Help! gros virus!
Résolu/Fermé
letitititi
-
14 sept. 2011 à 11:24
2011N2 Messages postés 13352 Date d'inscription samedi 29 janvier 2011 Statut Contributeur sécurité Dernière intervention 24 décembre 2016 - 30 sept. 2011 à 23:19
2011N2 Messages postés 13352 Date d'inscription samedi 29 janvier 2011 Statut Contributeur sécurité Dernière intervention 24 décembre 2016 - 30 sept. 2011 à 23:19
A voir également:
- Trolltech registry
- Svchost.exe virus - Guide
- Faux message virus iphone - Forum iPhone
- Operagxsetup virus ✓ - Forum Virus
- Produkey virus ✓ - Forum Windows 10
- Youtu.be virus - Guide
45 réponses
2011N2
Messages postés
13352
Date d'inscription
samedi 29 janvier 2011
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
917
Modifié par 2011N2 le 14/09/2011 à 13:03
Modifié par 2011N2 le 14/09/2011 à 13:03
Salut Mak' ;)
Ok.
@letititi, fais ça, si tu peux, sinon on essaye autre chose :
* Télécharger sur le bureau RogueKiller : https://www.luanagames.com/index.fr.html
* Quitter tous les programmes en cours.
* Sous Vista/Seven, clic droit => Éxécuter en tant qu'administrateur.
* Sinon lancer simplement RogueKiller.exe
* Lorsque demandé, tapez 1 et valider.
* Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), colle son contenu dans la réponse sur le forum.
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe
Si tu as des questions, n'hésite pas à me les poser !
Ensuite enchaîne avec ça :
- Télécharge TDSSKiller : https://support.kaspersky.com/downloads/utils/tdsskiller.zip
- Lance-le (Utilisateurs de Vista/Seven => Clic droit puis "Exécuter en tant que administrateur")
L'outil va télécharger automatiquement la dernière version de TDSSKiller puis lancera une analyse.
Patiente pendant le scan. À la fin de l'analyse, appuie sur une touche de ton choix. Un rapport va s'ouvrir.
- Copie/Colle son contenu dans ta prochaine réponse sur le forum.
N.B : Le rapport se trouve également sous C:\tdsskiller.txt.
Si tu as des questions sur l'utilisation de TDSSkiller, n'hésite pas à me les poser !
@+
Gabriel.
Développement ToolbarShooter
Ok.
@letititi, fais ça, si tu peux, sinon on essaye autre chose :
* Télécharger sur le bureau RogueKiller : https://www.luanagames.com/index.fr.html
* Quitter tous les programmes en cours.
* Sous Vista/Seven, clic droit => Éxécuter en tant qu'administrateur.
* Sinon lancer simplement RogueKiller.exe
* Lorsque demandé, tapez 1 et valider.
* Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), colle son contenu dans la réponse sur le forum.
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe
Si tu as des questions, n'hésite pas à me les poser !
Ensuite enchaîne avec ça :
- Télécharge TDSSKiller : https://support.kaspersky.com/downloads/utils/tdsskiller.zip
- Lance-le (Utilisateurs de Vista/Seven => Clic droit puis "Exécuter en tant que administrateur")
L'outil va télécharger automatiquement la dernière version de TDSSKiller puis lancera une analyse.
Patiente pendant le scan. À la fin de l'analyse, appuie sur une touche de ton choix. Un rapport va s'ouvrir.
- Copie/Colle son contenu dans ta prochaine réponse sur le forum.
N.B : Le rapport se trouve également sous C:\tdsskiller.txt.
Si tu as des questions sur l'utilisation de TDSSkiller, n'hésite pas à me les poser !
@+
Gabriel.
Développement ToolbarShooter
2011N2
Messages postés
13352
Date d'inscription
samedi 29 janvier 2011
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
917
14 sept. 2011 à 11:53
14 sept. 2011 à 11:53
Salut,
Bienvenue sur Comment Ça Marche. On va essayer de résoudre ton problème ensemble. Voici quelques régles ==>
-Ici, les helpers sont volontaires, et nous avons également une vie de famille, du travail, comme tout le monde. En conséquences, sois patient en attendant tes réponses de la part du helper.
-Suis la procédure jusqu'au bout, sinon ça ne servira à rien.
-Ne panique pas, n'hésite pas à poser des questions si tu as des doutes, car c'est beaucoup mieux que de planter ton PC si tu ne sais pas quoi faire.
-Avant d'effectuer des manipulations, lis la procédure jusqu'au bout, afin de ne pas faire d'erreur.
-Lors de la désinfection, désactive ton antivirus, afin que la désinfection puisse s'effectuer normalement.
-Si tu es sous Vista/7, éxécute un programme toujours en faisant un clic droit puis ==> Éxécuter en tant qu'administrateur
-Si tu crack (Emule, BiTorrent, etc...) arrête tout de suite, c'est une source d'infection, et la désinfection sera donc inutile.
-N'ouvre pas d'autres sujets pour le même problème (que ce soit sur ce forum ou sur un autre).
Si tu es prêt, c'est partit ==>
J'espère que tu peux encore écrire^^
On va faire un diagnostic de ton PC pour plus de renseignements ==>
=> Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
ou :
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
=> Laisse toi guider lors de l'installation, coche "Ajouter une icône sur le bureau" et décoche la case "Exécuter ZHPDiag".
/!\Utilisateur de Vista et Seven/!\ : Clic droit sur le logo de ZHPdiag (parchemin) puis « Exécuter en tant qu'Administrateur »
=> Clique sur l'icône, en haut à gauche, représentant une loupe : « Lancer le diagnostic ».
=> Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette.
=> Héberge le rapport ZHPDiag.txt sur un des sites ci-dessous, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
https://www.cjoint.com/
ou
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
http://pjjoint.malekal.com/
ou :
https://www.casimages.com/
Si tu as besoin d'aide, ou quelque chose n'est pas clair, n'hésite pas à poser la question.
Merci,
Gabriel.
Bienvenue sur Comment Ça Marche. On va essayer de résoudre ton problème ensemble. Voici quelques régles ==>
-Ici, les helpers sont volontaires, et nous avons également une vie de famille, du travail, comme tout le monde. En conséquences, sois patient en attendant tes réponses de la part du helper.
-Suis la procédure jusqu'au bout, sinon ça ne servira à rien.
-Ne panique pas, n'hésite pas à poser des questions si tu as des doutes, car c'est beaucoup mieux que de planter ton PC si tu ne sais pas quoi faire.
-Avant d'effectuer des manipulations, lis la procédure jusqu'au bout, afin de ne pas faire d'erreur.
-Lors de la désinfection, désactive ton antivirus, afin que la désinfection puisse s'effectuer normalement.
-Si tu es sous Vista/7, éxécute un programme toujours en faisant un clic droit puis ==> Éxécuter en tant qu'administrateur
-Si tu crack (Emule, BiTorrent, etc...) arrête tout de suite, c'est une source d'infection, et la désinfection sera donc inutile.
-N'ouvre pas d'autres sujets pour le même problème (que ce soit sur ce forum ou sur un autre).
Si tu es prêt, c'est partit ==>
J'espère que tu peux encore écrire^^
On va faire un diagnostic de ton PC pour plus de renseignements ==>
=> Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
ou :
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
=> Laisse toi guider lors de l'installation, coche "Ajouter une icône sur le bureau" et décoche la case "Exécuter ZHPDiag".
/!\Utilisateur de Vista et Seven/!\ : Clic droit sur le logo de ZHPdiag (parchemin) puis « Exécuter en tant qu'Administrateur »
=> Clique sur l'icône, en haut à gauche, représentant une loupe : « Lancer le diagnostic ».
=> Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette.
=> Héberge le rapport ZHPDiag.txt sur un des sites ci-dessous, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
https://www.cjoint.com/
ou
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
http://pjjoint.malekal.com/
ou :
https://www.casimages.com/
Si tu as besoin d'aide, ou quelque chose n'est pas clair, n'hésite pas à poser la question.
Merci,
Gabriel.
2011N2
Messages postés
13352
Date d'inscription
samedi 29 janvier 2011
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
917
14 sept. 2011 à 12:03
14 sept. 2011 à 12:03
Pourquoi ne fais-tu pas ce que j'ai demandé ?
@+
Gabriel.
@+
Gabriel.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
2011N2
Messages postés
13352
Date d'inscription
samedi 29 janvier 2011
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
917
14 sept. 2011 à 12:57
14 sept. 2011 à 12:57
Je ne peut rien faire pour toi là...
Tu peux éxécuter des programmes ?
@+
Gabriel.
Tu peux éxécuter des programmes ?
@+
Gabriel.
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 631
14 sept. 2011 à 12:58
14 sept. 2011 à 12:58
ça va pas marcher (ZHPDiag va se fermer), je pense, il doit avoir Zaccess.
RogueKiller V5.3.4 [30/08/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur: Laetitia [Droits d'admin]
Mode: Recherche -- Date : 14/09/2011 13:19:35
Processus malicieux: 0
Entrees de registre: 1
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
Fichiers / Dossiers particuliers:
Fichier HOSTS:
127.0.0.1 localhost
Termine : << RKreport[1].txt >>
RKreport[1].txt
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur: Laetitia [Droits d'admin]
Mode: Recherche -- Date : 14/09/2011 13:19:35
Processus malicieux: 0
Entrees de registre: 1
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
Fichiers / Dossiers particuliers:
Fichier HOSTS:
127.0.0.1 localhost
Termine : << RKreport[1].txt >>
RKreport[1].txt
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 1.0.2.69 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤
~ Mis à jour le 24/08/2011 | 13.50 par g3n-h@ckm@n
~ Informations : http://www.forum-fec.net/t1444-pre_scan-versions
~ Remontées : http://www.forum-fec.net/t1445-feedback-pre_scan
~ Utilisateur : Laetitia (Administrateurs)
~ Ordinateur : PC-DE-LAETITIA
~ Système d'exploitation : Windows Vista (TM) Home Basic (32 bits) HomeBasic Service Pack 2
~ Enregistré sous : Laetitia
~ Enregistré sous : Hewlett-Packard
~ Processeur : Pentium(R) Dual-Core CPU T4200 @ 2.00GHz
~ Identification : x86 Family 6 Model 23 Stepping 10
Internet Explorer : 9.0.8112.16421
Mozilla Firefox : 6.0.2 (fr)
Pare-feu windows : Actif
Windows Defender : Actif
c:\ -> [Fixed] | [] | Total : 295150 Mo | Free : 184240 Mo -> NTFS
d:\ -> [Fixed] | [RECOVERY] | Total : 10090 Mo | Free : 1770 Mo -> NTFS
e:\ -> [CDROM] | [] | Total : 0 Mo | Free : 0 Mo ->
h:\ -> [Removable] | [] | Total : 1940 Mo | Free : 1860 Mo -> FAT
Scan : 13:14:20 | 14/09/2011
¤¤¤¤¤¤¤¤¤¤ Sessions
~ [HKLM | ProfileList] | S-1-5-21-3319297030-3672419197-3718716493-1000 : ProfileImagePath -> C:\Users\Laetitia
~ [HKLM | ProfileList] | S-1-5-21-3319297030-3672419197-3718716493-1000 : RefCount -> 6
~ [HKLM | ProfileList] | S-1-5-21-3319297030-3672419197-3718716493-1000 : State -> 0
~ [HKLM | ProfileList] | S-1-5-21-3319297030-3672419197-3718716493-1002 : ProfileImagePath -> C:\Users\postgres
~ [HKLM | ProfileList] | S-1-5-21-3319297030-3672419197-3718716493-1002 : RefCount -> 0
~ [HKLM | ProfileList] | S-1-5-21-3319297030-3672419197-3718716493-1002 : State -> 0
¤¤¤¤¤¤¤¤¤¤ Processus en cours
Demarrage : Normal
400 | C:\Windows\System32\smss.exe - SYSTEM - Normal - \SystemRoot\System32\smss.exe - 4
532 | C:\Windows\system32\csrss.exe - SYSTEM - Normal - C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 - 520
576 | C:\Windows\system32\wininit.exe - SYSTEM - High - wininit.exe - 520
584 | C:\Windows\system32\csrss.exe - SYSTEM - Normal - C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 - 568
620 | C:\Windows\system32\services.exe - SYSTEM - Normal - C:\Windows\system32\services.exe - 576
632 | C:\Windows\system32\lsass.exe - SYSTEM - Normal - C:\Windows\system32\lsass.exe - 576
640 | C:\Windows\system32\lsm.exe - SYSTEM - Normal - C:\Windows\system32\lsm.exe - 576
728 | C:\Windows\system32\winlogon.exe - SYSTEM - High - winlogon.exe - 568
820 | C:\Windows\system32\svchost.exe - SYSTEM - Normal - C:\Windows\system32\svchost.exe -k DcomLaunch - 620
892 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k rpcss - 620
944 | C:\Windows\System32\svchost.exe - SYSTEM - Normal - C:\Windows\System32\svchost.exe -k secsvcs - 620
1028 | C:\Windows\System32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted - 620
1072 | C:\Windows\System32\svchost.exe - SYSTEM - Normal - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted - 620
1108 | C:\Windows\system32\svchost.exe - SYSTEM - Normal - C:\Windows\system32\svchost.exe -k netsvcs - 620
1132 | C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe - SYSTEM - Normal - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe - 620
1340 | C:\Windows\system32\svchost.exe - SYSTEM - Normal - C:\Windows\system32\svchost.exe -k GPSvcGroup - 620
1360 | C:\Windows\system32\SLsvc.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\SLsvc.exe - 620
1384 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalService - 620
1564 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k NetworkService - 620
1820 | C:\Windows\System32\spoolsv.exe - SYSTEM - Normal - C:\Windows\System32\spoolsv.exe - 620
1848 | C:\Program Files\Avira\AntiVir Desktop\sched.exe - SYSTEM - Normal - "C:\Program Files\Avira\AntiVir Desktop\sched.exe" - 620
1864 | C:\Windows\system32\taskeng.exe - Laetitia - Normal - taskeng.exe {0E163EF6-16B4-46CD-A2F4-C4C9B6820B85} - 1108
1916 | C:\Windows\system32\Dwm.exe - Laetitia - High - "C:\Windows\system32\Dwm.exe" - 1072
1980 | C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe - Laetitia - Normal - "C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe" - 1864
200 | C:\Windows\system32\taskeng.exe - Laetitia - Normal - taskeng.exe {0F39326B-90B1-4B09-B79C-6AC6BFBF1082} - 1108
536 | C:\Windows\System32\igfxtray.exe - Laetitia - Normal - "C:\Windows\System32\igfxtray.exe" - 1956
520 | C:\Windows\System32\hkcmd.exe - Laetitia - Normal - "C:\Windows\System32\hkcmd.exe" - 1956
704 | C:\Windows\System32\igfxpers.exe - Laetitia - Normal - "C:\Windows\System32\igfxpers.exe" - 1956
568 | C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - Laetitia - Above Normal - "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" - 1956
1372 | C:\Windows\system32\igfxsrvc.exe - Laetitia - Normal - C:\Windows\system32\igfxsrvc.exe -Embedding - 820
1572 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork - 620
1680 | C:\Program Files\Windows Defender\MSASCui.exe - Laetitia - Normal - "C:\Program Files\Windows Defender\MSASCui.exe" -hide - 1956
1332 | C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe - Laetitia - Normal - "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" - 1956
2076 | C:\Program Files\Common Files\Java\Java Update\jusched.exe - Laetitia - Normal - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" - 1956
2084 | C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe - Laetitia - Normal - "C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe" - 1956
2212 | C:\Program Files\HP\HP Software Update\hpwuschd2.exe - Laetitia - Normal - "C:\Program Files\HP\HP Software Update\hpwuschd2.exe" - 1956
2228 | C:\Program Files\Avira\AntiVir Desktop\avgnt.exe - Laetitia - Normal - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min - 1956
2280 | C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe - SYSTEM - Normal - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe - 620
2296 | C:\Program Files\Avira\AntiVir Desktop\avguard.exe - SYSTEM - Normal - "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" - 620
2312 | C:\Windows\system32\svchost.exe - SYSTEM - Normal - C:\Windows\system32\svchost.exe -k apphost - 620
2380 | C:\Program Files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe - SYSTEM - Normal - "C:\Program Files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe" -k runservice - 620
2492 | C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe - Laetitia - Normal - "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background - 1956
2500 | C:\Program Files\Avira\AntiVir Desktop\avshadow.exe - SYSTEM - Normal - "C:\Program Files\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000008f8 - 2296
2584 | C:\Program Files\Common Files\LightScribe\LSSrvc.exe - SYSTEM - Normal - "C:\Program Files\Common Files\LightScribe\LSSrvc.exe" - 620
2612 | C:\Windows\System32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\System32\svchost.exe -k HPZ12 - 620
2652 | C:\Windows\System32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\System32\svchost.exe -k HPZ12 - 620
2676 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted - 620
2712 | C:\Program Files\SMINST\BLService.exe - SYSTEM - Normal - "C:\Program Files\SMINST\BLService.exe" - 620
2736 | C:\Program Files\CyberLink\Shared files\RichVideo.exe - SYSTEM - Normal - "C:\Program Files\CyberLink\Shared files\RichVideo.exe" - 620
2848 | C:\Windows\System32\tcpsvcs.exe - SERVICE LOCAL - Normal - C:\Windows\System32\tcpsvcs.exe - 620
2864 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k imgsvc - 620
2912 | C:\Windows\system32\svchost.exe - SYSTEM - Normal - C:\Windows\system32\svchost.exe -k iissvcs - 620
2940 | C:\Windows\System32\svchost.exe - SYSTEM - Normal - C:\Windows\System32\svchost.exe -k WerSvcGroup - 620
2992 | C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - SYSTEM - Normal - "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" - 620
3076 | C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe - Laetitia - Normal - "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe" - 2492
3144 | C:\Windows\system32\SearchIndexer.exe - SYSTEM - Normal - C:\Windows\system32\SearchIndexer.exe /Embedding - 620
