to do please. The soft is still running
  17. Hello Kevin, I disable the emisoft antivirus but combofix send le message that antivirus and antispywhere are still activ. The program can continue at my own risks
  18. Sorry for ne new topic, I didn't understand write.! Dominique
  19. Ok Kevin here for your the reports dominique
  20. Hello Kevin ok Kevin this is made on both machine
  21. domipj

    Rootkit ?

    Bonjour, comment puis-je enlever le Rootkit " Bootkit.MBR.Vrabber.A (Bootimage) B" Sur une mahcine windows 7 et une machine windows7 X64? Je joins le ZHPdiag car je ne peux up loader. Rapport de ZHPDiag v1.31.31 par Nicolas Coolman, Update du 19/10/2012 Run by UranusDominique at 18/11/2012 18:28:55 Web site : http://nicolascoolman.skyrock.com/ State : Version à jour. UAC : Not Found or deactivate by user ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 GCIE: Google Chrome v23.0.1271.64 (Defaut) ---\\ Windows Product Information ~ Langage: Français Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows® 7, OEM_COA_NSLP channel Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Information ~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3697 MB (65% free) System Restore: Désactivé (Disabled) System drive C: has 687 GB (77%) free of 886 GB ---\\ Logged in mode ~ Computer Name: URANUS ~ User Name: UranusDominique ~ All Users Names: UranusDominique, UpdatusUser, HomeGroupUser$, Guest, Administrator, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\UranusDominique\AppData\Roaming\ ~ %Desktop% : C:\Users\UranusDominique\Desktop\ ~ %Favorites% : C:\Users\UranusDominique\Favorites\ ~ %LocalAppData% : C:\Users\UranusDominique\AppData\Local\ ~ %StartMenu% : C:\Users\UranusDominique\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 687 Go of 886 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 131 Go of 736 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 40 Go of 466 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 103 Go of 195 Go) G:\ CD-ROM drive (Not Inserted) H:\ Hard drive, Flash drive, Thumb drive (Free 976 Go of 977 Go) O:\ CD-ROM drive (Free 0 Go of 6 Go) P:\ CD-ROM drive (Not Inserted) Q:\ CD-ROM drive (Not Inserted) R:\ CD-ROM drive (Free 0 Go of 0 Go) ---\\ Security Center & Tools Informations ~ UAC deactivate by user [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 12:30:54.) -- C:\Windows\Explorer.exe [2616320] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Windows Start-Up Application.) (.14/07/2009 - 08:14:45.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.9CB0D2A9A77D91D9614355EE9FF00519] - (.Microsoft Corporation - Internet Extensions for Win32.) (.08/10/2012 - 14:48:03.) -- C:\Windows\System32\wininet.dll [1129472] [MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Windows Logon Application.) (.21/11/2010 - 04:29:06.) -- C:\Windows\System32\Winlogon.exe [286720] [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Software Licensing Library.) (.21/11/2010 - 04:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536] [MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 09:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 08:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584] [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 06:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656] [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544] [MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336] [MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544] [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - i8042 Port Driver.) (.14/07/2009 - 06:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896] [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 06:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888] [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 09:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904] [MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904] [MD5.0D87503986BB3DFED58E343FE39DDE13] - (.Microsoft Corporation - NT File System Driver.) (.01/09/2012 - 00:18:09.) -- C:\Windows\system32\Drivers\ntfs.sys [1211760] [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Parallel Port Driver.) (.14/07/2009 - 06:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 06:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848] [MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:29:49.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632] [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 06:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168] [MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752] [MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.21/11/2010 - 04:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 0/1 ~ Mes musiques (My Musics) : 0/43 ~ Mes Videos (My Video) : 0/1 ~ Mes Favoris (My Favorites) : 0/19 ~ Mes Documents (My Documents) : 0/56 ~ Mon Bureau (My Desktop) : 0/2517 ~ Menu demarrer (Programs) : 0/28 ~ Scan Hidden Files in 00mn 02s ---\\ Processus lancés [MD5.9048E39550CD6599F98673B4437D0E4C] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9742952] [PID.3448] [MD5.8943465BEFA91044227D42E84ECB8280] - (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048] [PID.3472] [MD5.AF14865688616679CD9A66FC7B5F1752] - (.Emsisoft GmbH - Background Guard.) -- C:\Program Files\Emsisoft Anti-Malware\a2guard.exe [3364264] [PID.] [MD5.6A9805891AAEFE2CE3E7EE2C02EFA516] - (.FarStone Technology Inc. - VirtualDrive VDTask.) -- C:\Program Files\FarStone\VirtualDrive\vdtask.exe [170512] [PID.3524] [MD5.9D197E4D8D7ED5302609808CD21D56C0] - (.Logicool Co. Ltd. - Logicool WingMan Event Monitor.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe [153672] [PID.3588] [MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040] [PID.3612] [MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3696] [MD5.D610CDEDF1F702EB0A86B0FBD9BB49E5] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1820520] [PID.2400] [MD5.883B2E1341E5BE906A7507308A6636DF] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240] [PID.4988] [MD5.56873D899C0707AA017AA2D74EC190AE] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [3770368] [PID.4404] [MD5.BDDCA154AA28B38429BC9134F6AC5792] - (.Collect3 PTY LTD - Video Stream.) -- C:\Program Files\VideoStream\VideoStream.exe [2989568] [PID.4412] [MD5.E327C0DE1D7013BE360881801C0AB0FA] - (.Emsisoft GmbH - Emsisoft Anti-Malware Service.) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe [3084176] [PID.] [MD5.EB5A13F9139F20AD71ADF4BF79C3AA29] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.9.) -- C:\Windows\system32\nvvsvc.exe [645992] [PID.] [MD5.F0359F7CE712D69ACEF0886BDB4792ED] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [382824] [PID.] [MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.] [MD5.C71F2B4D0151CFEDE5D405C5D60B6FCE] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [864616] [PID.] [MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.] [MD5.AFFF9B106DB80D85FAEE14D47ECFC3CD] - (.Intel® Corporation - Intel® Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [462088] [PID.] [MD5.1987570CF9A7F4DD9806D886393336F1] - (.Intel Corporation - Intel® PROSet Monitoring Service.) -- C:\Windows\system32\IProsetMonitor.exe [112968] [PID.] [MD5.5B7DE9D87B9D2713BDD6A53678DC2A49] - (.Intel Corporation - Intel® Dynamic Application Loader Host In.) -- C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720] [PID.] [MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.] [MD5.0AB254994A460550258446950BB58311] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [14904] [PID.] [MD5.E70FD0D2C95F559A17321D831875593D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe [277824] [PID.] [MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Microsoft Software Protection Platform Serv.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.] [MD5.C485FB802F6C4A306B8F89BA087E5CA2] - (.Intel Corporation - User Notification Service.) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe [365376] [PID.] ~ Scan Processes Running in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\UranusDominique\AppData\Local\Google\Chrome\User Data\Default\Preferences G0 - GCSP: Preference [user Data\Default][HomePage] http://www.igoogle.fr G0 - GCSP: Preference [user Data\Default] http://www.igoogle.fr G1 - GCS: Preference [user Data\Default] None ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42] - (.Intel Corporation - Intel web components for Intel® Identity Protection Technology.) -- C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll P2 - FPN: [HKLM] [@intel-webapi.intel.com/Intel WebAPI updater] - (.Intel Corporation - Intel web components updater - Installs and updates the Intel web comp.) -- C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.9.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Windows\system32\npDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.9.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.9.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win # 6.5.0.3.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10329.0.) -- c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation - NVIDIA 3D Vision plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation - NVIDIA 3D Vision Streaming plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.2".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.2".) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} Clé orpheline O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Clé orpheline O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} Clé orpheline O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} Clé orpheline O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} Clé orpheline O2 - BHO: (no name) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} Clé orpheline ~ Scan BHO in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [iAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe O4 - HKLM\..\Run: [NUSB3MON] . (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe O4 - HKLM\..\Run: [emsisoft anti-malware] . (.Emsisoft GmbH - Background Guard.) -- c:\program files\emsisoft anti-malware\a2guard.exe O4 - HKLM\..\Run: [VirtualDrive] . (.FarStone Technology Inc. - VirtualDrive VDTask.) -- C:\Program Files\FarStone\VirtualDrive\VDTask.exe O4 - HKLM\..\Run: [start WingMan Profiler] . (.Logicool Co. Ltd. - Logicool WingMan Event Monitor.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe O4 - HKLM\..\Run: [WheelMouse] . (.Pas de propriétaire - Mouse Start Program.) -- C:\Stinger Mouse Driver\wh_exec.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\RunOnce: [FsVdInstReboot] Clé orpheline O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-2303954919-2537596544-1179146069-1000\..\Run: [sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\UranusDominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\UranusDominique\Desktop\JoystickSDKDemo - Shortcut.lnk . (.Logitech Inc..) -- C:\Program Files\Logitech\Gaming Software\Joystick\JoystickSDKDemo.exe O4 - Global Startup: C:\Users\UranusDominique\Desktop\SteeringWheelSDKDemo - Shortcut.lnk . (.Logitech Inc..) -- C:\Program Files\Logitech\Gaming Software\SteeringWheel\SteeringWheelSDKDemo.exe O4 - Global Startup: C:\Users\UranusDominique\Desktop\ZHPDiag.lnk . (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe O4 - Global Startup: C:\Users\UranusDominique\Desktop\ZHPFix.lnk . (...) -- C:\Program Files\ZHPDiag\ZHPFix.exe O4 - Global Startup: C:\Users\UranusDominique\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\EaseUS Partition Master 9.1.1 Home Edition.lnk . (.EaseUS.) -- C:\Program Files\EaseUS\EaseUS Partition Master 9.1.1 Home Edition\bin\epm0.exe O4 - Global Startup: C:\Users\UranusDominique\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk . (.Emsisoft GmbH.) -- C:\Program Files\Emsisoft Anti-Malware\a2start.exe O4 - Global Startup: C:\Users\UranusDominique\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Global Startup in 00mn 01s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ Scan IE Control Panel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: S&end to OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO O9 - Extra button: S&end to OneNote - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - E-mail Naming Shim Provider.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers2.touslesdrivers.com/maconfig/MaConfig_6_0_3_0.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{668399F5-EBB4-4590-8F3D-02FDD50F74C4}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CS1\Services\Tcpip\..\{668399F5-EBB4-4590-8F3D-02FDD50F74C4}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CS2\Services\Tcpip\..\{668399F5-EBB4-4590-8F3D-02FDD50F74C4}: NameServer = 8.8.8.8,8.8.4.4 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\System32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\System32\mshtml.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\System32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\System32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\System32\mshtml.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ Scan SSODL in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Emsisoft Anti-Malware 6.0 - Service (a2AntiMalware) . (.Emsisoft GmbH - Emsisoft Anti-Malware Service.) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® Capability Licensing Service In (Intel® Capability Licensing Service Interface) . (.Intel® Corporation - Intel® Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® PROSet Monitoring Service (Intel® PROSet Monitoring Service) . (.Intel Corporation - Intel® PROSet Monitoring Service.) - C:\Windows\system32\IProsetMonitor.exe O23 - Service: Intel® Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel® Dynamic Application Loader Host In.) - C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: Intel® Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.9.) - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Intel® Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ Scan Keys in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] [APT] [{5D48D111-297B-47D6-9E7D-1B62AE93A11F}] (...) -- C:\Users\UranusDominique\AppData\Local\Temp\Temp1_Stinger_driver_v1.0_9x_me_2k_xp_vista32-64.zip\setup.exe (.not file.) [MD5.07E09D95AFDA096BFD4C06EF51DEC558] [APT] [{A95E9DEE-867B-4B71-8A04-FCC3FBC88AB0}] (.Logitech.) -- C:\Users\UranusDominique\Downloads\lgs510.exe [MD5.4413423665E7E49DC056AE9B725B22EC] [APT] [{C786FE64-0749-4B5A-93EC-F7753C82E25C}] (...) -- O:\Installer_Windows.exe [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe ~ Scan Scheduled Task in 00mn 04s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- C:\Windows\System32\iedkcs32.dll O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Windows Theme API.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Microsoft Internet Explorer FTP Folder Shell Extension.) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r32.) -- C:\Windows\system32\Macromed\Flash\Flash10c.ocx ~ Scan Active Setup in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (A2DDA) . (.Emsi Software GmbH - Emsisoft Direct Disk Access Support Driver.) - C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys O41 - Driver: (a2injectiondriver) . (.Emsisoft GmbH - Emsisoft Anti-Malware Behavior Blocker.) - C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys O41 - Driver: (a2util) . (.Emsi Software GmbH - a-squared Malware-IDS utility driver.) - C:\Program Files\Emsisoft Anti-Malware\a2util32.sys O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - QoS Packet Scheduler.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: (SAVRKBootTasks) . (.Sophos Plc - Sophos boot tasks for Windows 2000.) - C:\Windows\system32\SAVRKBootTasks.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {A80FA752-C491-4ED9-ABF0-4278563160B2} O42 - Logiciel: [email protected] Partition Manager - (.LSoft Technologies Inc.) [HKLM] -- {A98E3354-AD08-427C-A0AC-32221A3E6598} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems, Inc..) [HKLM] -- {B7B3E9B3-FB14-4927-894B-E9124509AF5A} O42 - Logiciel: Adobe Reader 9.5.2 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A95000000001} O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {F5266D28-E0B2-4130-BFC5-EE155AD514DC} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {D4DDFAA1-EC37-4529-AD5B-A433ADE68662} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} O42 - Logiciel: Assistant Publication de sites Web Microsoft 1.53 - (.Pas de propriétaire.) [HKLM] -- WebPost O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B} O42 - Logiciel: EaseUS Partition Master 9.1.1 Home Edition - (.EaseUS.) [HKLM] -- EaseUS Partition Master Home Edition_is1 O42 - Logiciel: Emsisoft Anti-Malware - (.Emsi Software GmbH.) [HKLM] -- {BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {3E8A20E1-223F-11E2-9116-B8AC6F98CCE3} O42 - Logiciel: HP Customer Participation Program 14.0 - (.HP.) [HKLM] -- HPExtendedCapabilities O42 - Logiciel: HP Imaging Device Functions 14.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP Officejet 7000 E809a Series - (.HP.) [HKLM] -- {44E1D9AA-2A0E-48B8-BA26-136C2149C8AD} O42 - Logiciel: HP Photo Creations - (.HP.) [HKLM] -- HP Photo Creations O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing O42 - Logiciel: HP Solution Center 14.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3} O42 - Logiciel: Intel® Control Center - (.Intel Corporation.) [HKLM] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421} O42 - Logiciel: Intel® Desktop Utilities - (.Intel Corporation.) [HKLM] -- {F01CBA59-B5BD-4608-A834-1CBE8C292A71} O42 - Logiciel: Intel® Integrator Assistant - (.Intel Corporation.) [HKLM] -- {D1A35687-AEA9-422C-B237-FC4F8136B6F6} O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Intel® Network Connections 17.4.95.0 - (.Intel.) [HKLM] -- PROSetDX O42 - Logiciel: Intel® Network Connections 17.4.95.0 - (.Intel.) [HKLM] -- {D54ADF6B-2164-4394-AF70-2778422E9DD8} O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM] -- {BCED7487-44BC-487C-94CF-824AB27909E0} O42 - Logiciel: Java 7 Update 9 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217009FF} O42 - Logiciel: Logitech Gaming Software 5.10 - (.Logitech.) [HKLM] -- {60D32CDC-E3BE-4578-BA10-29322307CDDC} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC} O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {FE4EA1FF-DBA7-4B04-821F-0AC5BE292C5D} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4} O42 - Logiciel: Microsoft Office Access MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Access Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Groove MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Groove Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0114-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office OneNote MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC} O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual Basic 6.0 Édition Entreprise (Français) - (.Pas de propriétaire.) [HKLM] -- Visual Basic 6.0 Édition Entreprise (fra) O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} O42 - Logiciel: Mobile Mouse Server - (.RPA Tech, Inc.) [HKLM] -- {5AB36A6C-27A8-4CB1-89A1-9D05F3F16625} O42 - Logiciel: NVIDIA 3D Vision Controller Driver 306.97 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB O42 - Logiciel: NVIDIA 3D Vision Driver 306.97 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision O42 - Logiciel: NVIDIA Graphics Driver 306.97 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: NVIDIA HD Audio Driver 1.3.18.0 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8} O42 - Logiciel: NVIDIA PhysX System Software 9.12.0604 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo O42 - Logiciel: NVIDIA Update 1.10.8 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: Navigraph nDAC 3 - (.Navigraph.) [HKLM] -- {F9217D1C-DF96-4C23-8B43-EC60B9C40CB1} O42 - Logiciel: Node.js - (.Joyent, Inc. and other Node contributors.) [HKLM] -- {C622026F-6461-4C8F-9A92-1EF8D5290EF3} O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL O42 - Logiciel: PCmover OEM Express - (.Laplink Software, Inc..) [HKLM] -- {1EE14CC2-ED85-4EEA-8714-A31C86AF3769} O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Renesas Electronics USB 3.0 Host Controller Driver - (.Renesas Electronics Corporation.) [HKLM] -- InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996} O42 - Logiciel: Renesas Electronics USB 3.0 Host Controller Driver - (.Renesas Electronics Corporation.) [HKLM] -- {5442DAB8-7177-49E1-8B22-09A049EA5996} O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2604121 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656351 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656368v2 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656405 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2686827 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2729449 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2737019 O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5DD3FF90-B302-45B2-A188-C5EA7ACD5D46} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D33B9EF5-3801-496A-A2D6-B7F4BE972D75} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B145DBBB-7778-4A5D-9D2B-DA6569F02391} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E34960DB-2A93-45DB-A208-02650F7AB09C} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2623A96B-78E5-42CC-AB55-6A3969B32E36} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{293FB6BE-D3EB-4162-B522-F9108040B9FE} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2B3C041A-A7F2-4A24-968D-4BEB6A123D15} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{43171CAD-DC60-4E7B-9703-B2EC18001B9F} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C8F44A46-5C2F-43D8-A0E7-B32E098EDA63} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3579CE34-B225-4B19-A3AF-DE5F562A212F} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EF5B5C7F-20CB-4A3A-AC3D-F5DE2C2BFDC7} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{488F0918-97F9-4CD0-8AD5-8986A46AC962} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Editi - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8F311D6C-D8DD-4C32-9457-1A129CABD1A5} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AEA16A27-0B97-4670-818F-A98D06EC0A6F} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edit - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A8732F0-C20F-4A9B-A2A9-66FE7A586C35} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71190DF4-8724-4A56-9054-AE97FDC57115} O42 - Logiciel: Sequoia F8.L Falco - (.X-Aviation.) [HKLM] -- Sequoia F8.L Falco 1.2 O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies O42 - Logiciel: Sophos Anti-Rootkit 1.5.0 - (.Sophos Plc.) [HKLM] -- Sophos-AntiRootkit O42 - Logiciel: Stinger Mouse Driver 6.0.0.002 - (.Pas de propriétaire.) [HKLM] -- WheelMouse O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217 O42 - Logiciel: Update for Microsoft Office 2007 Help for Common Features (KB963673) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42} O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{620E77C0-CDFE-4C14-AAEB-830ABB65864C} O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8153EC80-C988-4336-8DAF-6D99C0D26E0C} O42 - Logiciel: Update for Microsoft Office Access 2007 Help (KB963663) - (.Microsoft.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987} O42 - Logiciel: Update for Microsoft Office Excel 2007 Help (KB963678) - (.Microsoft.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9} O42 - Logiciel: Update for Microsoft Office Infopath 2007 Help (KB963662) - (.Microsoft.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63} O42 - Logiciel: Update for Microsoft Office OneNote 2007 Help (KB963670) - (.Microsoft.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5DB2894C-2DA4-4DEF-A051-795AE799964A} O42 - Logiciel: Update for Microsoft Office Outlook 2007 Help (KB963677) - (.Microsoft.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784} O42 - Logiciel: Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-B - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{9832AED0-6A0C-4311-9227-FC9CB54F87DD} O42 - Logiciel: Update for Microsoft Office Powerpoint 2007 Help (KB963669) - (.Microsoft.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876} O42 - Logiciel: Update for Microsoft Office Publisher 2007 Help (KB963667) - (.Microsoft.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F} O42 - Logiciel: Update for Microsoft Office Script Editor Help (KB963671) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C} O42 - Logiciel: Update for Microsoft Office Word 2007 Help (KB963665) - (.Microsoft.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726} O42 - Logiciel: VideoStream Server v1.0.3.3 - (.Pas de propriétaire.) [HKLM] -- VideoStream Server_is1 O42 - Logiciel: VirtualDrive Pro - (.FarStone Technology Inc..) [HKLM] -- {EEE22184-B53C-4B87-9F5B-53638160B966} O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {0840B4D6-7DD1-4187-8523-E6FC0007EFB7} O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {0F6F6876-6334-4977-B5DD-CFC12E193420} O42 - Logiciel: pThreads GC2 - (.pThreads.) [HKLM] -- {B72F78A5-1733-47B3-AF79-16EA358A59F3}_is1 ---\\ HKCU & HKLM Software Keys [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\BasicScript Program Settings] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Collect3 PTY LTD] [HKCU\Software\ESET] [HKCU\Software\EaseUS] [HKCU\Software\FarStone] [HKCU\Software\Google] [HKCU\Software\HP] [HKCU\Software\Hewlett-Packard] [HKCU\Software\JC] [HKCU\Software\JavaSoft] [HKCU\Software\Joyent] [HKCU\Software\Laplink] [HKCU\Software\Logitech] [HKCU\Software\Macromedia] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\Spearit] [HKCU\Software\Trolltech] [HKCU\Software\Visan] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\cybelsoft] [HKLM\Software\AGEIA Technologies] [HKLM\Software\ATI Technologies] [HKLM\Software\Adobe] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\CBSTEST] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\DTS] [HKLM\Software\Emsi Software GmbH] [HKLM\Software\Eset] [HKLM\Software\FarStone] [HKLM\Software\GEAR Software] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\ICE] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\LSoft Technologies Inc] [HKLM\Software\Laplink] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\McAfee] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\Navigraph] [HKLM\Software\ODBC] [HKLM\Software\Policies] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RocketLife] [HKLM\Software\SRS Labs] [HKLM\Software\SonicFocus] [HKLM\Software\Sonic] [HKLM\Software\SourceCodeControlProvider] [HKLM\Software\Spearit] [HKLM\Software\Visan] [HKLM\Software\Volatile] [HKLM\Software\WOW6432Node] [HKLM\Software\Waves Audio] [HKLM\Software\X-Aviation] [HKLM\Software\Zenographics] [HKLM\Software\cybelsoft] [HKLM\Software\lameme] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 26/10/2012 - 06:05:00 - [96,457] ----D C:\Program Files\Adobe O43 - CFD: 24/10/2012 - 16:07:46 - [1,086] ----D C:\Program Files\Air Mouse O43 - CFD: 28/10/2012 - 05:01:30 - [2,316] ----D C:\Program Files\Apple Software Update O43 - CFD: 28/10/2012 - 05:03:58 - [0,602] ----D C:\Program Files\Bonjour O43 - CFD: 28/10/2012 - 12:39:31 - [479,530] ----D C:\Program Files\Common Files O43 - CFD: 12/04/2011 - 09:24:54 - [79,361] ----D C:\Program Files\DVD Maker O43 - CFD: 04/11/2012 - 12:01:59 - [37,140] ----D C:\Program Files\EaseUS O43 - CFD: 18/11/2012 - 18:25:32 - [271,879] ----D C:\Program Files\Emsisoft Anti-Malware O43 - CFD: 25/10/2012 - 04:33:06 - [46,338] ----D C:\Program Files\FarStone O43 - CFD: 11/11/2012 - 08:58:38 - [518,491] ----D C:\Program Files\Google O43 - CFD: 11/11/2012 - 09:17:51 - [155,739] ----D C:\Program Files\HP O43 - CFD: 11/11/2012 - 09:18:12 - [0,428] ----D C:\Program Files\HP Photo Creations O43 - CFD: 04/11/2012 - 08:46:29 - [19,889] ----D C:\Program Files\InstallShield Installation Information O43 - CFD: 28/10/2012 - 07:20:39 - [59,659] ----D C:\Program Files\Intel O43 - CFD: 14/11/2012 - 10:15:05 - [5,782] ----D C:\Program Files\Internet Explorer O43 - CFD: 28/10/2012 - 05:08:51 - [2,258] ----D C:\Program Files\iPod O43 - CFD: 28/10/2012 - 05:09:37 - [145,931] ----D C:\Program Files\iTunes O43 - CFD: 28/10/2012 - 06:44:27 - [122,056] ----D C:\Program Files\Java O43 - CFD: 24/10/2012 - 12:30:15 - [23,642] ----D C:\Program Files\Laplink O43 - CFD: 24/10/2012 - 16:09:59 - [14,902] ----D C:\Program Files\Logitech O43 - CFD: 04/11/2012 - 08:46:29 - [3,941] ----D C:\Program Files\LSoft Technologies Inc O43 - CFD: 29/10/2012 - 15:08:24 - [7,342] ----D C:\Program Files\ma-config.com O43 - CFD: 02/11/2012 - 13:03:17 - [0] ----D C:\Program Files\Microsoft O43 - CFD: 