3272 | C:\Program Files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe - SYSTEM - Normal - "C:\Program Files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe" -d "C:/Program Files/PostgreSQL/EnterpriseDB-ApachePhp/apache" - 2380
3908 | C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe - SYSTEM - Normal - "C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe" - 620
4056 | C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe - SYSTEM - Normal - WLIDSvcM.exe 2992 - 2992
2844 | C:\Windows\system32\wbem\wmiprvse.exe - SYSTEM - Normal - C:\Windows\system32\wbem\wmiprvse.exe - 820
3624 | C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe - Laetitia - Normal - "C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding - 820
2240 | C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - Laetitia - Above Normal - "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" - 568
1488 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation - 620
2972 | C:\Windows\system32\SearchProtocolHost.exe - SYSTEM - Idle - "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" - 3144
1324 | C:\Windows\system32\conime.exe - Laetitia - Normal - C:\Windows\system32\conime.exe - 3604
2968 | c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe - SYSTEM - Normal - "c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe" - 620
4328 | C:\Program Files\Windows Live\Mail\wlmail.exe - Laetitia - Normal - "C:\Program Files\Windows Live\Mail\wlmail.exe" - 1956
4560 | C:\Program Files\Windows Live\Contacts\wlcomm.exe - Laetitia - Normal - "C:\Program Files\Windows Live\Contacts\wlcomm.exe" -Embedding - 820
4984 | C:\Program Files\ZHPDiag\ZHPDiag.exe - Laetitia - Normal - "C:\Program Files\ZHPDiag\ZHPDiag.exe" - 1956
5856 | C:\Windows\system32\SearchFilterHost.exe - SYSTEM - Idle - "C:\Windows\system32\SearchFilterHost.exe" 0 620 624 632 65536 628 - 3144
4892 | C:\Users\Laetitia\Desktop\Pre_scan.exe - Laetitia - High - "C:\Users\Laetitia\Desktop\Pre_scan.exe" - 4960
4280 | C:\Windows\system32\cmd.exe - Laetitia - Normal - cmd /c ""C:\Kill'em\Pv.bat" " - 4892
4104 | C:\Kill'em\Pv.exe - Laetitia - Normal - C:\Kill'em\pv.exe -o"%i | %f - %u - %p - %l - %r" - 4280
¤¤¤¤¤¤¤¤¤¤ Démarrage principaux avant suppression
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Sony Ericsson PC Companion"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
"Vidalia"="C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
"RegistryBooster"="C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [28/10/2008|10:43:56]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [28/10/2008|10:43:30]
"Persistence"=C:\Windows\system32\igfxpers.exe [28/10/2008|10:43:34]
"SynTPEnh"=%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
"UpdatePSTShortCut"="C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
"UpdateP2GoShortCut"="C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
"UpdatePDIRShortCut"="C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [09/10/2008|08:58:56]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [08/12/2008|12:25:24]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [20/04/2011|12:48:18]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"WHITNEY_S2P"=C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe [10/12/2009|21:35:40]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [18/06/2009|21:34:13]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [12/01/2011|12:21:34]
""=
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [?]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter [?]
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [?]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter [?]
¤¤¤¤¤¤¤¤¤¤ Autres Démarrages Silencieux
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] | Adobe Reader Speed Launcher -> "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Free Download Manager] | Free Download Manager -> "C:\Program Files\Free Download Manager\fdm.exe" -autorun
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPAdvisor] | HPAdvisor -> C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] | iTunesHelper -> "C:\Program Files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel] | LightScribe Control Panel -> C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Messenger Update] | Messenger Update -> msnmsgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr] | msnmsgr -> "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QlbCtrl.exe] | QlbCtrl.exe -> C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QPService] | QPService -> "C:\Program Files\HP\QuickPlay\QPService.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] | QuickTime Task -> "C:\Program Files\QuickTime\QTTask.exe" -atboottime
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VeohPlugin] | VeohPlugin -> "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
¤
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] | {E54729E8-BB3D-4270-9D49-7389EA579090} -> EasyBits Security Shield Hook - prevents launching insecure programs by kids
¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar]
"{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC}"=Veoh Web Player Video Finder
"{52836EB0-631A-47B1-94A6-61F9D9112DAE}"=Veoh Video Compass
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=0x00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] | {8C7461EF-2B13-11d2-BE35-3078302C2030} -> Component Categories cache daemon
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnhancedStorageShell]
¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"=Microsoft Data Link
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=Computers and Devices
"{E7DE9B1A-7533-4556-9484-B26FB486475E}"=
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"=MMC Icon Handler
"{08165EA0-E946-11CF-9C87-00AA005127ED}"=WebCheckWebCrawler
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"=Code Download Agent
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"=WebCheck SyncMgr Handler
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"=Subscription Mgr
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"=WebCheck
"{F5175861-2688-11d0-9C5E-00AA00A45957}"=Subscription Folder
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"=Network Connections
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"=Network Connections
"{4A1E5ACD-A108-4100-9E26-D2FAFA1BA486}"=IGD Property Sheet Handler
"{92dbad9f-5025-49b0-9078-2d78f935e341}"=Microsoft Windows Mail Html Preview Handler
"{b9815375-5d7f-4ce2-9245-c9d4da436930}"=Microsoft Windows Mail Html Preview Handler
"{f8b8412b-dea3-4130-b36c-5e8be73106ac}"=Microsoft Windows Mail Html Preview Handler
"{5FA29220-36A1-40f9-89C6-F4B384B7642E}"=Shell Message Handler
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"=Shell DocObject Viewer
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"=InternetShortcut
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"=Microsoft Url History Service
"{FF393560-C2A7-11CF-BFF4-444553540000}"=History
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"=Temporary Internet Files
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"=Temporary Internet Files
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=Microsoft Url Search Hook
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"=The Internet
"{73CFD649-CD48-4fd8-A272-2070EA56526B}"=IE BandProxy
"{07C45BB1-4A8C-4642-A1F5-237E7215FF66}"=IE Microsoft BrowserBand
"{43886CD5-6529-41c4-A707-7B3C92C05E68}"=IE Navigation Bar
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"=IE Search Band
"{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E}"=IE Registry Tree Options Utility
"{3028902F-6374-48b2-8DC6-9725E775B926}"=IE AutoComplete
"{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8}"=IE MRU AutoComplete List
"{FDE7673D-2E19-4145-8376-BBD58C4BC7BA}"=IE Custom MRU AutoCompleted List
"{6038EF75-ABFC-4e59-AB6F-12D397F6568D}"=IE Microsoft History AutoComplete List
"{9D958C62-3954-4b44-8FAB-C4670C1DB4C2}"=IE Microsoft Shell Folder AutoComplete List
"{B31C5FAE-961F-415b-BAF0-E697A5178B94}"=IE Microsoft Multiple AutoComplete List Container
"{E6EE9AAC-F76B-4947-8260-A9F136138E11}"=IE Shell Band Site Menu
"{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A}"=IE Shell Rebar BandSite
"{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75}"=IE User Assist
"{4B78D326-D922-44f9-AF2A-07805C2A3560}"=IE Menu Band
"{6CF48EF8-44CD-45d2-8832-A16EA016311B}"=IE IShellFolderBand
"{F2CF5485-4E02-4f68-819C-B92DE9277049}"=&Links
"{1C1EDB47-CE22-4bbb-B608-77B48F83C823}"=IE Fade Task
"{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE}"=IE Tracking Shell Menu
"{44C76ECD-F7FA-411c-9929-1B77BA77F524}"=IE Menu Site
"{205D7A97-F16D-4691-86EF-F3075DCCA57D}"=IE Menu Desk Bar
"{871C5380-42A0-1069-A2EA-08002B30309D}"=Internet Name Space
"{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E}"=IE RSS Feeder Folder
"{8856f961-340a-11d0-a96b-00c04fd705a2}"=Microsoft Web Browser
"{3050f3d9-98b5-11cf-bb82-00aa00bdce0b}"=MSHTML Document
"{25336920-03f9-11cf-8fd0-00aa00686f13}"=HTML Document
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"=Mail Service
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"=Desktop Shortcut
"{00020d75-0000-0000-c000-000000000046}"=lnkfile
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"=Web Publishing Wizard
"{add36aa8-751a-4579-a266-d66f5202ccbb}"=Print Ordering via the Web
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"=Shell Publishing Wizard Object
"{176d6597-26d3-11d1-b350-080036a75b03}"=ICM Scanner Management
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"=ICM Monitor Management
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"=ICM Printer Management
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"=ICC Profile
"{b2c761c6-29bc-4f19-9251-e6195265baf1}"=Color Control Panel Applet
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"=Directory Property UI
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"=Directory Context Menu Verbs
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"=Directory Query UI
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"=Shell properties for a DS object
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"=Directory Object Find
"{F020E586-5264-11d1-A532-0000F8757D7E}"=Directory Start/Search Find
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"=Printers Security Page
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"=NTFS Security Page
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"=Shell extensions for sharing
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"=Shell extensions for sharing
"{77597368-7b15-11d0-a0c2-080036af3f03}"=Web Printer Shell Extension
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"=DS Security Page
"{41E300E0-78B6-11ce-849B-444553540000}"=PlusPack CPL Extension
"{74246bfc-4c96-11d0-abef-0020af6b0b7a}"=Device Manager
"{7A979262-40CE-46ff-AEEE-7884AC3B6136}"=Add New Hardware
"{7b81be6a-ce2b-4676-a29e-eb907a5126c5}"=Programs and Features
"{15eae92e-f17a-4431-9f28-805e482dafd4}"=Install New Programs
"{d450a8a1-9568-45c7-9c0e-b4f9fb4537bd}"=Installed Updates
"{ceefea1b-3e29-4ef1-b34c-fec79c4f70af}"=New Shortcut Wizard
"{0BFCF7B7-E7B6-433a-B205-2904FCF040DD}"=New Shortcut Wizard Modal
"{CFCCC7A0-A282-11D1-9082-006008059382}"=Darwin App Publisher
"{3e7efb4c-faf1-453d-89eb-56026875ef90}"=Get Programs Online
"{59099400-57FF-11CE-BD94-0020AF85B590}"=Disk Copy Extension
"{ECF03A32-103D-11d2-854D-006008059367}"=MyDocs Drop Target
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"=MyFolder Properties
"{44f3dab6-4392-4186-bb7b-6282ccb7a9f6}"=MyDocuments menu and properties
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"=Taskbar and Start Menu
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"=Search
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"=Help and Support
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"=Help and Support
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"=Run...
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"=Internet
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"=E-mail
"{2559a1f6-21d7-11d4-bdaf-00c04f60b9f0}"=Start Menu OEM Command
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"=Set Program Access and Defaults
"{3080F90D-D7AD-11D9-BD98-0000947B0257}"=Show Desktop
"{3080F90E-D7AD-11D9-BD98-0000947B0257}"=Window Switcher
"{eb124705-128b-40d4-8dd8-d93ed12589a4}"=WPL property store
"{3c2654c6-7372-4f6b-b310-55d6128f49d2}"=Alphabetical Categorizer
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"=Summary Info Thumbnail handler (DOCFILES)
"{708e1662-b832-42a8-bbe1-0a77121e3908}"=Tree property value folder
"{71f96385-ddd6-48d3-a0c1-ae06e8b055fb}"=Explorer Browser
"{b2952b16-0e07-4e5a-b993-58c52cb94cae}"=Search Folders
"{437ff9c0-a07f-4fa0-af80-84b6c6440a16}"=Command Folder
"{90f8c90b-04e0-4e92-a186-e6e9c125d664}"=Property Labels
"{1b24a030-9b20-49bc-97ac-1be4426f9e59}"=ActiveDirectory Folder
"{34449847-FD14-4fc8-A75A-7432F5181EFB}"=ActiveDirectory Folder
"{C8494E42-ACDD-4739-B0FB-217361E4894F}"=Sam Account Folder
"{E29F9716-5C08-4FCD-955A-119FDB5A522D}"=Sam Account Folder
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"=Fonts
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"=Administrative Tools
"{b155bdf8-02f0-451e-9a26-ae317cfd7779}"=nethood delegate folder
"{DFFACDC5-679F-4156-8947-C5C76BC0B67F}"=users files delegate folder
"{ed50fc29-b964-48a9-afb3-15ebb9b97f36}"=printhood delegate folder
"{328B0346-7EAF-4BBE-A479-7CB88A095F5B}"=Layout Folder
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=Control Panel command object for Start menu
"{E44E5D18-0652-4508-A4E2-8A090067BCB0}"=Default Programs command object for Start menu
"{4336a54d-038b-4685-ab02-99bb52d3fb8b}"=Public Folder
"{00021401-0000-0000-C000-000000000046}"=Shortcut
"{C73F6F30-97A0-4AD1-A08F-540D4E9BC7B9}"=Search Folder
"{0AFCCBA6-BF90-4A4E-8482-0AC960981F5B}"=.fon, .otf, .ttc or .ttf files
"{66742402-F9B9-11D1-A202-0000F81FEDEE}"=.cpl, .dll, .exe, .ocx, .rll or .sys files
"{D34A6CA6-62C2-4C34-8A7C-14709C1AD938}"=Common Places Folder
"{865e5e76-ad83-4dca-a109-50dc2113ce9a}"=Programs Folder and Fast Items
"{21ec2020-3aea-1069-a2dd-08002b30309d}"=Control Panel
"{25585dc7-4da0-438d-ad04-e42c8d2d64b9}"=Client application shell extension
"{6dfd7c5c-2451-11d3-a299-00c04f8ef6af}"=Folder Options
"{a42c2ccb-67d3-46fa-abe6-7d2f3488c7a3}"=Microsoft Windows RTF Preview Handler
"{1531d583-8375-4d3f-b5fb-d23bbd169f22}"=Window TXT Preview Handler
"{97e467b4-98c6-4f19-9588-161b7773d6f6}"=Office Document Property Handler
"{88C6C381-2E85-11D0-94DE-444553540000}"=ActiveX Cache Folder
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"=Microsoft Internet Toolbar
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"=Microsoft BrowserBand
"{056440FD-8568-48e7-A632-72157243B55B}"=Explorer Navigation Bar
"{C4EC38BD-4E9E-4b5e-935A-D1BFF237D980}"=Explorer Travel Band
"{6D8BB3D3-9D87-4a91-AB56-4F30CFFEFE9F}"=Explorer Search Band
"{2C2577C2-63A7-40e3-9B7F-586602617ECB}"=Explorer Query Band
"{21569614-B795-46b1-85F4-E737A8DC09AD}"=Search Band
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"=In-pane search
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"=Registry Tree Options Utility
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"=&Address
"{a542e116-8088-4146-a352-b0d06e7f6af6}"=Address EditBox
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"=BandProxy
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"=Microsoft AutoComplete
"{596742A5-1393-4e13-8765-AE1DF71ACAFB}"=Microsoft Breadcrumb Bar
"{6756A641-DE71-11d0-831B-00AA005B4383}"=MRU AutoComplete List
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"=Custom MRU AutoCompleted List
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"=Microsoft History AutoComplete List
"{03C036F1-A186-11D0-824A-00AA005B4383}"=Microsoft Shell Folder AutoComplete List
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"=Microsoft Multiple AutoComplete List Container
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"=Shell Band Site Menu
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"=Shell DeskBarApp
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"=Shell Rebar BandSite
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"=User Assist
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"=Global Folder Settings
"{fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}"=Search Control
"{4d5c8c2a-d075-11d0-b416-00c04fb90376}"=Microsoft CommBand
"{DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}"=File Open Dialog
"{C0B4E2F3-BA21-4773-8DBA-335EC946EB8B}"=File Save Dialog
"{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}"=Shell Icon Handler for Application References
"{e82a2d71-5b2f-43a0-97b8-81be15854de8}"=ShellLink for Application References
"{92337A8C-E11D-11D0-BE48-00C04FC30DF6}"=OlePrn.PrinterURL
"{45670FA8-ED97-4F44-BC93-305082590BFB}"=Microsoft XPS Properties
"{44121072-A222-48f2-A58A-6D9AD51EBBE9}"=Microsoft XPS Thumbnail
"{38a98528-6cbf-4ca9-8dc0-b1e1d10f7b1b}"=View Available Networks
"{13D3C4B8-B179-4ebb-BF62-F704173E7448}"=Windows Contact Preview Handler
"{32714800-2E5F-11d0-8B85-00AA0044F941}"=For &People...