28/10/2012 - 11:22:34 - [660,594] ----D C:\Program Files\Microsoft Office O43 - CFD: 29/10/2012 - 09:42:19 - [36,641] ----D C:\Program Files\Microsoft Silverlight O43 - CFD: 26/10/2012 - 06:49:57 - [70,627] ----D C:\Program Files\Microsoft Visual Studio O43 - CFD: 27/10/2012 - 06:32:03 - [1,204] ----D C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 27/10/2012 - 16:54:53 - [3,554] ----D C:\Program Files\Microsoft Works O43 - CFD: 27/10/2012 - 06:33:13 - [7,789] ----D C:\Program Files\Microsoft.NET O43 - CFD: 27/10/2012 - 06:34:19 - [0,025] ----D C:\Program Files\MSBuild O43 - CFD: 24/10/2012 - 12:16:27 - [0] ----D C:\Program Files\MSXML 4.0 O43 - CFD: 07/11/2012 - 16:54:19 - [7,107] ----D C:\Program Files\Navigraph O43 - CFD: 12/11/2012 - 14:05:32 - [7,809] ----D C:\Program Files\nodejs O43 - CFD: 28/10/2012 - 07:28:05 - [622,496] ----D C:\Program Files\NVIDIA Corporation O43 - CFD: 29/10/2012 - 19:51:41 - [0,772] ----D C:\Program Files\OpenAL O43 - CFD: 26/10/2012 - 06:50:27 - [0,133] ----D C:\Program Files\Publication Web O43 - CFD: 11/11/2012 - 07:49:46 - [72,326] ----D C:\Program Files\QuickTime O43 - CFD: 24/10/2012 - 12:22:41 - [17,288] ----D C:\Program Files\Realtek O43 - CFD: 14/07/2009 - 11:52:30 - [35,219] ----D C:\Program Files\Reference Assemblies O43 - CFD: 24/10/2012 - 12:27:21 - [1,047] ----D C:\Program Files\Renesas Electronics O43 - CFD: 26/10/2012 - 15:15:24 - [2,652] ----D C:\Program Files\Sophos O43 - CFD: 26/10/2012 - 14:57:02 - [0,029] ----D C:\Program Files\stinger O43 - CFD: 24/10/2012 - 12:23:04 - [0] ----D C:\Program Files\Temp O43 - CFD: 14/07/2009 - 11:53:23 - [0] ----D C:\Program Files\Uninstall Information O43 - CFD: 25/10/2012 - 04:42:24 - [23,190] ----D C:\Program Files\VideoStream O43 - CFD: 12/04/2011 - 09:16:02 - [2,887] ----D C:\Program Files\Windows Defender O43 - CFD: 26/10/2012 - 09:58:31 - [6,677] ----D C:\Program Files\Windows Journal O43 - CFD: 12/04/2011 - 09:16:02 - [5,833] ----D C:\Program Files\Windows Mail O43 - CFD: 12/04/2011 - 09:16:02 - [6,277] ----D C:\Program Files\Windows Media Player O43 - CFD: 14/07/2009 - 11:52:30 - [11,504] ----D C:\Program Files\Windows NT O43 - CFD: 12/04/2011 - 09:16:02 - [4,191] ----D C:\Program Files\Windows Photo Viewer O43 - CFD: 21/11/2010 - 04:33:48 - [0,181] ----D C:\Program Files\Windows Portable Devices O43 - CFD: 12/04/2011 - 09:16:02 - [6,370] ----D C:\Program Files\Windows Sidebar O43 - CFD: 18/11/2012 - 18:29:05 - [10,147] ----D C:\Program Files\ZHPDiag O43 - CFD: 26/10/2012 - 06:05:04 - [5,493] ----D C:\Program Files\Common Files\Adobe O43 - CFD: 28/10/2012 - 05:10:27 - [158,790] ----D C:\Program Files\Common Files\Apple O43 - CFD: 26/10/2012 - 06:50:22 - [2,041] ----D C:\Program Files\Common Files\designer O43 - CFD: 25/10/2012 - 04:32:06 - [3,564] ----D C:\Program Files\Common Files\InstallShield O43 - CFD: 28/10/2012 - 12:39:32 - [0,186] ----D C:\Program Files\Common Files\Intel Corporation O43 - CFD: 28/10/2012 - 06:45:11 - [1,184] ----D C:\Program Files\Common Files\Java O43 - CFD: 24/10/2012 - 12:30:16 - [0,216] ----D C:\Program Files\Common Files\Laplink O43 - CFD: 25/10/2012 - 06:01:23 - [0,995] ----D C:\Program Files\Common Files\Logitech O43 - CFD: 28/10/2012 - 08:25:16 - [224,603] ----D C:\Program Files\Common Files\microsoft shared O43 - CFD: 24/10/2012 - 12:30:31 - [0,185] ----D C:\Program Files\Common Files\postureAgent O43 - CFD: 14/07/2009 - 09:37:05 - [0,003] ----D C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - 09:37:05 - [39,200] ----D C:\Program Files\Common Files\SpeechEngines O43 - CFD: 27/10/2012 - 16:53:08 - [43,071] ----D C:\Program Files\Common Files\System O43 - CFD: 28/10/2012 - 05:09:38 - [2,445] ----D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 O43 - CFD: 26/10/2012 - 06:05:04 - [112,551] ----D C:\ProgramData\Adobe O43 - CFD: 28/10/2012 - 05:08:27 - [65,320] ----D C:\ProgramData\Apple O43 - CFD: 28/10/2012 - 05:08:48 - [74,857] ----D C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - 11:53:55 - [0] --H-D C:\ProgramData\Application Data O43 - CFD: 14/07/2009 - 11:53:55 - [0] --H-D C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 11:53:55 - [0] --H-D C:\ProgramData\Documents O43 - CFD: 25/10/2012 - 05:02:47 - [3,278] ----D C:\ProgramData\Downloaded Installations O43 - CFD: 24/10/2012 - 12:32:56 - [0,008] ----D C:\ProgramData\ESET O43 - CFD: 26/10/2012 - 10:08:38 - [0] ----D C:\ProgramData\farstone O43 - CFD: 14/07/2009 - 11:53:55 - [0] --H-D C:\ProgramData\Favorites O43 - CFD: 28/10/2012 - 08:27:20 - [16,443] ----D C:\ProgramData\HP O43 - CFD: 11/11/2012 - 09:18:12 - [2,742] ----D C:\ProgramData\HP Photo Creations O43 - CFD: 28/10/2012 - 08:10:08 - [0,009] ----D C:\ProgramData\HP Product Assistant O43 - CFD: 25/10/2012 - 06:00:27 - [0,048] ----D C:\ProgramData\Intel O43 - CFD: 14/11/2012 - 10:14:27 - [0,000] ----D C:\ProgramData\Laplink O43 - CFD: 29/10/2012 - 15:08:19 - [5,285] ----D C:\ProgramData\ma-config.com O43 - CFD: 02/11/2012 - 13:03:17 - [1751,988] -S--D C:\ProgramData\Microsoft O43 - CFD: 14/11/2012 - 02:29:09 - [0,059] ----D C:\ProgramData\Microsoft Help O43 - CFD: 07/11/2012 - 16:54:19 - [125,363] ----D C:\ProgramData\Navigraph O43 - CFD: 18/11/2012 - 18:25:05 - [2,248] ----D C:\ProgramData\NVIDIA O43 - CFD: 27/10/2012 - 16:17:31 - [2,085] ----D C:\ProgramData\NVIDIA Corporation O43 - CFD: 14/07/2009 - 11:53:55 - [0] --H-D C:\ProgramData\Start Menu O43 - CFD: 28/10/2012 - 06:45:11 - [0,000] ----D C:\ProgramData\Sun O43 - CFD: 14/07/2009 - 11:53:55 - [0] --H-D C:\ProgramData\Templates O43 - CFD: 11/11/2012 - 09:18:10 - [0,091] ----D C:\ProgramData\Visan O43 - CFD: 28/10/2012 - 08:28:40 - [0,000] ----D C:\ProgramData\WEBREG O43 - CFD: 06/11/2012 - 14:37:51 - [0,206] ----D C:\Users\UranusDominique\AppData\Roaming\Adobe O43 - CFD: 01/11/2012 - 09:26:38 - [0,200] ----D C:\Users\UranusDominique\AppData\Roaming\Apple Computer O43 - CFD: 24/10/2012 - 12:33:33 - [0] ----D C:\Users\UranusDominique\AppData\Roaming\ESET O43 - CFD: 25/10/2012 - 04:47:11 - [0,149] ----D C:\Users\UranusDominique\AppData\Roaming\FarStone O43 - CFD: 28/10/2012 - 08:28:40 - [0,001] ----D C:\Users\UranusDominique\AppData\Roaming\HP O43 - CFD: 18/11/2012 - 09:47:27 - [0,001] ----D C:\Users\UranusDominique\AppData\Roaming\HpUpdate O43 - CFD: 24/10/2012 - 10:12:22 - [0] ----D C:\Users\UranusDominique\AppData\Roaming\Identities O43 - CFD: 24/10/2012 - 12:24:31 - [0] ----D C:\Users\UranusDominique\AppData\Roaming\InstallShield O43 - CFD: 24/10/2012 - 12:34:51 - [0] ----D C:\Users\UranusDominique\AppData\Roaming\Intel Corporation O43 - CFD: 06/11/2012 - 14:37:53 - [0,001] ----D C:\Users\UranusDominique\AppData\Roaming\Macromedia O43 - CFD: 12/04/2011 - 09:24:34 - [0] ----D C:\Users\UranusDominique\AppData\Roaming\Media Center Programs O43 - CFD: 12/11/2012 - 14:05:33 - [3,287] -S--D C:\Users\UranusDominique\AppData\Roaming\Microsoft O43 - CFD: 12/11/2012 - 14:05:20 - [0] ----D C:\Users\UranusDominique\AppData\Roaming\npm O43 - CFD: 24/10/2012 - 20:21:15 - [24,580] ----D C:\Users\UranusDominique\AppData\Roaming\NVIDIA O43 - CFD: 18/11/2012 - 18:28:44 - [0,003] ----D C:\Users\UranusDominique\AppData\Roaming\VideoStream O43 - CFD: 26/10/2012 - 06:04:53 - [0,079] ----D C:\Users\UranusDominique\AppData\Local\Adobe O43 - CFD: 24/10/2012 - 16:22:48 - [0,020] ----D C:\Users\UranusDominique\AppData\Local\AirMouse O43 - CFD: 24/10/2012 - 16:22:54 - [0] ----D C:\Users\UranusDominique\AppData\Local\Apple O43 - CFD: 28/10/2012 - 05:09:59 - [1,376] ----D C:\Users\UranusDominique\AppData\Local\Apple Computer O43 - CFD: 24/10/2012 - 10:12:15 - [0] ----D C:\Users\UranusDominique\AppData\Local\Application Data O43 - CFD: 25/10/2012 - 04:36:50 - [1,507] ----D C:\Users\UranusDominique\AppData\Local\Apps O43 - CFD: 25/10/2012 - 04:37:48 - [0] ----D C:\Users\UranusDominique\AppData\Local\Deployment O43 - CFD: 03/11/2012 - 15:02:18 - [0,887] ----D C:\Users\UranusDominique\AppData\Local\Diagnostics O43 - CFD: 24/10/2012 - 16:07:23 - [33,873] ----D C:\Users\UranusDominique\AppData\Local\Downloaded Installations O43 - CFD: 11/11/2012 - 08:58:44 - [143,474] ----D C:\Users\UranusDominique\AppData\Local\Google O43 - CFD: 24/10/2012 - 10:12:15 - [0] ----D C:\Users\UranusDominique\AppData\Local\History O43 - CFD: 09/11/2012 - 12:43:56 - [1895,042] ----D C:\Users\UranusDominique\AppData\Local\Microsoft O43 - CFD: 27/10/2012 - 06:31:34 - [0] ----D C:\Users\UranusDominique\AppData\Local\Microsoft Help O43 - CFD: 18/11/2012 - 18:26:36 - [15,592] ----D C:\Users\UranusDominique\AppData\Local\Temp O43 - CFD: 24/10/2012 - 10:12:15 - [0] ----D C:\Users\UranusDominique\AppData\Local\Temporary Internet Files O43 - CFD: 25/10/2012 - 04:47:13 - [0,001] ----D C:\Users\UranusDominique\AppData\Local\VirtualStore O43 - CFD: 14/07/2009 - 11:42:04 - [0,014] R---D C:\Users\UranusDominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 26/10/2012 - 10:02:57 - [0,000] R---D C:\Users\UranusDominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 28/10/2012 - 06:57:40 - [0,001] ----D C:\Users\UranusDominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyber Snipa Stinger Mouse O43 - CFD: 14/07/2009 - 11:37:42 - [0,001] R---D C:\Users\UranusDominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 26/10/2012 - 06:50:27 - [0,001] ----D C:\Users\UranusDominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Web Publishing O43 - CFD: 12/11/2012 - 14:05:34 - [0,003] ----D C:\Users\UranusDominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js (x86) O43 - CFD: 05/11/2012 - 11:57:13 - [0] R---D C:\Users\UranusDominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup ~ Scan