"{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48}"=Contacts folder
"{4F58F63F-244B-4c07-B29F-210BE59BE9B4}"=.group shell extension handler
"{8082C5E6-4C27-48ec-A809-B8E1122E8F97}"=.contact shell extension handler
"{16C2C29D-0E5F-45f3-A445-03E03F587B7D}"=group_wab_auto_file
"{CF67796C-F57F-45F8-92FB-AD698826C602}"=contact_wab_auto_file
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"=Crypto PKO Extension
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"=Crypto Sign Extension
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"=Compatibility Property Page
"{F0152790-D56E-4445-850E-4F3117DB740C}"=Remote Sessions CPL Extension
"{4026492f-2f69-46b8-b9bf-5654fc07e423}"=Windows Firewall
"{D555645E-D4F8-4c29-A827-D93C859C4F2A}"=
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"=Shell extensions for Windows Script Host
"{fcfeecae-ee1b-4849-ae50-685dcf7717ec}"=Problem Reports and Solutions
"{a304259d-52b8-4526-8b1a-a1d6cecc8243}"=iSCSI Initiator
"{8E908FC9-BECC-40f6-915B-F4CA0E70D03D}"=
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"=Microsoft Agent Character Property Sheet Handler
"{025A5937-A6BE-4686-A844-36FE4BEC8B6D}"=Microsoft Power Options
"{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}"=
"{ED834ED6-4B5A-4bfe-8F11-A626DCB6A921}"=
"{17cd9488-1228-4b2f-88ce-4298e93e0966}"=
"{60632754-c523-4b62-b45c-4172da012619}"=
"{9C60DE1E-E5FC-40f4-A487-460851A8D915}"=
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"=Display Adapter CPL Extension
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"=Display Monitor CPL Extension
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"=Display TroubleShoot CPL Extension
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"=OLE Docfile Property Page
"{11dbb47c-a525-400b-9e80-a54615a090c0}"=Execute Folder
"{90b9bce2-b6db-4fd3-8451-35917ea1081b}"=Search Execute Command
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"=Disk Quota UI
"{BD84B380-8CA2-1069-AB1D-08000948F534}"=Microsoft Windows Font Folder
"{2BC0DA0E-F1BC-43AB-B4B5-738EB6B51E7E}"=Microsoft Windows Font File Icon Handler
"{1a184871-359e-4f67-aad9-5b9905d62232}"=Microsoft Windows Font File Context Menu Handler
"{8a7cae0e-5951-49cb-bf20-ab3fa1e44b01}"=Microsoft Windows Font Previewer
"{63da6ec0-2e98-11cf-8d82-444553540000}"=FTP Folders Webview
"{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31}"=Compressed (zipped) Folder
"{BD472F60-27FA-11cf-B8B4-444553540000}"=Compressed (zipped) Folder Right Drag Handler
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"=Compressed (zipped) Folder SendTo Target
"{b8cdcb65-b1bf-4b42-9428-1dfdb7ee92af}"=Compressed (zipped) Folder Context Menu
"{ed9d80b9-d157-457b-9192-0e7280313bf0}"=Compressed (zipped) Folder Drop Handler
"{911051fa-c21c-4246-b470-070cd8df6dc4}"=.cab or .zip files
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=.CAB file viewer
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"=Shell extensions for Microsoft Windows Network objects
"{da67b8ad-e81b-4c70-9b91b417b5e33527}"=Windows Search Shell Service
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"=DfsShell.DfsShell Property Sheet
"{BC65FB43-1958-4349-971A-210290480130}"=Network Explorer Property Sheet Handler
"{d3e34b21-9d75-101a-8c3d-00aa001a1652}"=Bitmap Image
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"=Video Media Properties Handler
"{E598560B-28D5-46aa-A14A-8A3BEA34B576}"=Windows Photo Gallery Viewer Video Verbs
"{00f2886f-cd64-4fc9-8ec5-30ef6cdbe8c3}"=Microsoft.ScannersAndCameras
"{0a4286ea-e355-44fb-8086-af3df7645bd9}"=Windows Media Player
"{BB6B2374-3D79-41DB-87F4-896C91846510}"=EMDFileProperties
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"=Audio Media Properties Handler
"{89D83576-6BD1-4c86-9454-BEB04E94C819}"=MAPI Search Namespace Extension
"{7A0F6AB7-ED84-46B6-B47E-02AA159A152B}"=Sync Center Simple Conflict Presenter
"{9D687A4C-1404-41ef-A089-883B6FBECDE6}"=Windows Photo Gallery Viewer Autoplay Handler
"{BE122A0E-4503-11DA-8BDE-F66BAD1E3F3A}"=
"{60fd46de-f830-4894-a628-6fa81bc0190d}"=DropTarget Object for Photo Printing Wizard
"{37efd44d-ef8d-41b1-940d-96973a50e9e0}"=Windows Sidebar Properties
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"=Portable Media Devices
"{00f20eb5-8fd6-4d9d-b75e-36801766c8f1}"=PhotoAcqDropTarget
"{BC48B32F-5910-47F5-8570-5074A8A5636A}"=Sync Results Delegate Folder
"{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}"=Games Folder
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"=Windows Media Player Add to Playlist Context Menu Handler
"{E413D040-6788-4C22-957E-175D1C513A34}"=Sync Center Conflict Delegate Folder
"{67718415-c450-4f3c-bf8a-b487642dc39b}"=Windows Features
"{335a31dd-f04b-4d76-a925-d6b47cf360df}"=
"{91ADC906-6722-4B05-A12B-471ADDCCE132}"=Touch Band
"{7D4734E6-047E-41e2-AEAA-E763B4739DC4}"=Windows Media Player Play as Playlist Context Menu Handler
"{2781761E-28E0-4109-99FE-B9D127C57AFE}"=Windows Defender IOfficeAntiVirus implementation
"{96AE8D84-A250-4520-95A5-A47A7E3C548B}"=
"{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A}"=Windows Photo Gallery Viewer Image Verbs
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"=Windows Media Player Play as Playlist Context Menu Handler
"{4B534112-3AF6-4697-A77C-D62CE9B9E7CF}"=Sync Center Event Properties Extension
"{F1390A9A-A3F4-4E5D-9C5F-98F3BD8D935C}"=Sync Setup Delegate Folder
"{85BBD920-42A0-1069-A2E4-08002B30309D}"=Briefcase
"{4E5BFBF8-F59A-4e87-9805-1F9B42CC254A}"=GameUX.RichGameMediaThumbnail
"{d8559eb9-20c0-410e-beda-7ed416aecc2a}"=Windows Defender
"{576C9E85-1300-4EF5-BF6B-D00509F4EDCD}"=Sync Center Handler Properties Extension
"{5ea4f148-308c-46d7-98a9-49041b1dd468}"=Mobility Center Control Panel
"{289978AC-A101-4341-A817-21EBA7FD046D}"=Sync Center Conflict Folder
"{877ca5ac-cb41-4842-9c69-9136e42d47e2}"=File Backup Index
"{71D99464-3B6B-475C-B241-E15883207529}"=Sync Results Folder
"{B32D3949-ED98-4DBB-B347-17A144969BBA}"=Sync Center Item Properties Extension
"{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8}"=Portable Devices Menu
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"=Windows Media Player Burn Audio CD Context Menu Handler
"{2E9E59C0-B437-4981-A647-9C34B9B90891}"=Sync Setup Folder
"{58E3C745-D971-4081-9034-86E34B30836A}"=
"{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}"=Sync Center Folder
"{CB1B7F8C-C50A-4176-B604-9E24DEE8D4D1}"=Welcome Center
"{78F3955E-3B90-4184-BD14-5397C15F1EFC}"=
"{F04CC277-03A2-4277-96A9-77967471BDFF}"=Sync Center Conflict Properties Extension
"{53BEDF0B-4E5B-4183-8DC9-B844344FA104}"=Microsoft Windows MAPI Preview Handler
"{6b9228da-9c15-419e-856c-19e768a13bdc}"=Windows gadget DropTarget
"{8E25992B-373E-486E-80E5-BD23AE417E66}"=Sync Center Device Notification Sink
"{35786D3C-B075-49b9-88DD-029876E11C01}"=Portable Devices
"{031EE060-67BC-460d-8847-E4A7C5E45A27}"=Windows Media Player Rich Preview Handler
"{1FA9085F-25A2-489B-85D4-86326EEDCD87}"=Manage Wireless Networks
"{ECDD6472-2B9B-4b4b-AE36-F316DF3C8D60}"=RichGameMediaPropertyStore Class
"{BD7A2E7B-21CB-41b2-A086-B309680C6B7E}"=Client Side Cache Namespace Extension
"{8A734961-C4AA-4741-AC1E-791ACEBF5B39}"=Windows Media Player Shop Music Context Menu Handler
"{7A9D77BD-5403-11d2-8785-2E0420524153}"=User Accounts
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"=Video Thumbnail Extractor
"{28803F59-3A75-4058-995F-4EE5503B023C}"=Wireless Devices
"{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}"=Microsoft Office Metadata Handler
"{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}"=Microsoft Office Thumbnail Handler
"{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}"=Microsoft Office OneNote Namespace Extension for Windows Desktop Search
"{42042206-2D85-11D3-8CFF-005004838597}"=Microsoft Office HTML Icon Handler
"{7F67036B-66F1-411A-AD85-759FB9C5B0DB}"=ShellViewRTF
"{2F603045-309F-11CF-9774-0020AFD0CFF6}"=Synaptics Control Panel
"{11016101-E366-4D22-BC06-4ADA335C892B}"=IE History and Feeds Shell Data Source for Windows Search
"{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}"=Enhanced Storage Data Source
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"=WinRAR shell extension
"{52B87208-9CCF-42C9-B88E-069281105805}"=Trojan Remover Shell Extension
"{0563DB41-F538-4B37-A92D-4659049B7766}"=WLMD Message Handler
"{06A2568A-CED6-4187-BB20-400B8C02BE5A}"=
"{00F33137-EE26-412F-8D71-F84E4C2C6625}"=
"{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C}"=Windows Live Photo Gallery Autoplay Drop Target
"{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C}"=Windows Live Photo Gallery Viewer Drop Target
"{00F374B7-B390-4884-B372-2FC349F2172B}"=Windows Live Photo Gallery Editor Drop Target
"{00F346CB-35A4-465B-8B8F-65A29DBAB1F6}"=Windows Live Photo Gallery Viewer Drop Target Shim
"{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D}"=Windows Live Photo Gallery Editor Drop Target Shim
"{00F30F90-3E96-453B-AFCD-D71989ECC2C7}"=Windows Live Photo Gallery Autoplay Drop Target Shim
"{A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D}"=Sophos Anti-Virus Shell Extension
"{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"=Shell Extension for Malware scanning
¤¤¤¤¤¤¤¤¤¤ BHO
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] | (Skype add-on (mastermind)) -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [30/04/2008|15:56:10]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] | (Windows Live ID Sign-in Helper) -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [28/03/2011|20:35:06]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] | (Google Toolbar Helper) -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [25/11/2009|11:50:54]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] | (Google Toolbar Notifier BHO) -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [22/05/2011|20:41:11]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] | (FDMIECookiesBHO Class) -> C:\Program Files\Free Download Manager\iefdm2.dll [02/03/2009|12:41:52]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] | (Java(tm) Plug-In 2 SSV Helper) -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [12/04/2010|18:44:26]
¤¤¤¤¤¤¤¤¤¤ ActiveX
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] | WMPACCESS -> Microsoft Windows Media Player
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] | IEACCESS -> Internet Explorer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] | BRANDING.CAB -> Browser Customizations
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}] | JAVAVM -> Java (Sun)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] | -> LightScribe Control Panel
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}] | Director -> Macromedia Shockwave Director 10.1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] | ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] | -> Microsoft Windows Media Player 11.0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2A202491-F00D-11cf-87CC-0020AFEECF20}] | Director -> Macromedia Shockwave Director 10.1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] | Theme Component -> Themes Setup
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] | MobilePk -> Offline Browsing Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3C3901C5-3455-3E0A-A214-0B093A5070A6}] | .NETFramework -> .NET Framework
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] | MailNews -> Microsoft Windows Mail 7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] | ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] | DirectDrawEx -> DirectDrawEx
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] | HelpCont -> Internet Explorer Help