Program Folder in 00mn 20s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.44A8F5CFFC530613E042515BFCA4E3A2] - 18/11/2012 - 18:28:19 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1076714] O44 - LFC:[MD5.5BE5308A3AB805D4C6477365AB2DB6E8] - 18/11/2012 - 18:25:05 ---A- . (...) -- C:\Windows\setupact.log [28733] O44 - LFC:[MD5.BB94BB7830BAB2E1037D23DF3862FE5A] - 18/11/2012 - 18:25:01 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.C39950CBD01B5C66878876AD0E8EBB43] - 18/11/2012 - 18:24:59 ---A- . (...) -- C:\Windows\MEMORY.DMP [270297293] O44 - LFC:[MD5.85D416B48B34F6683BF0EAD9154C85DF] - 16/11/2012 - 17:47:24 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [728132] O44 - LFC:[MD5.4F90E0B65364F235E1BCC28A9B0AEEF7] - 16/11/2012 - 17:47:24 ---A- . (...) -- C:\Windows\System32\perfc009.dat [106726] O44 - LFC:[MD5.15389B9D1A6259954A6D09B8EB22CF51] - 16/11/2012 - 17:47:24 ---A- . (...) -- C:\Windows\System32\perfh009.dat [616848] O44 - LFC:[MD5.C49E93FCA4068A69097E4DF6A231EE61] - 14/11/2012 - 10:16:18 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [410024] O44 - LFC:[MD5.AE9EAFB41B938644EE32AED040701ECE] - 14/11/2012 - 07:12:05 ---A- . (...) -- C:\Windows\System32\unins000.dat [2156] O44 - LFC:[MD5.B761A6ECA7A63ED0B1BC705628FD491C] - 14/11/2012 - 07:11:15 ---A- . (.Pas de propriétaire - Setup/Uninstall.) -- C:\Windows\System32\unins000.exe [695578] O44 - LFC:[MD5.D494267BC169604FAC5E3679B9A97FED] - 14/11/2012 - 07:11:12 ---A- . (.Creative Labs - OpenAL32.) -- C:\Windows\System32\wrap_oal.dll [444952] O44 - LFC:[MD5.235355A8DD26903E75D5E812ECF50E53] - 14/11/2012 - 07:11:12 ---A- . (.Portions © Creative Labs Inc. and NVIDIA - Standard OpenAL Implementation.) -- C:\Windows\System32\OpenAL32.dll [109080] O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 14/11/2012 - 02:21:06 ---A- . (...) -- C:\Windows\win.ini [478] O44 - LFC:[MD5.CE931021E18F385F519E945A8A10548E] - 11/11/2012 - 07:56:14 ---A- . (.Open Source Software community project - POSIX Threads for Windows32 Library.) -- C:\Windows\System32\pthreadGC2.dll [60273] O44 - LFC:[MD5.14C1567005393B68D75A90706C3802E0] - 05/11/2012 - 17:58:46 ---A- . (...) -- C:\Windows\ntbtlog.txt [270496] O44 - LFC:[MD5.4B160AEC75933B9A7A5E9D74C5E51C7F] - 05/11/2012 - 05:01:52 --HA- . (...) -- C:\Windows\EPMBatch.ept [1395] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 04/11/2012 - 12:17:01 ---A- . (...) -- C:\Windows\BcdLog.txt [0] O44 - LFC:[MD5.18E2CACDCFA842C6C27E56D945F419DB] - 03/11/2012 - 03:57:27 ---A- . (...) -- C:\BCD_Backup [28672] O44 - LFC:[MD5.D7C53AF8C396F5D362F902211F7AF7D3] - 03/11/2012 - 03:57:26 -SHA- . (...) -- C:\BCD_Backup.LOG [25600] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/11/2012 - 03:57:26 -SHA- . (...) -- C:\BCD_Backup.LOG1 [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/11/2012 - 03:57:26 -SHA- . (...) -- C:\BCD_Backup.LOG2 [0] O44 - LFC:[MD5.414CE7205D054838D135A739ED2E18DB] - 01/11/2012 - 11:35:17 ---A- . (...) -- C:\X-Plane Installer.prf [152] O44 - LFC:[MD5.694F54BD227916B89FC3EB1DB53F0685] - 29/10/2012 - 19:52:52 R--A- . (.Creative Labs Inc. - OpenAL Installer.) -- C:\Windows\System32\tmp4CC3.tmp [809496] O44 - LFC:[MD5.B3EDFECE69618CEEDD69385CA2E203B7] - 28/10/2012 - 12:34:47 ---A- . (...) -- C:\Windows\PFRO.log [8166] O44 - LFC:[MD5.F3CF2A82E8C8528A8A1DF2236A3E8A94] - 28/10/2012 - 08:27:10 ---A- . (...) -- C:\Windows\hpwins25.dat [251573] O44 - LFC:[MD5.8D4A6A3940CE08E23B98D84B4797138C] - 28/10/2012 - 08:08:17 ---A- . (...) -- C:\Windows\DPINST.LOG [12134] O44 - LFC:[MD5.9E0D9842081A38FFF52C423AF0C63C83] - 28/10/2012 - 08:08:12 ---A- . (.Hewlett-Packard Company - LanguageMonitor.) -- C:\Windows\System32\hpf3l02t.dll [125440] O44 - LFC:[MD5.48BD3DD357DB6BB61FB2E6EF3D137764] - 28/10/2012 - 07:20:45 ---A- . (.Intel Corporation - Intel Rapid Storage Technology Filter drive.) -- C:\Windows\System32\Drivers\iaStorF.sys [25656] O44 - LFC:[MD5.70BADD827F0C6863AD7F4850DCC5E79B] - 28/10/2012 - 07:20:45 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x86.) -- C:\Windows\System32\Drivers\iaStorA.sys [532536] O44 - LFC:[MD5.BC95F5900522097FC73F573DFFE07D59] - 28/10/2012 - 06:55:40 ---A- . (...) -- C:\Windows\System32\WmiConf.txt [3357] O44 - LFC:[MD5.8C3D0C73A0850A0EE62DF9EC36DBDE80] - 28/10/2012 - 06:51:02 ----- . (...) -- C:\Windows\System32\SetupBD.din [1904] O44 - LFC:[MD5.6CA90E04F27E26B579E001F72F603A6A] - 28/10/2012 - 06:50:28 ---A- . (.Intel Corporation - PRONtObj Module.) -- C:\Windows\System32\PRONtObj.dll [240448] O44 - LFC:[MD5.B1E9B8DBA70006DE7E347AF6533246C4] - 28/10/2012 - 06:50:27 ---A- . (.Intel Corporation - NDIS 6.1 Advanced Networking Services..) -- C:\Windows\System32\Drivers\iANSW60.sys [140680] O44 - LFC:[MD5.4513836BFA89B4DC5336F71A9DE5C295] - 28/10/2012 - 06:49:21 ---A- . (.Intel Corporation - Intel ® Network Connections Driver Uninst.) -- C:\Windows\System32\PROUnstl.exe [297344] O44 - LFC:[MD5.DD7838FA7FE64970C791837291B73DCF] - 28/10/2012 - 06:49:21 ---A- . (.Intel Corporation - Intel® Network Interface Card CoInstaller.) -- C:\Windows\System32\NicInstC.dll [83808] O44 - LFC:[MD5.226D65B23E1BF630FFC9BBF1FBB577C7] - 28/10/2012 - 06:49:20 ---A- . (...) -- C:\Windows\System32\e1c6232.din [3109] O44 - LFC:[MD5.6E0BD8B93405E5C0711AFDB01E69673F] - 28/10/2012 - 06:49:20 ---A- . (.Intel Corporation - Intel® Gigabit Adapter Event-Log Message.) -- C:\Windows\System32\e1cmsg.dll [73032] O44 - LFC:[MD5.884870CD3BF7BA07E57605685AAC3785] - 28/10/2012 - 06:49:20 ---A- . (.Intel Corporation - Intel® Gigabit Adapter NDIS 6.x driver.) -- C:\Windows\System32\Drivers\e1c6232.sys [358224] O44 - LFC:[MD5.69E5F6102D8016CA487D35D565AA61F2] - 28/10/2012 - 06:44:33 ---A- . (.Oracle Corporation - Pas de description.) -- C:\Windows\System32\WindowsAccessBridge.dll [93672] O44 - LFC:[MD5.23C84DBECF3BD95687623F23BCD66441] - 28/10/2012 - 06:44:31 ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\System32\javaw.exe [174056] O44 - LFC:[MD5.315F60FEDCFDACD6A6DBA0A28596F551] - 28/10/2012 - 06:44:31 ---A- . (.Oracle Corporation - Java Web Start Launcher.) -- C:\Windows\System32\javaws.exe [246760] O44 - LFC:[MD5.E8AFA843B9CEC534379950FA398A3F30] - 28/10/2012 - 06:44:30 ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\System32\deployJava1.dll [746984] O44 - LFC:[MD5.AF20DA051DE39496C098F2F33B958E94] - 28/10/2012 - 06:44:30 ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\System32\java.exe [174056] O44 - LFC:[MD5.2C82D753EF779945977C82A3908DA20A] - 28/10/2012 - 06:44:30 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\System32\npDeployJava1.dll [821736] O44 - LFC:[MD5.185ADA973B5020655CEE342059A86CBB] - 28/10/2012 - 05:09:38 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [26840] O44 - LFC:[MD5.68DE5B1E82D3DD10F5F6169522C7C88A] - 26/10/2012 - 23:19:19 ----- . (.Sophos Plc - Sophos boot tasks for Windows 2000.) -- C:\Windows\System32\SAVRKBootTasks.sys [18816] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/10/2012 - 20:43:26 --HA- . (...) -- C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf [0] O44 - LFC:[MD5.B4FA6D277F63CE3E5E547DD40365F178] - 26/10/2012 - 14:49:43 ---A- . (.McAfee, Inc. - McAfee Labs® GetSusp™ Utility Driver.) -- C:\Windows\stinger.sys [14664] O44 - LFC:[MD5.D320BF87125326F996D4904FE24300FC] - 26/10/2012 - 14:44:17 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [80256] O44 - LFC:[MD5.46387FB17B086D16DEA267D5BE23A2F2] - 26/10/2012 - 14:44:17 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [22400] O44 - LFC:[MD5.5CD5F9A5444E6CDCB0AC89BD62D8B76E] - 26/10/2012 - 14:44:17 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\Drivers\iaStorV.sys [332160] O44 - LFC:[MD5.B3E25EE28883877076E0E1FF877D02E0] - 26/10/2012 - 14:44:17 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [117120] O44 - LFC:[MD5.4380E59A170D88C4F1022EFF6719A8A4] - 26/10/2012 - 14:44:17 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [143744] O44 - LFC:[MD5.B2F7861A18DDF66E9C82F76167EE1546] - 26/10/2012 - 11:32:36 ---A- . (...) -- C:\Windows\hpoins19.dat [245518] O44 - LFC:[MD5.4FEB34235456276C733B50DACFD530E2] - 26/10/2012 - 06:50:42 ---A- . (...) -- C:\Windows\ODBCINST.INI [535] O44 - LFC:[MD5.8AC7A2D4EC55C0386E3FEE2FD537131F] - 26/10/2012 - 06:50:41 ---A- . (...) -- C:\Windows\ODBC.INI [288] O44 - LFC:[MD5.217213E775E0CE54A20296E2FC22D3DE] - 26/10/2012 - 06:50:40 ---A- . (...) -- C:\Windows\VBAddin.INI [71] O44 - LFC:[MD5.F58B343105C941C95B13DD6C56356713] - 26/10/2012 - 06:50:29 ---A- . (...) -- C:\Windows\VB.INI [1273] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/10/2012 - 06:50:27 ---A- . (...) -- C:\Windows\wplog.txt [0] O44 - LFC:[MD5.45D1AE9EFBC36EDC84FB73F30A60A209] - 26/10/2012 - 06:18:32 ---A- . (...) -- C:\Windows\IE9_main.log [3253] O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 26/10/2012 - 06:18:17 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822] O44 - LFC:[MD5.335BE1B7EDAED53DC6AA3B4D60AA68A8] - 26/10/2012 - 06:15:53 ---A- . (...) -- C:\Windows\msxml4-KB954430-enu.LOG [291972] O44 - LFC:[MD5.F2E9AEED7972091950923DB4052729DA] - 26/10/2012 - 06:14:43 ---A- . (...) -- C:\Windows\msxml4-KB973688-enu.LOG [294442] O44 - LFC:[MD5.C5ACDBF61DF211BDCC2B5021B1405BB0] - 26/10/2012 - 06:12:15 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304] O44 - LFC:[MD5.ED4649A28AFE0B3DB93C3198BA48E34E] - 26/10/2012 - 06:12:15 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [294912] O44 - LFC:[MD5.56C519C4EEF322F0C72396C970EDEA87] - 25/10/2012 - 04:35:42 ---A- . (...) -- C:\Windows\vdp.log [11830] O44 - LFC:[MD5.0E722803B702F03FE11C3CF67C044638] - 25/10/2012 - 04:35:15 ---A- . (...) -- C:\inVHDDrvLog.dat [261] O44 - LFC:[MD5.6DE08E1FA2631B7AA5AA68D3C923A96D] - 25/10/2012 - 04:35:09 ---A- . (...) -- C:\Windows\Driverinstall.log [2357] O44 - LFC:[MD5.985709505C80B88C1B41908C0075CA0D] - 25/10/2012 - 04:34:32 ----- . (.FarStone Inc. - FarStone Bus Enumerator.) -- C:\Windows\System32\Drivers\fcdabus.sys [18448] O44 - LFC:[MD5.8E2BE5233C88A50EE69442B4A4937FCE] - 25/10/2012 - 04:34:32 ----- . (.FarStone Inc. - FarStone SCSI Miniport.) -- C:\Windows\System32\Drivers\fvxscsi.sys [86800] O44 - LFC:[MD5.86748B574AD69010A81715554E40E07A] - 25/10/2012 - 04:32:10 ---A- . (.Pas de propriétaire - RDrv2KInterface DLL.) -- C:\Windows\System32\RDrv2KInterface.dll [86016] O44 - LFC:[MD5.5C4972BF030AC19FB9A24E47ED28746D] - 25/10/2012 - 04:32:10 ---A- . (.Pas de propriétaire - RDrvInterface DLL.) -- C:\Windows\System32\RDrvInterface.dll [28672] O44 - LFC:[MD5.93FEA7723AB474AC06F48C4F61A3D0C5] - 25/10/2012 - 04:32:09 ---A- . (...) -- C:\Windows\System32\DVC.dll [118784] O44 - LFC:[MD5.5220389826609383ACDB3428A14861EF] - 25/10/2012 - 04:32:09 ---A- . (...) -- C:\Windows\System32\inVHDDrvExe.exe [32768] O44 - LFC:[MD5.554C57B67C7B9379D34BBA3DEA8BC890] - 25/10/2012 - 04:32:09 ---A- . (...) -- C:\Windows\System32\unVHDDrvExe.exe [36864] O44 - LFC:[MD5.5F2203A97B45158376DA68769C6D131B] - 25/10/2012 - 04:32:09 ---A- . (.FarStone Technology, Inc. - Driver Control version.) -- C:\Windows\System32\Dversion.dll [86016] O44 - LFC:[MD5.68685BBD072F7316C2DA1DB6CEA4535B] - 25/10/2012 - 03:12:26 ---A- . (.Apple Inc. - QuickTime Client DLL.) -- C:\Windows\System32\QuickTime.qts [69632] O44 - LFC:[MD5.9D6C0C74CA6F4CC2B251483DD6C7BBE3] - 25/10/2012 - 03:12:26 ---A- . (.Apple Inc. - QuickTimeVR DLL.) -- C:\Windows\System32\QuickTimeVR.qtx [94208] O44 - LFC:[MD5.30DBD09E8176AFFD3B6B773AB4876A28] - 25/10/2012 - 01:00:51 RSHA- . (...) -- C:\BOOTSECT.BAK [8192] O44 - LFC:[MD5.572CBECE3BAA034CD3AF3CBBA5A6F8F2] - 24/10/2012 - 16:40:47 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.9.) -- C:\Windows\System32\nvsvcr.dll [2557288] O44 - LFC:[MD5.EB5A13F9139F20AD71ADF4BF79C3AA29] - 24/10/2012 - 16:40:47 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.9.) -- C:\Windows\System32\nvvsvc.exe [645992] O44 - LFC:[MD5.1839D6A4578B1B91044648897E07F87E] - 24/10/2012 - 16:40:47 ---A- . (.NVIDIA Corporation - Pas de description.) -- C:\Windows\System32\nvshext.dll [62312] O44 - LFC:[MD5.9BA2B36132A41AEBDA66C1D90F8470C2] - 24/10/2012 - 16:40:46 ---A- . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\System32\nvcpl.dll [3965288] O44 - LFC:[MD5.DEC53E152E18541D3D585794D99F02B7] - 24/10/2012 - 16:40:46 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.9.) -- C:\Windows\System32\nvsvc.dll [2853224] O44 - LFC:[MD5.450DA5D4332A0693EF7050CCD17002D4] - 24/10/2012 - 16:40:46 ---A- . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\System32\nvmctray.dll [108392] O44 - LFC:[MD5.353ADD0D05F6265D49C0B95AB6AAF593] - 24/10/2012 - 16:40:14 ---A- . (.Khronos Group - OpenCL Client DLL.) -- C:\Windows\System32\OpenCL.dll [52584] O44 - LFC:[MD5.FDEABB62FD35F3F720CDD5910325F3B5] - 24/10/2012 - 16:39:52 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\Windows\System32\nvhdagenco3220103.dll [884072] O44 - LFC:[MD5.77F9F9A199B87FE3F852E12F5419240B] - 24/10/2012 - 16:39:52 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\Drivers\nvhda32v.sys [149352] O44 - LFC:[MD5.1E6B66A9703B4DD58F96086DD424FA98] - 24/10/2012 - 16:39:52 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\nvhdap32.dll [28008] O44 - LFC:[MD5.C937FA0D62CC64FEC133C727611668A0] - 24/10/2012 - 16:39:51 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 306.97.) -- C:\Windows\System32\nvcuda.dll [7697768] O44 - LFC:[MD5.8A65DE50C4D9BAB60AA04BF47FD31686] - 24/10/2012 - 16:39:51 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Decode API, Version 306.9.) -- C:\Windows\System32\nvcuvid.dll [2574696] O44 - LFC:[MD5.8854614A9792ABCB1D8323B31AF4BF7A] - 24/10/2012 - 16:39:51 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Encoder, Version 306.97.) -- C:\Windows\System32\nvcuvenc.dll [1867112] O44 - LFC:[MD5.CEDE7CB889F5BAE7B6FA90C8BBA79498] - 24/10/2012 - 16:39:51 ---A- . (.NVIDIA Corporation - NVIDIA NVAPI Library, Version 306.97.) -- C:\Windows\System32\nvapi.dll [2428776] O44 - LFC:[MD5.0A1B502CBC8230DA74BEFBAADDB58916] - 24/10/2012 - 16:39:51 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [10837352] O44 - LFC:[MD5.3F42C367EAC68A81FBED294C15982120] - 24/10/2012 - 16:39:50 ---A- . (.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\Windows\System32\nvdispco32.dll [1009512] O44 - LFC:[MD5.D820FA30B281E8BAFD24B19BBE198726] - 24/10/2012 - 16:39:50 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\Windows\System32\nvdispgenco32.dll [888168] O44 - LFC:[MD5.54672280A7A9805E3CE4B65FD0350E5D] - 24/10/2012 - 16:39:50 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 306.97.) -- C:\Windows\System32\nvopencl.dll [6127464] O44 - LFC:[MD5.A9E419A527081E1088FF1A13FBC4690E] - 24/10/2012 - 16:39:50 ---A- . (.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\Windows\System32\nvoglv32.dll [19906920] O44 - LFC:[MD5.AFA6C2B04F74B9F69730D25ED8B9911F] - 24/10/2012 - 16:39:50 ---A- . (.NVIDIA Corporation - NVIDIA Compiler, Version 306.97.) -- C:\Windows\System32\nvcompiler.dll [17559912] O44 - LFC:[MD5.540DE2DC577E1199301E37CC0F580550] - 24/10/2012 - 16:39:50 ---A- . (.NVIDIA Corporation - NVIDIA D3D Shim Driver, Version 306.97.) -- C:\Windows\System32\nvumdshim.dll [831848] O44 - LFC:[MD5.70BA2ED3DE9080D9ED3C65B7ADE6F653] - 24/10/2012 - 16:39:50 ---A- . (.NVIDIA Corporation - NVIDIA D3D10 Driver, Version 306.97.) -- C:\Windows\System32\nvwgf2um.dll [12501352] O44 - LFC:[MD5.82FC59A500AA685F833E61E3A1BB7DAF] - 24/10/2012 - 16:39:50 ---A- . (.NVIDIA Corporation - NVIDIA WDDM D3D Driver, Version 306.97.) -- C:\Windows\System32\nvd3dum.dll [15309160] O44 - LFC:[MD5.E7F21C284E38B07AB61E8066E08638F5] - 24/10/2012 - 16:39:50 ---A- . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 306.) -- C:\Windows\System32\nvinit.dll [202600] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/10/2012 - 16:10:09 RSHA- . (...) -- C:\IO.SYS [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/10/2012 - 16:10:09 RSHA- . (...) -- C:\MSDOS.SYS [0] O44 - LFC:[MD5.A83E7E710989FC0138C6ADD4A11EE21A] - 24/10/2012 - 15:04:18 ---A- . (...) -- C:\Windows\System32\license.rtf [41450] O44 - LFC:[MD5.0386A1F629FDD766B36A39DA88240EA9] - 24/10/2012 - 15:03:31 ---A- . (...) -- C:\Windows\TSSysprep.log [1355] O44 - LFC:[MD5.25CA1D27CFD81EBB4D4886463EA663C1] - 24/10/2012 - 15:01:53 ---A- . (...) -- C:\Windows\DtcInstall.log [2790] O44 - LFC:[MD5.4192468FB10D604673BC46AC50AFA22F] - 24/10/2012 - 12:30:49 ---A- . (.Intel Corporation - Intel® Network Interface Card CoInstaller.) -- C:\Windows\System32\NicCo36.dll [28792] O44 - LFC:[MD5.150BF0F55FC31FCD01051E3FF4962ECC] - 24/10/2012 - 12:30:36 ---A- . (.Intel Corporation - Intel® Manageability Engine Firmware Dynami.) -- C:\Windows\System32\Drivers\IntelMEFWVer.dll [15168] O44 - LFC:[MD5.BDB904902500628C6C510CD723800558] - 24/10/2012 - 12:26:38 ---A- . (...) -- C:\CIR.log [87] O44 - LFC:[MD5.459DB8708F93BEAC0F75E149E1D990F6] - 24/10/2012 - 12:24:44 ---A- . (...) -- C:\IRST.log [86] O44 - LFC:[MD5.F4F4CBC7F6C7CB940AA9F0AAF3EF1104] - 24/10/2012 - 12:24:32 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x86.) -- C:\Windows\System32\Drivers\iaStor.sys [353304] O44 - LFC:[MD5.C710C9F51363E9B0B2EAFCAA5A70EA72] - 24/10/2012 - 12:23:04 ---A- . (...) -- C:\RHDSetup.log [2051] O44 - LFC:[MD5.42F0CF798D7C3946FF38EC85B3F054E7] - 24/10/2012 - 12:23:04 ---A- . (...) -- C:\realtek.log [206] O44 - LFC:[MD5.6A63E4847EE62E79217444C0C245E847] - 24/10/2012 - 12:22:47 ---A- . (.Realtek Semiconductor Corp. - Realtek LFX/GFX DSP UI component for window.) -- C:\Windows\System32\RtkPgExt.dll [1843816] O44 - LFC:[MD5.272BF8E5DBDAF0614CC367A25EA3B256] - 24/10/2012 - 12:22:47 ---A- . (.SRS Labs, Inc. - COM object implementing SRS Headphone 360.) -- C:\Windows\System32\SRSHP360.dll [173296] O44 - LFC:[MD5.029F36DE21AFBDD2865CC657E252EBA7] - 24/10/2012 - 12:22:47 ---A- . (.SRS Labs, Inc. - TruSurround HD and HD4 COM object for Windo.) -- C:\Windows\System32\SRSTSHD.dll [185584] O44 - LFC:[MD5.8C83CED38F8CAC3E8D5A953C03BCF4B4] - 24/10/2012 - 12:22:47 ---A- . (.SRS Labs, Inc. - TruSurroundXT Module.) -- C:\Windows\System32\SRSTSXT.dll [345328] O44 - LFC:[MD5.A258F7B2B84E88118369B0B2196CC257] - 24/10/2012 - 12:22:47 ---A- . (.SRS Labs, Inc. - WOW HD COM object for Windows.) -- C:\Windows\System32\SRSWOW.dll [140528] O44 - LFC:[MD5.FDED64DC18429175D4DD9BB8D92C334C] - 24/10/2012 - 12:22:47 ---A- . (.Virage Logic Corporation / Sonic Focus - SFAPO.DLL.) -- C:\Windows\System32\SFAPO.dll [68944] O44 - LFC:[MD5.FDDC4D6EC3B2BD3B5A04C22881305621] - 24/10/2012 - 12:22:47 ---A- . (.Virage Logic Corporation / Sonic Focus - SFCOM.DLL.) -- C:\Windows\System32\SFCOM.dll [74064] O44 - LFC:[MD5.1BE0D5882B4812A0DC0A8137A350AF67] - 24/10/2012 - 12:22:47 ---A- . (.Virage Logic Corporation / Sonic Focus - SFNHK.DLL.) -- C:\Windows\System32\SFNHK.dll [214352] O44 - LFC:[MD5.10B04CCF552C649EA93CCA00B857912A] - 24/10/2012 - 12:22:47 ---A- . (.Waves Audio Ltd. - General Library for Plug-Ins.) -- C:\Windows\System32\WavesGUILib.dll [1738072] O44 - LFC:[MD5.CE1E84AA03EE50362D3C69382DCFA294] - 24/10/2012 - 12:22:47 ---A- . (.Waves Audio Ltd. - General Library for Plug-Ins.) -- C:\Windows\System32\WavesLib.dll [1783056] O44 - LFC:[MD5.AE2882E47206AA92B6D36C196496F87C] - 24/10/2012 - 12:22:46 ---A- . (.Realtek Semiconductor Corp. - Realtek APO API.) -- C:\Windows\System32\RtkApoApi.dll [453224] O44 - LFC:[MD5.FC6C799863E38CFC9A161F0ACAD428EE] - 24/10/2012 - 12:22:46 ---A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Coinstaller.) -- C:\Windows\System32\RtkCoInst.dll [66152] O44 - LFC:[MD5.31BEDCDED78CADBD9E9FFDF208A9FFEA] - 24/10/2012 - 12:22:46 ---A- . (.Realtek Semiconductor Corp. - Realtek® LFX/GFX DSP component.) -- C:\Windows\System32\RtkAPO.dll [3610216] O44 - LFC:[MD5.573A6934D4BC8FB8F19AB6E47EBB9128] - 24/10/2012 - 12:22:45 ---A- . (.Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x86.) -- C:\Windows\System32\RTEED32A.dll [168648] O44 - LFC:[MD5.6285E76879D717C3C978A794130DADE8] - 24/10/2012 - 12:22:45 ---A- . (.Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x86.) -- C:\Windows\System32\RTEEP32A.dll [357576] O44 - LFC:[MD5.B747DDAA11333F1EABB35E2AE2E877C9] - 24/10/2012 - 12:22:45 ---A- . (.Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x86.) -- C:\Windows\System32\RTEEG32A.dll [62664] O44 - LFC:[MD5.52999C60386C123BDD6C93D73BEF37CD] - 24/10/2012 - 12:22:45 ---A- . (.Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x86.) -- C:\Windows\System32\RTEEL32A.dll [76488] O44 - LFC:[MD5.DFAC006A189D2CC302F53DFDEE3D74D3] - 24/10/2012 - 12:22:45 ---A- . (.Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x86.) -- C:\Windows\System32\RP3DAA32.dll [293584] O44 - LFC:[MD5.655DDC227B11790127A8CBFA7E9CF700] - 24/10/2012 - 12:22:45 ---A- . (.Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x86.) -- C:\Windows\System32\RP3DHT32.dll [293584] O44 - LFC:[MD5.83E3F632DB8FADD7DDEEACB2F01ED550] - 24/10/2012 - 12:22:45 ---A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\Windows\System32\RTSndMgr.cpl [1084008] O44 - LFC:[MD5.F42901F67CBC137A0F141C58B831A03C] - 24/10/2012 - 12:22:45 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function D.) -- C:\Windows\System32\Drivers\RTKVHDA.sys [3211432] O44 - LFC:[MD5.2C428ED2AC97B871D1BCC7C1566C4DCC] - 24/10/2012 - 12:22:44 ---A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Coinstaller Resource.) -- C:\Windows\System32\RCoRes.dat [477288] O44 - LFC:[MD5.84AB243EBB8839C268BA45975BD6558C] - 24/10/2012 - 12:22:44 ---A- . (.Waves Audio Ltd. - MaxxAudio APO.) -- C:\Windows\System32\MaxxAudioAPO.dll [132368] O44 - LFC:[MD5.57C588F098C811E9459AC7034349AF6F] - 24/10/2012 - 12:22:44 ---A- . (.Waves Audio Ltd. - MaxxAudio APO.) -- C:\Windows\System32\MaxxAudioAPO20.dll [232792] O44 - LFC:[MD5.33CCA4B2289AA5F8753387A8BF18816B] - 24/10/2012 - 12:22:44 ---A- . (.Waves Audio Ltd. - MaxxAudio APO.) -- C:\Windows\System32\MaxxAudioAPO30.dll [252928] O44 - LFC:[MD5.6C75723CB2309D23A3A16EF9F45B2F49] - 24/10/2012 - 12:22:44 ---A- . (.Waves Audio Ltd. - MaxxVolumeSD APO.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll [252760] O44 - LFC:[MD5.F678031A1EF7C96DB09AE9F0DDB7F88E] - 24/10/2012 - 12:22:44 ---A- . (.Waves Audio Ltd. - Pas de description.) -- C:\Windows\System32\MaxxAudioEQ.dll [1938704] O44 - LFC:[MD5.DB2C8187A8397EF8CC08B411C509E80C] - 24/10/2012 - 12:22:44 ---A- . (.Waves Audio Ltd. - Pas de description.) -- C:\Windows\System32\MaxxAudioRealtek.dll [1327104] O44 - LFC:[MD5.6353994C972CB58EB01854C6FDFAC80D] - 24/10/2012 - 12:22:42 ---A- . (.Andrea Electronics Corporation - Render Noise Filters (32-bit).) -- C:\Windows\System32\AERTARen.dll [96160] O44 - LFC:[MD5.B9C341FFD3C60B376E5BE184DC445C64] - 24/10/2012 - 12:22:42 ---A- . (.DTS - DTS Bass Enhancement COM DLL.) -- C:\Windows\System32\DTSBassEnhancementDLL.dll [447200] O44 - LFC:[MD5.6D00C1CF1F3A52A319329AD4CC294920] - 24/10/2012 - 12:22:42 ---A- . (.DTS - DTS Boost COM DLL.) -- C:\Windows\System32\DTSBoostDLL.dll [899808] O44 - LFC:[MD5.87017531CF3898F2EF625F5B3691BEB1] - 24/10/2012 - 12:22:42 ---A- . (.DTS - DTS GFX APO.) -- C:\Windows\System32\DTSGFXAPO.dll [105696] O44 - LFC:[MD5.7E5A34FC59A9AA0460ED5549A154A433] - 24/10/2012 - 12:22:42 ---A- . (.DTS - DTS GFX APO.) -- C:\Windows\System32\DTSGFXAPONS.dll [105184] O44 - LFC:[MD5.CC1993CB1734E1C6F01B1DD963B6FD98] - 24/10/2012 - 12:22:42 ---A- . (.DTS - DTS Gain Compensator COM DLL.) -- C:\Windows\System32\DTSGainCompensatorDLL.dll [235232] O44 - LFC:[MD5.B5E329EF4012D0AF05D1C73B3C53AA4A] - 24/10/2012 - 12:22:42 ---A- . (.DTS - DTS LFX APO.) -- C:\Windows\System32\DTSLFXAPO.dll [105696] O44 - LFC:[MD5.ADF77C70852915A79739E52AA41A973E] - 24/10/2012 - 12:22:42 ---A- . (.DTS - DTS Limiter COM DLL.) -- C:\Windows\System32\DTSLimiterDLL.dll [222944] O44 - LFC:[MD5.FD3C484B750FA85C72A010495AD5EE03] - 24/10/2012 - 12:22:42 ---A- . (.DTS - DTS NEO:PC COM DLL.) -- C:\Windows\System32\DTSNeoPCDLL.dll [290016] O44 - LFC:[MD5.7F996B69DD9E2D357D913A6414E0D768] - 24/10/2012 - 12:22:42 ---A- . (.DTS - DTS Surround Sensation Headphone COM DLL.) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll [961248] O44 - LFC:[MD5.A8437D1746FAD34DAE962725373E0688] - 24/10/2012 - 12:22:42 ---A- . (.DTS - DTS Surround Sensation Speaker COM DLL.) -- C:\Windows\System32\DTSS2SpeakerDLL.dll [1131232] O44 - LFC:[MD5.53DBC7200BF6681F86A01B8C18C6B955] - 24/10/2012 - 12:22:42 ---A- . (.DTS - DTS Symmetry COM DLL.) -- C:\Windows\System32\DTSSymmetryDLL.dll [427744] O44 - LFC:[MD5.DC867B20034FE6A62999FE9290D2F624] - 24/10/2012 - 12:22:42 ---A- . (.DTS - DTS Voice Clarity COM DLL.) -- C:\Windows\System32\DTSVoiceClarityDLL.dll [404704] O44 - LFC:[MD5.151E683CF0E22A7D2A76C5CF361D5454] - 24/10/2012 - 12:22:42 ---A- . (.Fortemedia Corporation - Fortemedia SAMSoft sAPO.) -- C:\Windows\System32\FMAPO.dll [305568] O44 - LFC:[MD5.2CCEAF03E8AF4543171D236DF21DC29A] - 24/10/2012 - 12:22:41 ---A- . (.Andrea Electronics Corporation - Capture Noise Filters (32-bit).) -- C:\Windows\System32\AERTACap.dll [175200] O44 - LFC:[MD5.90E48E2B15703970E147D8A32A146B8C] - 24/10/2012 - 12:22:40 R---- . (.Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) -- C:\Windows\RtlExUpd.dll [1251944] O44 - LFC:[MD5.98A94B81391480B350C874E05F8F8339] - 24/10/2012 - 12:19:36 ---A- . (.Intel® Corp - CSVer.) -- C:\Windows\System32\CSVer.dll [53248] O44 - LFC:[MD5.2D7F0C68E19E2143986618A25985A5E7] - 03/10/2012 - 05:20:00 ---A- . (...) -- C:\Windows\System32\nvinfo.pb [12865] O44 - LFC:[MD5.AC644E9F91AE18521525713C5D3988DD] - 03/10/2012 - 02:29:23 ---A- . (...) -- C:\Windows\System32\nvcoproc.bin [3536817] O44 - LFC:[MD5.933222B19FF3E7EA5F65517EA1F7D57E] - 02/06/2012 - 21:57:50 ---A- . (...) -- C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [3] O44 - LFC:[MD5.933222B19FF3E7EA5F65517EA1F7D57E] - 02/06/2012 - 21:34:21 ---A- . (...) -- C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [3] O44 - LFC:[MD5.49A3836D438198DE58383756EC7D002E] - 17/05/2012 - 17:36:54 ---A- . (...) -- C:\Windows\System32\BootMan.exe [2468520] O44 - LFC:[MD5.1F2F4AB15CE03ECC257FEB2F6DC5A013] - 29/07/2011 - 13:54:56 ---A- . (...) -- C:\Windows\System32\EuGdiDrv.sys [8456] O44 - LFC:[MD5.539CA34FBC74EC366A0D751028C32A08] - 29/07/2011 - 13:54:56 ---A- . (...) -- C:\Windows\System32\epmntdrv.sys [14216] O44 - LFC:[MD5.780FB595E5E11355A8313F644329E3EB] - 29/07/2011 - 13:54:56 ---A- . (...) -- C:\Windows\System32\setupempdrv03.exe [86408] O44 - LFC:[MD5.6E7DA5D64EEC97E90B36039551B44CCD] - 29/07/2011 - 13:54:46 ---A- . (...) -- C:\Windows\System32\EuEpmGdi.dll [19840] O44 - LFC:[MD5.259525CFB422E6AC8E87BC9777B1DF73] - 21/11/2010 - 04:29:06 RSHA- . (...) -- C:\bootmgr [383786] O44 - LFC:[MD5.D431C9E3792CBBB6DECDFD5A857BCC35] - 29/07/2010 - 10:03:15 ----- . (...) -- C:\Windows\hpwmdl25.dat [530] O44 - LFC:[MD5.E366573E4AB73F3EBE169B62ABCF77FC] - 20/10/2009 - 11:32:19 ----- . (...) -- C:\Windows\hpomdl19.dat [13898] O44 - LFC:[MD5.F75D16FB6BEA2FF375290B5FEDF2186D] - 03/04/2009 - 13:55:00 ---A- . (...) -- C:\Windows\MSUMLT0G.ini [31910] O44 - LFC:[MD5.67EE08A7EE31F246B5DA823C84A1050A] - 23/06/2007 - 02:06:48 ----- . (...) -- C:\Windows\System32\Drivers\fsRamDsk.sys [43408] O44 - LFC:[MD5.711AE45CE8A4EFBDF01C2ECBBAB3C190] - 15/06/2007 - 06:10:54 ----- . (...) -- C:\Windows\Driver.ico [17542] O44 - LFC:[MD5.8201439B30C2E1B8BBFC2F2256CDC21C] - 08/08/2006 - 10:03:40 ----- . (...) -- C:\Windows\System32\VDI08X.dat [14496] ~ Scan Files in 01mn 51s ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll ~ Scan ShellExecuteHooks in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Windows Security Configuration Editor Client Engine.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - LiveSSP.) -- C:\Windows\System32\livessp.dll ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{751f3dcf-1dc0-11e2-8272-3860770e2afc}\AutoRun\command. (...) -- O:\Installer_Windows.exe ~ Scan Keys in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe O53 - SMSR:HKLM\...\startupreg\Bing Bar [Key] . (...) -- C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O53 - SMSR:HKLM\...\startupreg\Microsoft Default Manager [Key] . (...) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O53 - SMSR:HKLM\...\startupreg\RAMDrive [Key] . (.FarStone Technology, Inc. - RDTask Microsoft ???????.) -- C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe ~ Scan SMSR Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "LegalNoticeText"=0 O55 - MWPS:[HKLM\...\Policies\System] - "LegalNoticeCaption"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 08:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 14/07/2009 - 04:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] ~ Scan Drivers in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 24/10/2012 - C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys (a2acc) .(.Emsisoft GmbH - Emsisoft Anti-Malware File Guard.) - LEGACY_A2ACC O64 - Services: CurCS - 19/05/2011 - C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys (A2DDA) .