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] | MSVBScript -> Microsoft Windows Script 5.7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] | GenSetup -> Internet Explorer Setup Tools
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] | ExtraPack -> Browsing Enhancements
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] | Microsoft Windows Media Player -> Microsoft Windows Media Player
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] | MSN_Auth -> MSN Site Access
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] | -> Address Book 7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] | .NETFramework -> .NET Framework
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] | IE4_SHELLID -> Windows Desktop Update
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] | BASEIE40_W2K -> Web Platform Customizations
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] | DOTNETFRAMEWORKS ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] | Tridata -> Dynamic HTML Data Binding
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] | .NETFramework -> .NET Framework
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] | Fontcore -> Internet Explorer Core Fonts
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}] | Windows Movie Maker v2.1 ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}] | Flash -> Adobe Flash Player
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] | HTMLHelp -> HTML Help
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] | ADSI -> Active Directory Service Interface
¤¤¤¤¤¤¤¤¤¤ Windows
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=
"LoadAppInit_DLLs"=0
¤¤¤¤¤¤¤¤¤¤ Winlogon
¤
[HKLM | Winlogon] | Shell : explorer.exe
[HKLM | Winlogon] | AutoRestartShell : 1
[HKLM | Winlogon] | userinit : C:\Windows\system32\userinit.exe,
[HKLM | Winlogon] | PowerDownAfterShutdown : 1
[HKLM | Winlogon] | System :
[HKLM | Winlogon] | Taskman :
¤¤¤¤¤¤¤¤¤¤ Winlogon\Notify
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
¤¤¤¤¤¤¤¤¤¤ Associations
[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : comfile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : C:\Windows\explorer.exe
¤
[Firefox | Command] | @ : "C:\Program Files\Mozilla Firefox\Firefox.exe"
[Firefox - Safemode | Command] | @ : "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
[IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[Safari | Command] | @ : "C:\Program Files\Safari\Safari.exe"
[Assoc | Applications] | @ : http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s
¤¤¤¤¤¤¤¤¤¤ Divers
[HKLM | HideDesktopIcons\ClassicStartMenu] | {9343812e-1c37-4a49-a12e-4b2d810d956b} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {F02C1A0D-BE21-4350-88B0-7367FC96EF3C} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {208D2C60-3AEA-1069-A2D7-08002B30309D} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {871C5380-42A0-1069-A2EA-08002B30309D} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {9343812e-1c37-4a49-a12e-4b2d810d956b} : 0
[HKCU | Desktop] | Wallpaper : C:\Users\Laetitia\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
[HKLM | policies\Explorer] | NoDriveTypeAutoRun : 145
¤¤¤¤¤¤¤¤¤¤ Services
[Ndisuio] | Start : 3 : Actif
[Profsvc] | Start : 2 : Actif
[PlugPlay] | Start : 2 : Actif
[PEAUTH] | Start : 2 : Actif
[Parvdm] | Start : 2 : Inactif
[nsi] | Start : 2 : Actif
[NLASvc] | Start : 2 : Actif
[MPSsvc] | Start : 2 : Actif
[MMCSS] | Start : 2 : Actif
[luafv] | Start : 2 : Actif
[lltdio] | Start : 2 : Actif
[Iphlpsvc] | Start : 2 : Actif
[IKEEXT] | Start : 2 : Actif
[gpsvc] | Start : 2 : Actif
[lmhosts] | Start : 2 : Actif
[LanmanWorkstation] | Start : 2 : Actif
[LanmanServer] | Start : 2 : Actif
[agp440] | Start : 2 : Inactif
[AudioEndpointBuilder] | Start : 2 : Actif
[Audiosrv] | Start : 2 : Actif
[BFE] | Start : 2 : Actif
[Bits] | Start : 2 : Actif
[CryptSvc] | Start : 2 : Actif
[EapHost] | Start : 2 : Actif
[Wlansvc] | Start : 2 : Actif
[SharedAccess] | Start : 2 : Inactif
[windefend] | Start : 2 : Actif
[wuauserv] | Start : 2 : Actif
[WerSvc] | Start : 2 : Actif
[wscsvc] | Start : 2 : Actif
¤¤¤¤¤¤¤¤¤¤ Internet Explorer
[HKCU | Main] | Start Page : http://www.google.com/
[HKCU | Main] | Local Page : C:\Windows\system32\blank.htm
[HKCU | Main] | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
[HKCU | Main] | Use Custom Search URL : 0
[HKLM | Search] | SearchAssistant : http://www.google.com/ie
[HKLM | Main] | Start Page : http://go.microsoft.com/fwlink/?LinkId=69157
[HKLM | Main] | Local Page : C:\Windows\System32\blank.htm
[HKLM | Main] | Default_Search_URL : http://go.microsoft.com/fwlink/?LinkId=54896
[HKLM | Main] | Default_Page_URL : http://go.microsoft.com/fwlink/?LinkId=69157
[HKLM | Main] | Search Page : http://go.microsoft.com/fwlink/?LinkId=54896
¤
[HKCU | PhishingFilter] | Enabled : 2
[HKCU | PhishingFilter] | EnabledV8 : 1
[HKCU | Internet settings] | ProxyOverride : 0
[HKCU | Internet settings] | EnableHttp1_1 : 1
[HKCU | Internet Settings] | MigrateProxy : 1
[HKCU | Internet Settings] | WarnonBadCertRecving : 1
[HKCU | Internet Settings] | WarnOnHTTPSToHTTPRedirect : 1
[HKCU | Internet Settings] | WarnonZoneCrossing : 1
[HKCU | Internet Settings] | AutoConfigProxy : 0
[HKLM | AboutURLs] | Tabs : res://ieframe.dll/tabswelcome.htm
¤¤¤¤¤¤¤¤¤¤ Extensions Firefox
C:\Users\Laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\6b3v8bh8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
C:\Users\Laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\6b3v8bh8.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
C:\Users\Laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\6b3v8bh8.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
¤
¤¤¤¤¤¤¤¤¤¤ DNS
[HKLM\CCS | Tcpip\Parameters] | DhcpNameServer -> 192.168.1.1
[HKLM\CCS | Interfaces\{DD6CD660-F193-41DC-B8A2-8B25EF116468}] | DhcpNameServer -> 192.168.1.1
[HKLM\CS001 | Interfaces\{DD6CD660-F193-41DC-B8A2-8B25EF116468}] | DhcpNameServer -> 192.168.1.1
[HKLM\CS003 | Interfaces\{DD6CD660-F193-41DC-B8A2-8B25EF116468}] | DhcpNameServer -> 192.168.1.1
[HKLM\CCS | Tcpip\Parameters] | NameServer ->
¤¤¤¤¤¤¤¤¤¤ Hosts
127.0.0.1 localhost
¤¤¤¤¤¤¤¤¤¤ HKCU\Software
[HKEY_CURRENT_USER\Software\ACF]
[HKEY_CURRENT_USER\Software\Ad-Remover]
[HKEY_CURRENT_USER\Software\Adobe]
[HKEY_CURRENT_USER\Software\Affinix]
[HKEY_CURRENT_USER\Software\ALWIL Software]
[HKEY_CURRENT_USER\Software\Anvsoft]
[HKEY_CURRENT_USER\Software\AOL]
[HKEY_CURRENT_USER\Software\AppDataLow]
[HKEY_CURRENT_USER\Software\Apple Computer, Inc.]
[HKEY_CURRENT_USER\Software\Apple Inc.]
[HKEY_CURRENT_USER\Software\AVAST Software]
[HKEY_CURRENT_USER\Software\Avira]
[HKEY_CURRENT_USER\Software\AVS4YOU]
[HKEY_CURRENT_USER\Software\Bestonepoker]
[HKEY_CURRENT_USER\Software\Binary Noise]
[HKEY_CURRENT_USER\Software\BitDefender]
[HKEY_CURRENT_USER\Software\BitTorrent]
[HKEY_CURRENT_USER\Software\Bugsplat]
[HKEY_CURRENT_USER\Software\BVRP Software]
[HKEY_CURRENT_USER\Software\Casino]
[HKEY_CURRENT_USER\Software\CDDB]
[HKEY_CURRENT_USER\Software\CelebPoker]
[HKEY_CURRENT_USER\Software\Chilipoker]
[HKEY_CURRENT_USER\Software\Clients]
[HKEY_CURRENT_USER\Software\Club Dice Poker]
[HKEY_CURRENT_USER\Software\CyberLink]
[HKEY_CURRENT_USER\Software\DivXNetworks]
[HKEY_CURRENT_USER\Software\EasyBits]
[HKEY_CURRENT_USER\Software\eMule]
[HKEY_CURRENT_USER\Software\FreeDownloadManager.ORG]
[HKEY_CURRENT_USER\Software\Freeware]
[HKEY_CURRENT_USER\Software\Full Tilt Poker]
[HKEY_CURRENT_USER\Software\Full Tilt Poker.fr]
[HKEY_CURRENT_USER\Software\g3n-h@ckm@n]
[HKEY_CURRENT_USER\Software\GNU]
[HKEY_CURRENT_USER\Software\Google]
[HKEY_CURRENT_USER\Software\Grand Virtual]
[HKEY_CURRENT_USER\Software\Hewlett-Packard]
[HKEY_CURRENT_USER\Software\HipSoft]
[HKEY_CURRENT_USER\Software\HoldemManager]
[HKEY_CURRENT_USER\Software\IDT]
[HKEY_CURRENT_USER\Software\IGA]
[HKEY_CURRENT_USER\Software\IM Providers]
[HKEY_CURRENT_USER\Software\Intel]
[HKEY_CURRENT_USER\Software\JavaSoft]
[HKEY_CURRENT_USER\Software\KasperskyLab]
[HKEY_CURRENT_USER\Software\Lavalys]
[HKEY_CURRENT_USER\Software\LeakBuster 2.5]
[HKEY_CURRENT_USER\Software\Licenses]
[HKEY_CURRENT_USER\Software\LightScribe]
[HKEY_CURRENT_USER\Software\Macromedia]
[HKEY_CURRENT_USER\Software\MainConcept]
[HKEY_CURRENT_USER\Software\MainConcept (Muvee)]
[HKEY_CURRENT_USER\Software\MainConcept (Muvee2)]
[HKEY_CURRENT_USER\Software\Malwarebytes' Anti-Malware]
[HKEY_CURRENT_USER\Software\MGS]
[HKEY_CURRENT_USER\Software\Microgaming]
[HKEY_CURRENT_USER\Software\Microsoft]
[HKEY_CURRENT_USER\Software\MimarSinan]
[HKEY_CURRENT_USER\Software\Mozilla]
[HKEY_CURRENT_USER\Software\MozillaPlugins]
[HKEY_CURRENT_USER\Software\Netscape]
[HKEY_CURRENT_USER\Software\Norton]
[HKEY_CURRENT_USER\Software\ODBC]
[HKEY_CURRENT_USER\Software\PartyFrance]
[HKEY_CURRENT_USER\Software\pgAdmin III]
[HKEY_CURRENT_USER\Software\PhotoFiltre]
[HKEY_CURRENT_USER\Software\Piriform]
[HKEY_CURRENT_USER\Software\Poker83]
[HKEY_CURRENT_USER\Software\PokerTrainer]
[HKEY_CURRENT_USER\Software\Policies]
[HKEY_CURRENT_USER\Software\Polipo]
[HKEY_CURRENT_USER\Software\PostgreSQL]
[HKEY_CURRENT_USER\Software\psi-im.org]
[HKEY_CURRENT_USER\Software\RegisteredApplications]
[HKEY_CURRENT_USER\Software\Safer Networking Limited]
[HKEY_CURRENT_USER\Software\Samsung]
[HKEY_CURRENT_USER\Software\SFR]
[HKEY_CURRENT_USER\Software\shockwave.com]
[HKEY_CURRENT_USER\Software\Simply Super Software]
[HKEY_CURRENT_USER\Software\Skype]
[HKEY_CURRENT_USER\Software\SOCID]
[HKEY_CURRENT_USER\Software\Sony Ericsson]
[HKEY_CURRENT_USER\Software\Speed-Downloading]
[HKEY_CURRENT_USER\Software\SSPrint]
[HKEY_CURRENT_USER\Software\SSScan]
[HKEY_CURRENT_USER\Software\Synaptics]
[HKEY_CURRENT_USER\Software\Sysinternals]
[HKEY_CURRENT_USER\Software\Trolltech]
[HKEY_CURRENT_USER\Software\VB and VBA Program Settings]
[HKEY_CURRENT_USER\Software\Veoh]
[HKEY_CURRENT_USER\Software\VHLD]
[HKEY_CURRENT_USER\Software\Victor Chandler]
[HKEY_CURRENT_USER\Software\WildTangent]
[HKEY_CURRENT_USER\Software\WinRAR]
[HKEY_CURRENT_USER\Software\WinRAR SFX]
[HKEY_CURRENT_USER\Software\YahooPartnerToolbar]
[HKEY_CURRENT_USER\Software\Classes]
¤¤¤¤¤¤¤¤¤¤ HKLM\Software
[HKEY_LOCAL_MACHINE\Software\Adobe]
[HKEY_LOCAL_MACHINE\Software\Affinix]
[HKEY_LOCAL_MACHINE\Software\ALWIL Software]
[HKEY_LOCAL_MACHINE\Software\America Online]
[HKEY_LOCAL_MACHINE\Software\Apple Computer, Inc.]
[HKEY_LOCAL_MACHINE\Software\Apple Inc.]
[HKEY_LOCAL_MACHINE\Software\Atheros]
[HKEY_LOCAL_MACHINE\Software\AVAST Software]
[HKEY_LOCAL_MACHINE\Software\Avira]
[HKEY_LOCAL_MACHINE\Software\AVS4YOU]
[HKEY_LOCAL_MACHINE\Software\BrowserChoice]
[HKEY_LOCAL_MACHINE\Software\C07ft5Y]
[HKEY_LOCAL_MACHINE\Software\Caphyon]
[HKEY_LOCAL_MACHINE\Software\CelebPoker]
[HKEY_LOCAL_MACHINE\Software\Chilipoker]
[HKEY_LOCAL_MACHINE\Software\Classes]
[HKEY_LOCAL_MACHINE\Software\Clients]
[HKEY_LOCAL_MACHINE\Software\Club Dice Poker]
[HKEY_LOCAL_MACHINE\Software\ClubDeJeux]
[HKEY_LOCAL_MACHINE\Software\CrazyLoader]
[HKEY_LOCAL_MACHINE\Software\Cyberlink]
[HKEY_LOCAL_MACHINE\Software\Debug]
[HKEY_LOCAL_MACHINE\Software\DivXNetworks]
[HKEY_LOCAL_MACHINE\Software\EasyBits]
[HKEY_LOCAL_MACHINE\Software\EnterpriseDB]
[HKEY_LOCAL_MACHINE\Software\FreeDownloadManager.ORG]
[HKEY_LOCAL_MACHINE\Software\Full Tilt Poker]
[HKEY_LOCAL_MACHINE\Software\GEAR Software]
[HKEY_LOCAL_MACHINE\Software\Google]
[HKEY_LOCAL_MACHINE\Software\Hewlett-Packard]
[HKEY_LOCAL_MACHINE\Software\Hewlett-Packard Company]
[HKEY_LOCAL_MACHINE\Software\HP]
[HKEY_LOCAL_MACHINE\Software\HPQ]
[HKEY_LOCAL_MACHINE\Software\I.R.I.S.]
[HKEY_LOCAL_MACHINE\Software\IDT]
[HKEY_LOCAL_MACHINE\Software\InstalledOptions]
[HKEY_LOCAL_MACHINE\Software\Intel]
[HKEY_LOCAL_MACHINE\Software\JavaSoft]
[HKEY_LOCAL_MACHINE\Software\JreMetrics]
[HKEY_LOCAL_MACHINE\Software\Licenses]
[HKEY_LOCAL_MACHINE\Software\LightScribe]
[HKEY_LOCAL_MACHINE\Software\Macromedia]
[HKEY_LOCAL_MACHINE\Software\Malwarebytes' Anti-Malware (Trial)]
[HKEY_LOCAL_MACHINE\Software\Microsoft]
[HKEY_LOCAL_MACHINE\Software\MimarSinan]
[HKEY_LOCAL_MACHINE\Software\Mozilla]
[HKEY_LOCAL_MACHINE\Software\mozilla.org]
[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]
[HKEY_LOCAL_MACHINE\Software\Norton]
[HKEY_LOCAL_MACHINE\Software\Notepad]
[HKEY_LOCAL_MACHINE\Software\ODBC]
[HKEY_LOCAL_MACHINE\Software\OldTimer Tools]
[HKEY_LOCAL_MACHINE\Software\P2G_Upgrade]
[HKEY_LOCAL_MACHINE\Software\Panda Software]
[HKEY_LOCAL_MACHINE\Software\PDR_Upgrade]
[HKEY_LOCAL_MACHINE\Software\Piriform]
[HKEY_LOCAL_MACHINE\Software\PKR]
[HKEY_LOCAL_MACHINE\Software\Poker
¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤
~ Mis à jour le 24/08/2011 | 13.50 par g3n-h@ckm@n
~ Informations : http://www.forum-fec.net/t1444-pre_scan-versions
~ Remontées : http://www.forum-fec.net/t1445-feedback-pre_scan
~ Utilisateur : Laetitia (Administrateurs)
~ Ordinateur : PC-DE-LAETITIA
~ Système d'exploitation : Windows Vista (TM) Home Basic (32 bits) HomeBasic Service Pack 2
~ Enregistré sous : Laetitia
~ Enregistré sous : Hewlett-Packard
~ Processeur : Pentium(R) Dual-Core CPU T4200 @ 2.00GHz
~ Identification : x86 Family 6 Model 23 Stepping 10
Internet Explorer : 9.0.8112.16421
Mozilla Firefox : 6.0.2 (fr)
Pare-feu windows : Actif
Windows Defender : Actif
c:\ -> [Fixed] | [] | Total : 295150 Mo | Free : 184240 Mo -> NTFS
d:\ -> [Fixed] | [RECOVERY] | Total : 10090 Mo | Free : 1770 Mo -> NTFS
e:\ -> [CDROM] | [] | Total : 0 Mo | Free : 0 Mo ->
h:\ -> [Removable] | [] | Total : 1940 Mo | Free : 1860 Mo -> FAT
Scan : 13:14:20 | 14/09/2011
¤¤¤¤¤¤¤¤¤¤ Sessions
~ [HKLM | ProfileList] | S-1-5-21-3319297030-3672419197-3718716493-1000 : ProfileImagePath -> C:\Users\Laetitia
~ [HKLM | ProfileList] | S-1-5-21-3319297030-3672419197-3718716493-1000 : RefCount -> 6
~ [HKLM | ProfileList] | S-1-5-21-3319297030-3672419197-3718716493-1000 : State -> 0
~ [HKLM | ProfileList] | S-1-5-21-3319297030-3672419197-3718716493-1002 : ProfileImagePath -> C:\Users\postgres
~ [HKLM | ProfileList] | S-1-5-21-3319297030-3672419197-3718716493-1002 : RefCount -> 0
~ [HKLM | ProfileList] | S-1-5-21-3319297030-3672419197-3718716493-1002 : State -> 0
¤¤¤¤¤¤¤¤¤¤ Processus en cours
Demarrage : Normal
400 | C:\Windows\System32\smss.exe - SYSTEM - Normal - \SystemRoot\System32\smss.exe - 4
532 | C:\Windows\system32\csrss.exe - SYSTEM - Normal - C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 - 520
576 | C:\Windows\system32\wininit.exe - SYSTEM - High - wininit.exe - 520
584 | C:\Windows\system32\csrss.exe - SYSTEM - Normal - C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 - 568
620 | C:\Windows\system32\services.exe - SYSTEM - Normal - C:\Windows\system32\services.exe - 576
632 | C:\Windows\system32\lsass.exe - SYSTEM - Normal - C:\Windows\system32\lsass.exe - 576
640 | C:\Windows\system32\lsm.exe - SYSTEM - Normal - C:\Windows\system32\lsm.exe - 576
728 | C:\Windows\system32\winlogon.exe - SYSTEM - High - winlogon.exe - 568
820 | C:\Windows\system32\svchost.exe - SYSTEM - Normal - C:\Windows\system32\svchost.exe -k DcomLaunch - 620
892 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k rpcss - 620
944 | C:\Windows\System32\svchost.exe - SYSTEM - Normal - C:\Windows\System32\svchost.exe -k secsvcs - 620
1028 | C:\Windows\System32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted - 620
1072 | C:\Windows\System32\svchost.exe - SYSTEM - Normal - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted - 620
1108 | C:\Windows\system32\svchost.exe - SYSTEM - Normal - C:\Windows\system32\svchost.exe -k netsvcs - 620
1132 | C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe - SYSTEM - Normal - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe - 620
1340 | C:\Windows\system32\svchost.exe - SYSTEM - Normal - C:\Windows\system32\svchost.exe -k GPSvcGroup - 620
1360 | C:\Windows\system32\SLsvc.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\SLsvc.exe - 620
1384 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalService - 620
1564 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k NetworkService - 620
1820 | C:\Windows\System32\spoolsv.exe - SYSTEM - Normal - C:\Windows\System32\spoolsv.exe - 620
1848 | C:\Program Files\Avira\AntiVir Desktop\sched.exe - SYSTEM - Normal - "C:\Program Files\Avira\AntiVir Desktop\sched.exe" - 620
1864 | C:\Windows\system32\taskeng.exe - Laetitia - Normal - taskeng.exe {0E163EF6-16B4-46CD-A2F4-C4C9B6820B85} - 1108
1916 | C:\Windows\system32\Dwm.exe - Laetitia - High - "C:\Windows\system32\Dwm.exe" - 1072
1980 | C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe - Laetitia - Normal - "C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe" - 1864
200 | C:\Windows\system32\taskeng.exe - Laetitia - Normal - taskeng.exe {0F39326B-90B1-4B09-B79C-6AC6BFBF1082} - 1108
536 | C:\Windows\System32\igfxtray.exe - Laetitia - Normal - "C:\Windows\System32\igfxtray.exe" - 1956
520 | C:\Windows\System32\hkcmd.exe - Laetitia - Normal - "C:\Windows\System32\hkcmd.exe" - 1956
704 | C:\Windows\System32\igfxpers.exe - Laetitia - Normal - "C:\Windows\System32\igfxpers.exe" - 1956
568 | C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - Laetitia - Above Normal - "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" - 1956
1372 | C:\Windows\system32\igfxsrvc.exe - Laetitia - Normal - C:\Windows\system32\igfxsrvc.exe -Embedding - 820
1572 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork - 620
1680 | C:\Program Files\Windows Defender\MSASCui.exe - Laetitia - Normal - "C:\Program Files\Windows Defender\MSASCui.exe" -hide - 1956
1332 | C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe - Laetitia - Normal - "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" - 1956
2076 | C:\Program Files\Common Files\Java\Java Update\jusched.exe - Laetitia - Normal - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" - 1956
2084 | C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe - Laetitia - Normal - "C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe" - 1956
2212 | C:\Program Files\HP\HP Software Update\hpwuschd2.exe - Laetitia - Normal - "C:\Program Files\HP\HP Software Update\hpwuschd2.exe" - 1956
2228 | C:\Program Files\Avira\AntiVir Desktop\avgnt.exe - Laetitia - Normal - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min - 1956
2280 | C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe - SYSTEM - Normal - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe - 620
2296 | C:\Program Files\Avira\AntiVir Desktop\avguard.exe - SYSTEM - Normal - "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" - 620
2312 | C:\Windows\system32\svchost.exe - SYSTEM - Normal - C:\Windows\system32\svchost.exe -k apphost - 620
2380 | C:\Program Files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe - SYSTEM - Normal - "C:\Program Files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe" -k runservice - 620
2492 | C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe - Laetitia - Normal - "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background - 1956
2500 | C:\Program Files\Avira\AntiVir Desktop\avshadow.exe - SYSTEM - Normal - "C:\Program Files\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000008f8 - 2296
2584 | C:\Program Files\Common Files\LightScribe\LSSrvc.exe - SYSTEM - Normal - "C:\Program Files\Common Files\LightScribe\LSSrvc.exe" - 620
2612 | C:\Windows\System32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\System32\svchost.exe -k HPZ12 - 620
2652 | C:\Windows\System32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\System32\svchost.exe -k HPZ12 - 620
2676 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted - 620
2712 | C:\Program Files\SMINST\BLService.exe - SYSTEM - Normal - "C:\Program Files\SMINST\BLService.exe" - 620
2736 | C:\Program Files\CyberLink\Shared files\RichVideo.exe - SYSTEM - Normal - "C:\Program Files\CyberLink\Shared files\RichVideo.exe" - 620
2848 | C:\Windows\System32\tcpsvcs.exe - SERVICE LOCAL - Normal - C:\Windows\System32\tcpsvcs.exe - 620
2864 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k imgsvc - 620
2912 | C:\Windows\system32\svchost.exe - SYSTEM - Normal - C:\Windows\system32\svchost.exe -k iissvcs - 620
2940 | C:\Windows\System32\svchost.exe - SYSTEM - Normal - C:\Windows\System32\svchost.exe -k WerSvcGroup - 620
2992 | C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - SYSTEM - Normal - "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" - 620
3076 | C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe - Laetitia - Normal - "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe" - 2492
3144 | C:\Windows\system32\SearchIndexer.exe - SYSTEM - Normal - C:\Windows\system32\SearchIndexer.exe /Embedding - 620
3272 | C:\Program Files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe - SYSTEM - Normal - "C:\Program Files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe" -d "C:/Program Files/PostgreSQL/EnterpriseDB-ApachePhp/apache" - 2380
3908 | C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe - SYSTEM - Normal - "C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe" - 620
4056 | C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe - SYSTEM - Normal - WLIDSvcM.exe 2992 - 2992
2844 | C:\Windows\system32\wbem\wmiprvse.exe - SYSTEM - Normal - C:\Windows\system32\wbem\wmiprvse.exe - 820
3624 | C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe - Laetitia - Normal - "C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding - 820
2240 | C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - Laetitia - Above Normal - "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" - 568
1488 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation - 620
2972 | C:\Windows\system32\SearchProtocolHost.exe - SYSTEM - Idle - "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" - 3144
1324 | C:\Windows\system32\conime.exe - Laetitia - Normal - C:\Windows\system32\conime.exe - 3604
2968 | c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe - SYSTEM - Normal - "c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe" - 620
4328 | C:\Program Files\Windows Live\Mail\wlmail.exe - Laetitia - Normal - "C:\Program Files\Windows Live\Mail\wlmail.exe" - 1956
4560 | C:\Program Files\Windows Live\Contacts\wlcomm.exe - Laetitia - Normal - "C:\Program Files\Windows Live\Contacts\wlcomm.exe" -Embedding - 820
4984 | C:\Program Files\ZHPDiag\ZHPDiag.exe - Laetitia - Normal - "C:\Program Files\ZHPDiag\ZHPDiag.exe" - 1956
5856 | C:\Windows\system32\SearchFilterHost.exe - SYSTEM - Idle - "C:\Windows\system32\SearchFilterHost.exe" 0 620 624 632 65536 628 - 3144
4892 | C:\Users\Laetitia\Desktop\Pre_scan.exe - Laetitia - High - "C:\Users\Laetitia\Desktop\Pre_scan.exe" - 4960
4280 | C:\Windows\system32\cmd.exe - Laetitia - Normal - cmd /c ""C:\Kill'em\Pv.bat" " - 4892
4104 | C:\Kill'em\Pv.exe - Laetitia - Normal - C:\Kill'em\pv.exe -o"%i | %f - %u - %p - %l - %r" - 4280
¤¤¤¤¤¤¤¤¤¤ Démarrage principaux avant suppression
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Sony Ericsson PC Companion"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
"Vidalia"="C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
"RegistryBooster"="C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [28/10/2008|10:43:56]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [28/10/2008|10:43:30]
"Persistence"=C:\Windows\system32\igfxpers.exe [28/10/2008|10:43:34]
"SynTPEnh"=%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
"UpdatePSTShortCut"="C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
"UpdateP2GoShortCut"="C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
"UpdatePDIRShortCut"="C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [09/10/2008|08:58:56]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [08/12/2008|12:25:24]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [20/04/2011|12:48:18]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"WHITNEY_S2P"=C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe [10/12/2009|21:35:40]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [18/06/2009|21:34:13]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [12/01/2011|12:21:34]
""=
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [?]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter [?]
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [?]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter [?]
¤¤¤¤¤¤¤¤¤¤ Autres Démarrages Silencieux
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] | Adobe Reader Speed Launcher -> "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Free Download Manager] | Free Download Manager -> "C:\Program Files\Free Download Manager\fdm.exe" -autorun
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPAdvisor] | HPAdvisor -> C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] | iTunesHelper -> "C:\Program Files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel] | LightScribe Control Panel -> C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Messenger Update] | Messenger Update -> msnmsgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr] | msnmsgr -> "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QlbCtrl.exe] | QlbCtrl.exe -> C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QPService] | QPService -> "C:\Program Files\HP\QuickPlay\QPService.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] | QuickTime Task -> "C:\Program Files\QuickTime\QTTask.exe" -atboottime
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VeohPlugin] | VeohPlugin -> "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
¤
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] | {E54729E8-BB3D-4270-9D49-7389EA579090} -> EasyBits Security Shield Hook - prevents launching insecure programs by kids
¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar]
"{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC}"=Veoh Web Player Video Finder
"{52836EB0-631A-47B1-94A6-61F9D9112DAE}"=Veoh Video Compass
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=0x00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] | {8C7461EF-2B13-11d2-BE35-3078302C2030} -> Component Categories cache daemon
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnhancedStorageShell]
¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"=Microsoft Data Link
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=Computers and Devices
"{E7DE9B1A-7533-4556-9484-B26FB486475E}"=
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"=MMC Icon Handler
"{08165EA0-E946-11CF-9C87-00AA005127ED}"=WebCheckWebCrawler
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"=Code Download Agent
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"=WebCheck SyncMgr Handler
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"=Subscription Mgr
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"=WebCheck
"{F5175861-2688-11d0-9C5E-00AA00A45957}"=Subscription Folder
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"=Network Connections
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"=Network Connections
"{4A1E5ACD-A108-4100-9E26-D2FAFA1BA486}"=IGD Property Sheet Handler
"{92dbad9f-5025-49b0-9078-2d78f935e341}"=Microsoft Windows Mail Html Preview Handler
"{b9815375-5d7f-4ce2-9245-c9d4da436930}"=Microsoft Windows Mail Html Preview Handler
"{f8b8412b-dea3-4130-b36c-5e8be73106ac}"=Microsoft Windows Mail Html Preview Handler
"{5FA29220-36A1-40f9-89C6-F4B384B7642E}"=Shell Message Handler
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"=Shell DocObject Viewer
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"=InternetShortcut
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"=Microsoft Url History Service
"{FF393560-C2A7-11CF-BFF4-444553540000}"=History
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"=Temporary Internet Files
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"=Temporary Internet Files
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=Microsoft Url Search Hook
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"=The Internet
"{73CFD649-CD48-4fd8-A272-2070EA56526B}"=IE BandProxy
"{07C45BB1-4A8C-4642-A1F5-237E7215FF66}"=IE Microsoft BrowserBand
"{43886CD5-6529-41c4-A707-7B3C92C05E68}"=IE Navigation Bar
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"=IE Search Band
"{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E}"=IE Registry Tree Options Utility
"{3028902F-6374-48b2-8DC6-9725E775B926}"=IE AutoComplete
"{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8}"=IE MRU AutoComplete List
"{FDE7673D-2E19-4145-8376-BBD58C4BC7BA}"=IE Custom MRU AutoCompleted List
"{6038EF75-ABFC-4e59-AB6F-12D397F6568D}"=IE Microsoft History AutoComplete List
"{9D958C62-3954-4b44-8FAB-C4670C1DB4C2}"=IE Microsoft Shell Folder AutoComplete List
"{B31C5FAE-961F-415b-BAF0-E697A5178B94}"=IE Microsoft Multiple AutoComplete List Container
"{E6EE9AAC-F76B-4947-8260-A9F136138E11}"=IE Shell Band Site Menu
"{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A}"=IE Shell Rebar BandSite
"{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75}"=IE User Assist
"{4B78D326-D922-44f9-AF2A-07805C2A3560}"=IE Menu Band
"{6CF48EF8-44CD-45d2-8832-A16EA016311B}"=IE IShellFolderBand
"{F2CF5485-4E02-4f68-819C-B92DE9277049}"=&Links
"{1C1EDB47-CE22-4bbb-B608-77B48F83C823}"=IE Fade Task
"{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE}"=IE Tracking Shell Menu
"{44C76ECD-F7FA-411c-9929-1B77BA77F524}"=IE Menu Site
"{205D7A97-F16D-4691-86EF-F3075DCCA57D}"=IE Menu Desk Bar
"{871C5380-42A0-1069-A2EA-08002B30309D}"=Internet Name Space
"{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E}"=IE RSS Feeder Folder
"{8856f961-340a-11d0-a96b-00c04fd705a2}"=Microsoft Web Browser
"{3050f3d9-98b5-11cf-bb82-00aa00bdce0b}"=MSHTML Document
"{25336920-03f9-11cf-8fd0-00aa00686f13}"=HTML Document
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"=Mail Service
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"=Desktop Shortcut
"{00020d75-0000-0000-c000-000000000046}"=lnkfile
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"=Web Publishing Wizard
"{add36aa8-751a-4579-a266-d66f5202ccbb}"=Print Ordering via the Web
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"=Shell Publishing Wizard Object
"{176d6597-26d3-11d1-b350-080036a75b03}"=ICM Scanner Management
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"=ICM Monitor Management
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"=ICM Printer Management
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"=ICC Profile
"{b2c761c6-29bc-4f19-9251-e6195265baf1}"=Color Control Panel Applet
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"=Directory Property UI
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"=Directory Context Menu Verbs
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"=Directory Query UI
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"=Shell properties for a DS object
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"=Directory Object Find
"{F020E586-5264-11d1-A532-0000F8757D7E}"=Directory Start/Search Find
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"=Printers Security Page
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"=NTFS Security Page
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"=Shell extensions for sharing
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"=Shell extensions for sharing
"{77597368-7b15-11d0-a0c2-080036af3f03}"=Web Printer Shell Extension
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"=DS Security Page
"{41E300E0-78B6-11ce-849B-444553540000}"=PlusPack CPL Extension
"{74246bfc-4c96-11d0-abef-0020af6b0b7a}"=Device Manager
"{7A979262-40CE-46ff-AEEE-7884AC3B6136}"=Add New Hardware
"{7b81be6a-ce2b-4676-a29e-eb907a5126c5}"=Programs and Features
"{15eae92e-f17a-4431-9f28-805e482dafd4}"=Install New Programs
"{d450a8a1-9568-45c7-9c0e-b4f9fb4537bd}"=Installed Updates
"{ceefea1b-3e29-4ef1-b34c-fec79c4f70af}"=New Shortcut Wizard
"{0BFCF7B7-E7B6-433a-B205-2904FCF040DD}"=New Shortcut Wizard Modal
"{CFCCC7A0-A282-11D1-9082-006008059382}"=Darwin App Publisher
"{3e7efb4c-faf1-453d-89eb-56026875ef90}"=Get Programs Online
"{59099400-57FF-11CE-BD94-0020AF85B590}"=Disk Copy Extension
"{ECF03A32-103D-11d2-854D-006008059367}"=MyDocs Drop Target
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"=MyFolder Properties
"{44f3dab6-4392-4186-bb7b-6282ccb7a9f6}"=MyDocuments menu and properties
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"=Taskbar and Start Menu
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"=Search
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"=Help and Support
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"=Help and Support
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"=Run...