(.Emsi Software GmbH - Emsisoft Direct Disk Access Support Driver.) - LEGACY_A2DDA O64 - Services: CurCS - 24/10/2012 - C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys (a2injectiondriver) .(.Emsisoft GmbH - Emsisoft Anti-Malware Behavior Blocker.) - LEGACY_A2INJECTIONDRIVER O64 - Services: CurCS - 05/05/2010 - C:\Program Files\Emsisoft Anti-Malware\a2util32.sys (a2util) .(.Emsi Software GmbH - a-squared Malware-IDS utility driver.) - LEGACY_A2UTIL O64 - Services: CurCS - 29/07/2011 - C:\Windows\system32\epmntdrv.sys - epmntdrv (epmntdrv) .(...) - LEGACY_EPMNTDRV O64 - Services: CurCS - 29/07/2011 - C:\Windows\system32\EuGdiDrv.sys - EuGdiDrv (EuGdiDrv) .(...) - LEGACY_EUGDIDRV O64 - Services: CurCS - 21/10/2008 - C:\Windows\System32\DRIVERS\fvxscsi.sys (FVXSCSI) .(.FarStone Inc. - FarStone SCSI Miniport.) - LEGACY_FVXSCSI O64 - Services: CurCS - 13/09/2010 - C:\Windows\System32\DRIVERS\iaStor.sys (iaStor) .(.Intel Corporation - Intel Rapid Storage Technology driver - x86.) - LEGACY_IASTOR O64 - Services: CurCS - 18/06/2009 - C:\Windows\system32\SAVRKBootTasks.sys (SAVRKBootTasks) .(.Sophos Plc - Sophos boot tasks for Windows 2000.) - LEGACY_SAVRKBOOTTASKS O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV ~ Scan Services in 00mn 00s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com ~ Scan Keys in 00mn 00s ---\\ Recherche des services démarrés par Svchost (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [62464] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation Service.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation Service.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [168960] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [593408] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [674304] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [473600] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [286208] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [75264] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\sens.dll [49664] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [300544] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows Telephony Server.) -- C:\Windows\System32\tapisrv.dll [242176] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote Connections Manager.) -- C:\Windows\System32\termsrv.dll [521216] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [1933848] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [585728] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [328192] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over an IPv4 network..) -- C:\Windows\System32\iphlpsvc.dll [499712] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [21504] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [47104] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [114688] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [49664] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [61440] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [98304] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164352] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [750592] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\kmsvc.dll [71168] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\sessenv.dll [113664] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [102912] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [37376] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [76800] O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [149504] ~ Scan Services in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.FBAB280D0CAC5E21C72F0A1A7B5B9608] [sPRF][08/10/2010] (.Macrovision Corporation - Setup.exe.) -- C:\Users\UranusDominique\AppData\Local\Temp\_isBCC9.exe [455600] [MD5.A883DB5C29D35D16634450D885967A15] [sPRF][24/10/2012] (.NVIDIA Corporation - NVIDIA Package Launcher.) -- C:\Users\UranusDominique\Desktop\306.97-desktop-win8-win7-winvista-32bit-international-whql.exe [178253024] [MD5.00D59A2EFBADFB8453E25BA42067AD02] [sPRF][05/11/2012] (.AVAST Software - avast! Antirootkit.) -- C:\Users\UranusDominique\Desktop\aswMBR.exe [4731392] [MD5.A10ECA34B408810471C0795E2E2EBF6A] [sPRF][04/11/2012] (.Macrovision Corporation - Setup.exe.) -- C:\Users\UranusDominique\Desktop\PartManFree-Setup.exe [4506352] ~ Scan Files in 00mn 01s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{80416BD1-95AD-45E3-981D-FC090C9A0C04}" | In - None - P6 - TRUE | .(.Laplink Software Inc. - PCmover.) -- C:\Program Files\Laplink\PCmover\pcmover.exe O87 - FAEL: "{F71C0A6A-BBE9-49D2-8B5E-3421F969517F}" | In - Public - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "{BB5A9DAB-C0F8-47BF-BBE6-27030235F45C}" | In - Public - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "{AF6235C6-C420-4B85-ACFE-7B88A7157BB8}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O87 - FAEL: "{FFB7D9EF-E588-4161-9764-6A5415E3140A}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O87 - FAEL: "TCP Query User{A8CF72F8-5F47-40E9-957E-3A354B0D5DFE}C:\program files\air mouse\air mouse\air mouse.exe" | In - Public - P6 - TRUE | .(.Pas de propriétaire - AirMouse.) -- C:\program files\air mouse\air mouse\air mouse.exe O87 - FAEL: "UDP Query User{C1AC4D40-7A8B-413A-9DD4-A98A392A67FA}C:\program files\air mouse\air mouse\air mouse.exe" | In - Public - P17 - TRUE | .(.Pas de propriétaire - AirMouse.) -- C:\program files\air mouse\air mouse\air mouse.exe O87 - FAEL: "TCP Query User{12A00120-8990-4579-8416-239639B64E12}E:\x-plane 10\x-plane.exe" | In - Public - P6 - TRUE | .(...) -- E:\x-plane 10\x-plane.exe O87 - FAEL: "UDP Query User{1B2CF42A-F371-4F93-86C0-FE0A43D3A9E9}E:\x-plane 10\x-plane.exe" | In - Public - P17 - TRUE | .(...) -- E:\x-plane 10\x-plane.exe O87 - FAEL: "TCP Query User{FF7385C5-C737-4373-9054-778D360046A0}E:\x-plane 10.10 b11 - copy\x-plane.exe" | In - Public - P6 - TRUE | .(...) -- E:\x-plane 10.10 b11 - copy\x-plane.exe O87 - FAEL: "UDP Query User{C8C7FCDE-E428-4E0A-8F01-23D103B9C1B2}E:\x-plane 10.10 b11 - copy\x-plane.exe" | In - Public - P17 - TRUE | .(...) -- E:\x-plane 10.10 b11 - copy\x-plane.exe O87 - FAEL: "TCP Query User{F66065CD-A5FD-4306-AAF9-97C66F35591D}C:\program files\videostream\videostream.exe" | In - Public - P6 - TRUE | .(.Collect3 PTY LTD - Video Stream.) -- C:\program files\videostream\videostream.exe O87 - FAEL: "UDP Query User{43348A24-2D86-496C-9F68-026658192EAE}C:\program files\videostream\videostream.exe" | In - Public - P17 - TRUE | .(.Collect3 PTY LTD - Video Stream.) -- C:\program files\videostream\videostream.exe O87 - FAEL: "{32E6E64E-14B0-44DC-982B-DA3A7CF80F7F}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe O87 - FAEL: "{486F413B-BDB8-4597-8AAA-5C47C6F1C0D3}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{DAA43D76-3087-4B28-A782-E16DE41E5FF2}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "TCP Query User{F509ED41-C30E-408D-AF50-D8C6A4F34492}E:\x-plane 10.10\x-plane.exe" |In - Public - P6 - TRUE | .(...) -- E:\x-plane 10.10\x-plane.exe (.not file.) O87 - FAEL: "UDP Query User{03096F0C-8397-4B85-B963-A23663CA1F21}E:\x-plane 10.10\x-plane.exe" |In - Public - P17 - TRUE | .(...) -- E:\x-plane 10.10\x-plane.exe (.not file.) O87 - FAEL: "{C48662B4-6CCD-46A7-8995-34EACCA60114}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe O87 - FAEL: "{A5492A0D-BB23-4F98-A427-DDBBD46ED760}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Update Client.) -- C:\Program Files\HP\hp software update\hpwucli.exe O87 - FAEL: "{C5E91AD6-381B-4D06-85E4-BC2836BAE8FB}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "{AA880DE4-D633-4CBE-AB8E-1B541690E9EA}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "TCP Query User{47EBB818-100C-4FE2-B67D-BB950D21ED9C}E:\x-plane 9\x-plane.exe" | In - Public - P6 - TRUE | .(...) -- E:\x-plane 9\x-plane.exe O87 - FAEL: "UDP Query User{485CF832-350E-4AC7-BF4F-37B0B6806C9F}E:\x-plane 9\x-plane.exe" | In - Public - P17 - TRUE | .(...) -- E:\x-plane 9\x-plane.exe ~ Scan Firewall in 00mn 03s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 24/10/2012 3084176 | (a2AntiMalware) . (.Emsisoft GmbH.) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SS - | Auto 25/10/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 25/10/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SR - | Demand 14/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe SR - | Auto 01/09/2012 14904 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Auto 19/06/2012 462088 | (Intel® Capability Licensing Service Interface) . (.Intel® Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe SR - | Auto 06/09/2012 112968 | (Intel® PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe SS - | Demand 09/09/2012 821648 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 19/07/2012 166720 | (jhi_service) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe SR - | Auto 19/07/2012 277824 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe SS - | Demand 28/10/2012 312264 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe SS - | Demand 0 | (MEMSWEEP2) . (...) - C:\Windows\system32\3B3B.tmp SR - | Auto 14/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 03/10/2012 645992 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SS - | Auto 03/10/2012 1258856 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe SR - | Auto 14/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 02/10/2012 382824 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SR - | Auto 19/07/2012 365376 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Scan Services in 00mn 04s End of the scan (1246 lines in 02mn 47s)(0) Merci pour votre aide.