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"=Internet
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"=E-mail
"{2559a1f6-21d7-11d4-bdaf-00c04f60b9f0}"=Start Menu OEM Command
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"=Set Program Access and Defaults
"{3080F90D-D7AD-11D9-BD98-0000947B0257}"=Show Desktop
"{3080F90E-D7AD-11D9-BD98-0000947B0257}"=Window Switcher
"{eb124705-128b-40d4-8dd8-d93ed12589a4}"=WPL property store
"{3c2654c6-7372-4f6b-b310-55d6128f49d2}"=Alphabetical Categorizer
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"=Summary Info Thumbnail handler (DOCFILES)
"{708e1662-b832-42a8-bbe1-0a77121e3908}"=Tree property value folder
"{71f96385-ddd6-48d3-a0c1-ae06e8b055fb}"=Explorer Browser
"{b2952b16-0e07-4e5a-b993-58c52cb94cae}"=Search Folders
"{437ff9c0-a07f-4fa0-af80-84b6c6440a16}"=Command Folder
"{90f8c90b-04e0-4e92-a186-e6e9c125d664}"=Property Labels
"{1b24a030-9b20-49bc-97ac-1be4426f9e59}"=ActiveDirectory Folder
"{34449847-FD14-4fc8-A75A-7432F5181EFB}"=ActiveDirectory Folder
"{C8494E42-ACDD-4739-B0FB-217361E4894F}"=Sam Account Folder
"{E29F9716-5C08-4FCD-955A-119FDB5A522D}"=Sam Account Folder
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"=Fonts
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"=Administrative Tools
"{b155bdf8-02f0-451e-9a26-ae317cfd7779}"=nethood delegate folder
"{DFFACDC5-679F-4156-8947-C5C76BC0B67F}"=users files delegate folder
"{ed50fc29-b964-48a9-afb3-15ebb9b97f36}"=printhood delegate folder
"{328B0346-7EAF-4BBE-A479-7CB88A095F5B}"=Layout Folder
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=Control Panel command object for Start menu
"{E44E5D18-0652-4508-A4E2-8A090067BCB0}"=Default Programs command object for Start menu
"{4336a54d-038b-4685-ab02-99bb52d3fb8b}"=Public Folder
"{00021401-0000-0000-C000-000000000046}"=Shortcut
"{C73F6F30-97A0-4AD1-A08F-540D4E9BC7B9}"=Search Folder
"{0AFCCBA6-BF90-4A4E-8482-0AC960981F5B}"=.fon, .otf, .ttc or .ttf files
"{66742402-F9B9-11D1-A202-0000F81FEDEE}"=.cpl, .dll, .exe, .ocx, .rll or .sys files
"{D34A6CA6-62C2-4C34-8A7C-14709C1AD938}"=Common Places Folder
"{865e5e76-ad83-4dca-a109-50dc2113ce9a}"=Programs Folder and Fast Items
"{21ec2020-3aea-1069-a2dd-08002b30309d}"=Control Panel
"{25585dc7-4da0-438d-ad04-e42c8d2d64b9}"=Client application shell extension
"{6dfd7c5c-2451-11d3-a299-00c04f8ef6af}"=Folder Options
"{a42c2ccb-67d3-46fa-abe6-7d2f3488c7a3}"=Microsoft Windows RTF Preview Handler
"{1531d583-8375-4d3f-b5fb-d23bbd169f22}"=Window TXT Preview Handler
"{97e467b4-98c6-4f19-9588-161b7773d6f6}"=Office Document Property Handler
"{88C6C381-2E85-11D0-94DE-444553540000}"=ActiveX Cache Folder
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"=Microsoft Internet Toolbar
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"=Microsoft BrowserBand
"{056440FD-8568-48e7-A632-72157243B55B}"=Explorer Navigation Bar
"{C4EC38BD-4E9E-4b5e-935A-D1BFF237D980}"=Explorer Travel Band
"{6D8BB3D3-9D87-4a91-AB56-4F30CFFEFE9F}"=Explorer Search Band
"{2C2577C2-63A7-40e3-9B7F-586602617ECB}"=Explorer Query Band
"{21569614-B795-46b1-85F4-E737A8DC09AD}"=Search Band
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"=In-pane search
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"=Registry Tree Options Utility
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"=&Address
"{a542e116-8088-4146-a352-b0d06e7f6af6}"=Address EditBox
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"=BandProxy
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"=Microsoft AutoComplete
"{596742A5-1393-4e13-8765-AE1DF71ACAFB}"=Microsoft Breadcrumb Bar
"{6756A641-DE71-11d0-831B-00AA005B4383}"=MRU AutoComplete List
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"=Custom MRU AutoCompleted List
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"=Microsoft History AutoComplete List
"{03C036F1-A186-11D0-824A-00AA005B4383}"=Microsoft Shell Folder AutoComplete List
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"=Microsoft Multiple AutoComplete List Container
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"=Shell Band Site Menu
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"=Shell DeskBarApp
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"=Shell Rebar BandSite
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"=User Assist
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"=Global Folder Settings
"{fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}"=Search Control
"{4d5c8c2a-d075-11d0-b416-00c04fb90376}"=Microsoft CommBand
"{DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}"=File Open Dialog
"{C0B4E2F3-BA21-4773-8DBA-335EC946EB8B}"=File Save Dialog
"{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}"=Shell Icon Handler for Application References
"{e82a2d71-5b2f-43a0-97b8-81be15854de8}"=ShellLink for Application References
"{92337A8C-E11D-11D0-BE48-00C04FC30DF6}"=OlePrn.PrinterURL
"{45670FA8-ED97-4F44-BC93-305082590BFB}"=Microsoft XPS Properties
"{44121072-A222-48f2-A58A-6D9AD51EBBE9}"=Microsoft XPS Thumbnail
"{38a98528-6cbf-4ca9-8dc0-b1e1d10f7b1b}"=View Available Networks
"{13D3C4B8-B179-4ebb-BF62-F704173E7448}"=Windows Contact Preview Handler
"{32714800-2E5F-11d0-8B85-00AA0044F941}"=For &People...
"{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48}"=Contacts folder
"{4F58F63F-244B-4c07-B29F-210BE59BE9B4}"=.group shell extension handler
"{8082C5E6-4C27-48ec-A809-B8E1122E8F97}"=.contact shell extension handler
"{16C2C29D-0E5F-45f3-A445-03E03F587B7D}"=group_wab_auto_file
"{CF67796C-F57F-45F8-92FB-AD698826C602}"=contact_wab_auto_file
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"=Crypto PKO Extension
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"=Crypto Sign Extension
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"=Compatibility Property Page
"{F0152790-D56E-4445-850E-4F3117DB740C}"=Remote Sessions CPL Extension
"{4026492f-2f69-46b8-b9bf-5654fc07e423}"=Windows Firewall
"{D555645E-D4F8-4c29-A827-D93C859C4F2A}"=
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"=Shell extensions for Windows Script Host
"{fcfeecae-ee1b-4849-ae50-685dcf7717ec}"=Problem Reports and Solutions
"{a304259d-52b8-4526-8b1a-a1d6cecc8243}"=iSCSI Initiator
"{8E908FC9-BECC-40f6-915B-F4CA0E70D03D}"=
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"=Microsoft Agent Character Property Sheet Handler
"{025A5937-A6BE-4686-A844-36FE4BEC8B6D}"=Microsoft Power Options
"{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}"=
"{ED834ED6-4B5A-4bfe-8F11-A626DCB6A921}"=
"{17cd9488-1228-4b2f-88ce-4298e93e0966}"=
"{60632754-c523-4b62-b45c-4172da012619}"=
"{9C60DE1E-E5FC-40f4-A487-460851A8D915}"=
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"=Display Adapter CPL Extension
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"=Display Monitor CPL Extension
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"=Display TroubleShoot CPL Extension
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"=OLE Docfile Property Page
"{11dbb47c-a525-400b-9e80-a54615a090c0}"=Execute Folder
"{90b9bce2-b6db-4fd3-8451-35917ea1081b}"=Search Execute Command
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"=Disk Quota UI
"{BD84B380-8CA2-1069-AB1D-08000948F534}"=Microsoft Windows Font Folder
"{2BC0DA0E-F1BC-43AB-B4B5-738EB6B51E7E}"=Microsoft Windows Font File Icon Handler
"{1a184871-359e-4f67-aad9-5b9905d62232}"=Microsoft Windows Font File Context Menu Handler
"{8a7cae0e-5951-49cb-bf20-ab3fa1e44b01}"=Microsoft Windows Font Previewer
"{63da6ec0-2e98-11cf-8d82-444553540000}"=FTP Folders Webview
"{E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31}"=Compressed (zipped) Folder
"{BD472F60-27FA-11cf-B8B4-444553540000}"=Compressed (zipped) Folder Right Drag Handler
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"=Compressed (zipped) Folder SendTo Target
"{b8cdcb65-b1bf-4b42-9428-1dfdb7ee92af}"=Compressed (zipped) Folder Context Menu
"{ed9d80b9-d157-457b-9192-0e7280313bf0}"=Compressed (zipped) Folder Drop Handler
"{911051fa-c21c-4246-b470-070cd8df6dc4}"=.cab or .zip files
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=.CAB file viewer
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"=Shell extensions for Microsoft Windows Network objects
"{da67b8ad-e81b-4c70-9b91b417b5e33527}"=Windows Search Shell Service
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"=DfsShell.DfsShell Property Sheet
"{BC65FB43-1958-4349-971A-210290480130}"=Network Explorer Property Sheet Handler
"{d3e34b21-9d75-101a-8c3d-00aa001a1652}"=Bitmap Image
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"=Video Media Properties Handler
"{E598560B-28D5-46aa-A14A-8A3BEA34B576}"=Windows Photo Gallery Viewer Video Verbs
"{00f2886f-cd64-4fc9-8ec5-30ef6cdbe8c3}"=Microsoft.ScannersAndCameras
"{0a4286ea-e355-44fb-8086-af3df7645bd9}"=Windows Media Player
"{BB6B2374-3D79-41DB-87F4-896C91846510}"=EMDFileProperties
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"=Audio Media Properties Handler
"{89D83576-6BD1-4c86-9454-BEB04E94C819}"=MAPI Search Namespace Extension
"{7A0F6AB7-ED84-46B6-B47E-02AA159A152B}"=Sync Center Simple Conflict Presenter
"{9D687A4C-1404-41ef-A089-883B6FBECDE6}"=Windows Photo Gallery Viewer Autoplay Handler
"{BE122A0E-4503-11DA-8BDE-F66BAD1E3F3A}"=
"{60fd46de-f830-4894-a628-6fa81bc0190d}"=DropTarget Object for Photo Printing Wizard
"{37efd44d-ef8d-41b1-940d-96973a50e9e0}"=Windows Sidebar Properties
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"=Portable Media Devices
"{00f20eb5-8fd6-4d9d-b75e-36801766c8f1}"=PhotoAcqDropTarget
"{BC48B32F-5910-47F5-8570-5074A8A5636A}"=Sync Results Delegate Folder
"{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}"=Games Folder
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"=Windows Media Player Add to Playlist Context Menu Handler
"{E413D040-6788-4C22-957E-175D1C513A34}"=Sync Center Conflict Delegate Folder
"{67718415-c450-4f3c-bf8a-b487642dc39b}"=Windows Features
"{335a31dd-f04b-4d76-a925-d6b47cf360df}"=
"{91ADC906-6722-4B05-A12B-471ADDCCE132}"=Touch Band
"{7D4734E6-047E-41e2-AEAA-E763B4739DC4}"=Windows Media Player Play as Playlist Context Menu Handler
"{2781761E-28E0-4109-99FE-B9D127C57AFE}"=Windows Defender IOfficeAntiVirus implementation
"{96AE8D84-A250-4520-95A5-A47A7E3C548B}"=
"{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A}"=Windows Photo Gallery Viewer Image Verbs
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"=Windows Media Player Play as Playlist Context Menu Handler
"{4B534112-3AF6-4697-A77C-D62CE9B9E7CF}"=Sync Center Event Properties Extension
"{F1390A9A-A3F4-4E5D-9C5F-98F3BD8D935C}"=Sync Setup Delegate Folder
"{85BBD920-42A0-1069-A2E4-08002B30309D}"=Briefcase
"{4E5BFBF8-F59A-4e87-9805-1F9B42CC254A}"=GameUX.RichGameMediaThumbnail
"{d8559eb9-20c0-410e-beda-7ed416aecc2a}"=Windows Defender
"{576C9E85-1300-4EF5-BF6B-D00509F4EDCD}"=Sync Center Handler Properties Extension
"{5ea4f148-308c-46d7-98a9-49041b1dd468}"=Mobility Center Control Panel
"{289978AC-A101-4341-A817-21EBA7FD046D}"=Sync Center Conflict Folder
"{877ca5ac-cb41-4842-9c69-9136e42d47e2}"=File Backup Index
"{71D99464-3B6B-475C-B241-E15883207529}"=Sync Results Folder
"{B32D3949-ED98-4DBB-B347-17A144969BBA}"=Sync Center Item Properties Extension
"{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8}"=Portable Devices Menu
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"=Windows Media Player Burn Audio CD Context Menu Handler
"{2E9E59C0-B437-4981-A647-9C34B9B90891}"=Sync Setup Folder
"{58E3C745-D971-4081-9034-86E34B30836A}"=
"{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}"=Sync Center Folder
"{CB1B7F8C-C50A-4176-B604-9E24DEE8D4D1}"=Welcome Center
"{78F3955E-3B90-4184-BD14-5397C15F1EFC}"=
"{F04CC277-03A2-4277-96A9-77967471BDFF}"=Sync Center Conflict Properties Extension
"{53BEDF0B-4E5B-4183-8DC9-B844344FA104}"=Microsoft Windows MAPI Preview Handler
"{6b9228da-9c15-419e-856c-19e768a13bdc}"=Windows gadget DropTarget
"{8E25992B-373E-486E-80E5-BD23AE417E66}"=Sync Center Device Notification Sink
"{35786D3C-B075-49b9-88DD-029876E11C01}"=Portable Devices
"{031EE060-67BC-460d-8847-E4A7C5E45A27}"=Windows Media Player Rich Preview Handler
"{1FA9085F-25A2-489B-85D4-86326EEDCD87}"=Manage Wireless Networks
"{ECDD6472-2B9B-4b4b-AE36-F316DF3C8D60}"=RichGameMediaPropertyStore Class
"{BD7A2E7B-21CB-41b2-A086-B309680C6B7E}"=Client Side Cache Namespace Extension
"{8A734961-C4AA-4741-AC1E-791ACEBF5B39}"=Windows Media Player Shop Music Context Menu Handler
"{7A9D77BD-5403-11d2-8785-2E0420524153}"=User Accounts
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"=Video Thumbnail Extractor
"{28803F59-3A75-4058-995F-4EE5503B023C}"=Wireless Devices
"{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}"=Microsoft Office Metadata Handler
"{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}"=Microsoft Office Thumbnail Handler
"{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}"=Microsoft Office OneNote Namespace Extension for Windows Desktop Search
"{42042206-2D85-11D3-8CFF-005004838597}"=Microsoft Office HTML Icon Handler
"{7F67036B-66F1-411A-AD85-759FB9C5B0DB}"=ShellViewRTF
"{2F603045-309F-11CF-9774-0020AFD0CFF6}"=Synaptics Control Panel
"{11016101-E366-4D22-BC06-4ADA335C892B}"=IE History and Feeds Shell Data Source for Windows Search
"{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}"=Enhanced Storage Data Source
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"=WinRAR shell extension
"{52B87208-9CCF-42C9-B88E-069281105805}"=Trojan Remover Shell Extension
"{0563DB41-F538-4B37-A92D-4659049B7766}"=WLMD Message Handler
"{06A2568A-CED6-4187-BB20-400B8C02BE5A}"=
"{00F33137-EE26-412F-8D71-F84E4C2C6625}"=
"{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C}"=Windows Live Photo Gallery Autoplay Drop Target
"{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C}"=Windows Live Photo Gallery Viewer Drop Target
"{00F374B7-B390-4884-B372-2FC349F2172B}"=Windows Live Photo Gallery Editor Drop Target
"{00F346CB-35A4-465B-8B8F-65A29DBAB1F6}"=Windows Live Photo Gallery Viewer Drop Target Shim
"{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D}"=Windows Live Photo Gallery Editor Drop Target Shim
"{00F30F90-3E96-453B-AFCD-D71989ECC2C7}"=Windows Live Photo Gallery Autoplay Drop Target Shim
"{A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D}"=Sophos Anti-Virus Shell Extension
"{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"=Shell Extension for Malware scanning
¤¤¤¤¤¤¤¤¤¤ BHO
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] | (Skype add-on (mastermind)) -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [30/04/2008|15:56:10]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] | (Windows Live ID Sign-in Helper) -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [28/03/2011|20:35:06]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] | (Google Toolbar Helper) -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [25/11/2009|11:50:54]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] | (Google Toolbar Notifier BHO) -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [22/05/2011|20:41:11]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] | (FDMIECookiesBHO Class) -> C:\Program Files\Free Download Manager\iefdm2.dll [02/03/2009|12:41:52]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] | (Java(tm) Plug-In 2 SSV Helper) -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [12/04/2010|18:44:26]
¤¤¤¤¤¤¤¤¤¤ ActiveX
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] | WMPACCESS -> Microsoft Windows Media Player
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] | IEACCESS -> Internet Explorer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] | BRANDING.CAB -> Browser Customizations
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}] | JAVAVM -> Java (Sun)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] | -> LightScribe Control Panel
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}] | Director -> Macromedia Shockwave Director 10.1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] | ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] | -> Microsoft Windows Media Player 11.0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2A202491-F00D-11cf-87CC-0020AFEECF20}] | Director -> Macromedia Shockwave Director 10.1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] | Theme Component -> Themes Setup
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] | MobilePk -> Offline Browsing Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3C3901C5-3455-3E0A-A214-0B093A5070A6}] | .NETFramework -> .NET Framework
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] | MailNews -> Microsoft Windows Mail 7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}] | ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] | DirectDrawEx -> DirectDrawEx
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] | HelpCont -> Internet Explorer Help
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] | MSVBScript -> Microsoft Windows Script 5.7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] | GenSetup -> Internet Explorer Setup Tools
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] | ExtraPack -> Browsing Enhancements
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] | Microsoft Windows Media Player -> Microsoft Windows Media Player
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] | MSN_Auth -> MSN Site Access
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] | -> Address Book 7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] | .NETFramework -> .NET Framework
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] | IE4_SHELLID -> Windows Desktop Update
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] | BASEIE40_W2K -> Web Platform Customizations
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] | DOTNETFRAMEWORKS ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] | Tridata -> Dynamic HTML Data Binding
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] | .NETFramework -> .NET Framework
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] | Fontcore -> Internet Explorer Core Fonts
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}] | Windows Movie Maker v2.1 ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}] | Flash -> Adobe Flash Player
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] | HTMLHelp -> HTML Help
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] | ADSI -> Active Directory Service Interface
¤¤¤¤¤¤¤¤¤¤ Windows
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=
"LoadAppInit_DLLs"=0
¤¤¤¤¤¤¤¤¤¤ Winlogon
¤
[HKLM | Winlogon] | Shell : explorer.exe
[HKLM | Winlogon] | AutoRestartShell : 1
[HKLM | Winlogon] | userinit : C:\Windows\system32\userinit.exe,
[HKLM | Winlogon] | PowerDownAfterShutdown : 1
[HKLM | Winlogon] | System :
[HKLM | Winlogon] | Taskman :
¤¤¤¤¤¤¤¤¤¤ Winlogon\Notify
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
¤¤¤¤¤¤¤¤¤¤ Associations
[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : comfile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : C:\Windows\explorer.exe
¤
[Firefox | Command] | @ : "C:\Program Files\Mozilla Firefox\Firefox.exe"
[Firefox - Safemode | Command] | @ : "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
[IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[Safari | Command] | @ : "C:\Program Files\Safari\Safari.exe"
[Assoc | Applications] | @ : http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s
¤¤¤¤¤¤¤¤¤¤ Divers
[HKLM | HideDesktopIcons\ClassicStartMenu] | {9343812e-1c37-4a49-a12e-4b2d810d956b} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {F02C1A0D-BE21-4350-88B0-7367FC96EF3C} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {208D2C60-3AEA-1069-A2D7-08002B30309D} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {871C5380-42A0-1069-A2EA-08002B30309D} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {9343812e-1c37-4a49-a12e-4b2d810d956b} : 0
[HKCU | Desktop] | Wallpaper : C:\Users\Laetitia\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
[HKLM | policies\Explorer] | NoDriveTypeAutoRun : 145
¤¤¤¤¤¤¤¤¤¤ Services
[Ndisuio] | Start : 3 : Actif
[Profsvc] | Start : 2 : Actif
[PlugPlay] | Start : 2 : Actif
[PEAUTH] | Start : 2 : Actif
[Parvdm] | Start : 2 : Inactif
[nsi] | Start : 2 : Actif
[NLASvc] | Start : 2 : Actif
[MPSsvc] | Start : 2 : Actif
[MMCSS] | Start : 2 : Actif
[luafv] | Start : 2 : Actif
[lltdio] | Start : 2 : Actif
[Iphlpsvc] | Start : 2 : Actif
[IKEEXT] | Start : 2 : Actif
[gpsvc] | Start : 2 : Actif
[lmhosts] | Start : 2 : Actif
[LanmanWorkstation] | Start : 2 : Actif
[LanmanServer] | Start : 2 : Actif
[agp440] | Start : 2 : Inactif
[AudioEndpointBuilder] | Start : 2 : Actif
[Audiosrv] | Start : 2 : Actif
[BFE] | Start : 2 : Actif
[Bits] | Start : 2 : Actif
[CryptSvc] | Start : 2 : Actif
[EapHost] | Start : 2 : Actif
[Wlansvc] | Start : 2 : Actif
[SharedAccess] | Start : 2 : Inactif
[windefend] | Start : 2 : Actif
[wuauserv] | Start : 2 : Actif
[WerSvc] | Start : 2 : Actif
[wscsvc] | Start : 2 : Actif
¤¤¤¤¤¤¤¤¤¤ Internet Explorer
[HKCU | Main] | Start Page : http://www.google.com/
[HKCU | Main] | Local Page : C:\Windows\system32\blank.htm
[HKCU | Main] | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
[HKCU | Main] | Use Custom Search URL : 0
[HKLM | Search] | SearchAssistant : http://www.google.com/ie
[HKLM | Main] | Start Page : http://go.microsoft.com/fwlink/?LinkId=69157
[HKLM | Main] | Local Page : C:\Windows\System32\blank.htm
[HKLM | Main] | Default_Search_URL : http://go.microsoft.com/fwlink/?LinkId=54896
[HKLM | Main] | Default_Page_URL : http://go.microsoft.com/fwlink/?LinkId=69157
[HKLM | Main] | Search Page : http://go.microsoft.com/fwlink/?LinkId=54896
¤
[HKCU | PhishingFilter] | Enabled : 2
[HKCU | PhishingFilter] | EnabledV8 : 1
[HKCU | Internet settings] | ProxyOverride : 0
[HKCU | Internet settings] | EnableHttp1_1 : 1
[HKCU | Internet Settings] | MigrateProxy : 1
[HKCU | Internet Settings] | WarnonBadCertRecving : 1
[HKCU | Internet Settings] | WarnOnHTTPSToHTTPRedirect : 1
[HKCU | Internet Settings] | WarnonZoneCrossing : 1
[HKCU | Internet Settings] | AutoConfigProxy : 0
[HKLM | AboutURLs] | Tabs : res://ieframe.dll/tabswelcome.htm
¤¤¤¤¤¤¤¤¤¤ Extensions Firefox
C:\Users\Laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\6b3v8bh8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
C:\Users\Laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\6b3v8bh8.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
C:\Users\Laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\6b3v8bh8.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
¤
¤¤¤¤¤¤¤¤¤¤ DNS
[HKLM\CCS | Tcpip\Parameters] | DhcpNameServer -> 192.168.1.1
[HKLM\CCS | Interfaces\{DD6CD660-F193-41DC-B8A2-8B25EF116468}] | DhcpNameServer -> 192.168.1.1
[HKLM\CS001 | Interfaces\{DD6CD660-F193-41DC-B8A2-8B25EF116468}] | DhcpNameServer -> 192.168.1.1
[HKLM\CS003 | Interfaces\{DD6CD660-F193-41DC-B8A2-8B25EF116468}] | DhcpNameServer -> 192.168.1.1
[HKLM\CCS | Tcpip\Parameters] | NameServer ->
¤¤¤¤¤¤¤¤¤¤ Hosts
127.0.0.1 localhost
¤¤¤¤¤¤¤¤¤¤ HKCU\Software
[HKEY_CURRENT_USER\Software\ACF]
[HKEY_CURRENT_USER\Software\Ad-Remover]
[HKEY_CURRENT_USER\Software\Adobe]
[HKEY_CURRENT_USER\Software\Affinix]
[HKEY_CURRENT_USER\Software\ALWIL Software]
[HKEY_CURRENT_USER\Software\Anvsoft]
[HKEY_CURRENT_USER\Software\AOL]
[HKEY_CURRENT_USER\Software\AppDataLow]
[HKEY_CURRENT_USER\Software\Apple Computer, Inc.]
[HKEY_CURRENT_USER\Software\Apple Inc.]
[HKEY_CURRENT_USER\Software\AVAST Software]
[HKEY_CURRENT_USER\Software\Avira]
[HKEY_CURRENT_USER\Software\AVS4YOU]
[HKEY_CURRENT_USER\Software\Bestonepoker]
[HKEY_CURRENT_USER\Software\Binary Noise]
[HKEY_CURRENT_USER\Software\BitDefender]
[HKEY_CURRENT_USER\Software\BitTorrent]
[HKEY_CURRENT_USER\Software\Bugsplat]
[HKEY_CURRENT_USER\Software\BVRP Software]
[HKEY_CURRENT_USER\Software\Casino]
[HKEY_CURRENT_USER\Software\CDDB]
[HKEY_CURRENT_USER\Software\CelebPoker]
[HKEY_CURRENT_USER\Software\Chilipoker]
[HKEY_CURRENT_USER\Software\Clients]
[HKEY_CURRENT_USER\Software\Club Dice Poker]
[HKEY_CURRENT_USER\Software\CyberLink]
[HKEY_CURRENT_USER\Software\DivXNetworks]
[HKEY_CURRENT_USER\Software\EasyBits]
[HKEY_CURRENT_USER\Software\eMule]
[HKEY_CURRENT_USER\Software\FreeDownloadManager.ORG]
[HKEY_CURRENT_USER\Software\Freeware]
[HKEY_CURRENT_USER\Software\Full Tilt Poker]
[HKEY_CURRENT_USER\Software\Full Tilt Poker.fr]
[HKEY_CURRENT_USER\Software\g3n-h@ckm@n]
[HKEY_CURRENT_USER\Software\GNU]
[HKEY_CURRENT_USER\Software\Google]
[HKEY_CURRENT_USER\Software\Grand Virtual]
[HKEY_CURRENT_USER\Software\Hewlett-Packard]
[HKEY_CURRENT_USER\Software\HipSoft]
[HKEY_CURRENT_USER\Software\HoldemManager]
[HKEY_CURRENT_USER\Software\IDT]
[HKEY_CURRENT_USER\Software\IGA]
[HKEY_CURRENT_USER\Software\IM Providers]
[HKEY_CURRENT_USER\Software\Intel]
[HKEY_CURRENT_USER\Software\JavaSoft]
[HKEY_CURRENT_USER\Software\KasperskyLab]
[HKEY_CURRENT_USER\Software\Lavalys]
[HKEY_CURRENT_USER\Software\LeakBuster 2.5]
[HKEY_CURRENT_USER\Software\Licenses]
[HKEY_CURRENT_USER\Software\LightScribe]
[HKEY_CURRENT_USER\Software\Macromedia]
[HKEY_CURRENT_USER\Software\MainConcept]
[HKEY_CURRENT_USER\Software\MainConcept (Muvee)]
[HKEY_CURRENT_USER\Software\MainConcept (Muvee2)]
[HKEY_CURRENT_USER\Software\Malwarebytes' Anti-Malware]
[HKEY_CURRENT_USER\Software\MGS]
[HKEY_CURRENT_USER\Software\Microgaming]
[HKEY_CURRENT_USER\Software\Microsoft]
[HKEY_CURRENT_USER\Software\MimarSinan]
[HKEY_CURRENT_USER\Software\Mozilla]
[HKEY_CURRENT_USER\Software\MozillaPlugins]
[HKEY_CURRENT_USER\Software\Netscape]
[HKEY_CURRENT_USER\Software\Norton]
[HKEY_CURRENT_USER\Software\ODBC]
[HKEY_CURRENT_USER\Software\PartyFrance]
[HKEY_CURRENT_USER\Software\pgAdmin III]
[HKEY_CURRENT_USER\Software\PhotoFiltre]
[HKEY_CURRENT_USER\Software\Piriform]
[HKEY_CURRENT_USER\Software\Poker83]
[HKEY_CURRENT_USER\Software\PokerTrainer]
[HKEY_CURRENT_USER\Software\Policies]
[HKEY_CURRENT_USER\Software\Polipo]
[HKEY_CURRENT_USER\Software\PostgreSQL]
[HKEY_CURRENT_USER\Software\psi-im.org]
[HKEY_CURRENT_USER\Software\RegisteredApplications]
[HKEY_CURRENT_USER\Software\Safer Networking Limited]
[HKEY_CURRENT_USER\Software\Samsung]
[HKEY_CURRENT_USER\Software\SFR]
[HKEY_CURRENT_USER\Software\shockwave.com]
[HKEY_CURRENT_USER\Software\Simply Super Software]
[HKEY_CURRENT_USER\Software\Skype]
[HKEY_CURRENT_USER\Software\SOCID]
[HKEY_CURRENT_USER\Software\Sony Ericsson]
[HKEY_CURRENT_USER\Software\Speed-Downloading]
[HKEY_CURRENT_USER\Software\SSPrint]
[HKEY_CURRENT_USER\Software\SSScan]
[HKEY_CURRENT_USER\Software\Synaptics]
[HKEY_CURRENT_USER\Software\Sysinternals]
[HKEY_CURRENT_USER\Software\Trolltech]
[HKEY_CURRENT_USER\Software\VB and VBA Program Settings]
[HKEY_CURRENT_USER\Software\Veoh]
[HKEY_CURRENT_USER\Software\VHLD]
[HKEY_CURRENT_USER\Software\Victor Chandler]
[HKEY_CURRENT_USER\Software\WildTangent]
[HKEY_CURRENT_USER\Software\WinRAR]
[HKEY_CURRENT_USER\Software\WinRAR SFX]
[HKEY_CURRENT_USER\Software\YahooPartnerToolbar]
[HKEY_CURRENT_USER\Software\Classes]
¤¤¤¤¤¤¤¤¤¤ HKLM\Software
[HKEY_LOCAL_MACHINE\Software\Adobe]
[HKEY_LOCAL_MACHINE\Software\Affinix]
[HKEY_LOCAL_MACHINE\Software\ALWIL Software]
[HKEY_LOCAL_MACHINE\Software\America Online]
[HKEY_LOCAL_MACHINE\Software\Apple Computer, Inc.]
[HKEY_LOCAL_MACHINE\Software\Apple Inc.]
[HKEY_LOCAL_MACHINE\Software\Atheros]
[HKEY_LOCAL_MACHINE\Software\AVAST Software]
[HKEY_LOCAL_MACHINE\Software\Avira]
[HKEY_LOCAL_MACHINE\Software\AVS4YOU]
[HKEY_LOCAL_MACHINE\Software\BrowserChoice]
[HKEY_LOCAL_MACHINE\Software\C07ft5Y]
[HKEY_LOCAL_MACHINE\Software\Caphyon]
[HKEY_LOCAL_MACHINE\Software\CelebPoker]
[HKEY_LOCAL_MACHINE\Software\Chilipoker]
[HKEY_LOCAL_MACHINE\Software\Classes]
[HKEY_LOCAL_MACHINE\Software\Clients]
[HKEY_LOCAL_MACHINE\Software\Club Dice Poker]
[HKEY_LOCAL_MACHINE\Software\ClubDeJeux]
[HKEY_LOCAL_MACHINE\Software\CrazyLoader]
[HKEY_LOCAL_MACHINE\Software\Cyberlink]
[HKEY_LOCAL_MACHINE\Software\Debug]
[HKEY_LOCAL_MACHINE\Software\DivXNetworks]
[HKEY_LOCAL_MACHINE\Software\EasyBits]
[HKEY_LOCAL_MACHINE\Software\EnterpriseDB]
[HKEY_LOCAL_MACHINE\Software\FreeDownloadManager.ORG]
[HKEY_LOCAL_MACHINE\Software\Full Tilt Poker]
[HKEY_LOCAL_MACHINE\Software\GEAR Software]
[HKEY_LOCAL_MACHINE\Software\Google]
[HKEY_LOCAL_MACHINE\Software\Hewlett-Packard]
[HKEY_LOCAL_MACHINE\Software\Hewlett-Packard Company]
[HKEY_LOCAL_MACHINE\Software\HP]
[HKEY_LOCAL_MACHINE\Software\HPQ]
[HKEY_LOCAL_MACHINE\Software\I.R.I.S.]
[HKEY_LOCAL_MACHINE\Software\IDT]
[HKEY_LOCAL_MACHINE\Software\InstalledOptions]
[HKEY_LOCAL_MACHINE\Software\Intel]
[HKEY_LOCAL_MACHINE\Software\JavaSoft]
[HKEY_LOCAL_MACHINE\Software\JreMetrics]
[HKEY_LOCAL_MACHINE\Software\Licenses]
[HKEY_LOCAL_MACHINE\Software\LightScribe]
[HKEY_LOCAL_MACHINE\Software\Macromedia]
[HKEY_LOCAL_MACHINE\Software\Malwarebytes' Anti-Malware (Trial)]
[HKEY_LOCAL_MACHINE\Software\Microsoft]
[HKEY_LOCAL_MACHINE\Software\MimarSinan]
[HKEY_LOCAL_MACHINE\Software\Mozilla]
[HKEY_LOCAL_MACHINE\Software\mozilla.org]
[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]
[HKEY_LOCAL_MACHINE\Software\Norton]
[HKEY_LOCAL_MACHINE\Software\Notepad]
[HKEY_LOCAL_MACHINE\Software\ODBC]
[HKEY_LOCAL_MACHINE\Software\OldTimer Tools]
[HKEY_LOCAL_MACHINE\Software\P2G_Upgrade]
[HKEY_LOCAL_MACHINE\Software\Panda Software]
[HKEY_LOCAL_MACHINE\Software\PDR_Upgrade]
[HKEY_LOCAL_MACHINE\Software\Piriform]
[HKEY_LOCAL_MACHINE\Software\PKR]
[HKEY_LOCAL_MACHINE\Software\Poker
2011N2
Messages postés
13352
Date d'inscription
samedi 29 janvier 2011
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
917
14 sept. 2011 à 13:23
14 sept. 2011 à 13:23
Passe le en mode 2 (suppression), et puis fais TDSSkiller :)
@+
Gabriel.
@+
Gabriel.
2011N2
Messages postés
13352
Date d'inscription
samedi 29 janvier 2011
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
917
14 sept. 2011 à 13:24
14 sept. 2011 à 13:24
Pourquoi Pre_Scan ?
Fais TDSSkiller, comme indiqué à la suite de RogueKiller ;)
@+
Gabriel.
Fais TDSSkiller, comme indiqué à la suite de RogueKiller ;)
@+
Gabriel.
2011/09/14 15:07:17.0261 5288 TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17
2011/09/14 15:07:17.0662 5288 ================================================================================
2011/09/14 15:07:17.0662 5288 SystemInfo:
2011/09/14 15:07:17.0663 5288
2011/09/14 15:07:17.0663 5288 OS Version: 6.0.6002 ServicePack: 2.0
2011/09/14 15:07:17.0663 5288 Product type: Workstation
2011/09/14 15:07:17.0663 5288 ComputerName: PC-DE-LAETITIA
2011/09/14 15:07:17.0663 5288 UserName: Laetitia
2011/09/14 15:07:17.0663 5288 Windows directory: C:\Windows
2011/09/14 15:07:17.0663 5288 System windows directory: C:\Windows
2011/09/14 15:07:17.0663 5288 Processor architecture: Intel x86
2011/09/14 15:07:17.0663 5288 Number of processors: 2
2011/09/14 15:07:17.0663 5288 Page size: 0x1000
2011/09/14 15:07:17.0663 5288 Boot type: Normal boot
2011/09/14 15:07:17.0663 5288 ================================================================================
2011/09/14 15:07:20.0014 5288 Initialize success
2011/09/14 15:07:28.0037 5356 ================================================================================
2011/09/14 15:07:28.0037 5356 Scan started
2011/09/14 15:07:28.0037 5356 Mode: Manual;
2011/09/14 15:07:28.0037 5356 ================================================================================
2011/09/14 15:07:29.0399 5356 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/09/14 15:07:29.0538 5356 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/09/14 15:07:29.0865 5356 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/09/14 15:07:29.0944 5356 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/09/14 15:07:30.0326 5356 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/09/14 15:07:30.0523 5356 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
2011/09/14 15:07:30.0610 5356 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/09/14 15:07:30.0671 5356 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/09/14 15:07:30.0727 5356 aliide (3d76fda1a10acc3dc84728f55c29b6d4) C:\Windows\system32\drivers\aliide.sys
2011/09/14 15:07:31.0107 5356 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/09/14 15:07:31.0168 5356 amdide (5b92e7839f5a1fbc1b39de67758ad6f8) C:\Windows\system32\drivers\amdide.sys
2011/09/14 15:07:31.0288 5356 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/09/14 15:07:31.0359 5356 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/09/14 15:07:31.0507 5356 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/09/14 15:07:31.0574 5356 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/09/14 15:07:31.0661 5356 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/14 15:07:31.0724 5356 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/09/14 15:07:31.0847 5356 athr (02d34ac487df3da4e3f01874e61eb619) C:\Windows\system32\DRIVERS\athr.sys
2011/09/14 15:07:31.0943 5356 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/09/14 15:07:32.0077 5356 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
2011/09/14 15:07:32.0430 5356 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/09/14 15:07:32.0659 5356 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/09/14 15:07:32.0779 5356 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/14 15:07:32.0871 5356 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/09/14 15:07:32.0939 5356 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/09/14 15:07:33.0034 5356 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/09/14 15:07:33.0102 5356 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/09/14 15:07:33.0163 5356 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/09/14 15:07:33.0229 5356 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/09/14 15:07:33.0356 5356 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/09/14 15:07:34.0000 5356 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/14 15:07:34.0276 5356 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/14 15:07:34.0845 5356 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/09/14 15:07:34.0907 5356 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/09/14 15:07:35.0056 5356 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/14 15:07:35.0095 5356 cmdide (d36372a6ea6805efbe8884d10772313f) C:\Windows\system32\drivers\cmdide.sys
2011/09/14 15:07:35.0431 5356 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/14 15:07:35.0660 5356 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/09/14 15:07:35.0733 5356 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/09/14 15:07:35.0857 5356 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
2011/09/14 15:07:35.0954 5356 DgiVecp (770471de2550820feeb7e5d24bf2e273) C:\Windows\system32\Drivers\DgiVecp.sys
2011/09/14 15:07:36.0086 5356 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/09/14 15:07:36.0206 5356 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
2011/09/14 15:07:36.0265 5356 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/09/14 15:07:36.0337 5356 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/09/14 15:07:36.0452 5356 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/09/14 15:07:36.0738 5356 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/14 15:07:37.0125 5356 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/09/14 15:07:37.0228 5356 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/09/14 15:07:37.0345 5356 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/09/14 15:07:37.0432 5356 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/09/14 15:07:37.0562 5356 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/09/14 15:07:37.0636 5356 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/09/14 15:07:37.0748 5356 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/14 15:07:37.0830 5356 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/09/14 15:07:37.0894 5356 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/09/14 15:07:37.0953 5356 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/14 15:07:38.0151 5356 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/09/14 15:07:38.0437 5356 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/14 15:07:38.0525 5356 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/09/14 15:07:38.0610 5356 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/09/14 15:07:38.0730 5356 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
2011/09/14 15:07:38.0810 5356 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
2011/09/14 15:07:38.0959 5356 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/09/14 15:07:39.0051 5356 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/14 15:07:39.0164 5356 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/09/14 15:07:39.0239 5356 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/09/14 15:07:39.0602 5356 HidUsb (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/14 15:07:39.0866 5356 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/09/14 15:07:39.0985 5356 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
2011/09/14 15:07:40.0123 5356 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
2011/09/14 15:07:40.0264 5356 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/09/14 15:07:40.0435 5356 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/14 15:07:40.0529 5356 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/09/14 15:07:41.0025 5356 igfx (0391268713612372e4e0eceaadad41d5) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/09/14 15:07:41.0365 5356 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/09/14 15:07:41.0458 5356 IntcHdmiAddService (092a78e9c6f71bf0e22379503b90e800) C:\Windows\system32\drivers\IntcHdmi.sys
2011/09/14 15:07:41.0522 5356 intelide (dd512a049bd7b4bce8a83554c5eff2c1) C:\Windows\system32\drivers\intelide.sys
2011/09/14 15:07:41.0606 5356 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/14 15:07:41.0691 5356 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/14 15:07:41.0818 5356 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/09/14 15:07:41.0904 5356 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/09/14 15:07:41.0962 5356 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/09/14 15:07:42.0032 5356 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/09/14 15:07:42.0098 5356 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/14 15:07:42.0171 5356 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/09/14 15:07:42.0402 5356 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/09/14 15:07:42.0762 5356 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/14 15:07:42.0907 5356 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/14 15:07:42.0982 5356 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/14 15:07:43.0714 5356 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/14 15:07:44.0485 5356 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/09/14 15:07:44.0877 5356 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/09/14 15:07:45.0310 5356 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/09/14 15:07:45.0389 5356 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/09/14 15:07:45.0542 5356 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/09/14 15:07:45.0586 5356 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/09/14 15:07:45.0676 5356 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/09/14 15:07:46.0042 5356 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/14 15:07:46.0328 5356 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/14 15:07:46.0398 5356 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/14 15:07:46.0452 5356 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/09/14 15:07:46.0559 5356 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/09/14 15:07:46.0776 5356 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/14 15:07:46.0858 5356 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/09/14 15:07:46.0916 5356 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/09/14 15:07:47.0017 5356 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/14 15:07:47.0055 5356 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/14 15:07:47.0157 5356 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/14 15:07:47.0254 5356 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
2011/09/14 15:07:47.0679 5356 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/09/14 15:07:48.0031 5356 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/09/14 15:07:48.0103 5356 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/09/14 15:07:48.0190 5356 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/14 15:07:48.0288 5356 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/14 15:07:48.0326 5356 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/09/14 15:07:48.0412 5356 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/09/14 15:07:48.0461 5356 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/14 15:07:48.0525 5356 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/09/14 15:07:48.0588 5356 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/09/14 15:07:48.0716 5356 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/14 15:07:49.0284 5356 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/09/14 15:07:49.0466 5356 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/14 15:07:49.0501 5356 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/14 15:07:49.0573 5356 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/14 15:07:49.0643 5356 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/09/14 15:07:49.0726 5356 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/14 15:07:49.0811 5356 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/14 15:07:50.0058 5356 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
2011/09/14 15:07:50.0155 5356 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/09/14 15:07:50.0218 5356 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/09/14 15:07:50.0665 5356 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/14 15:07:51.0157 5356 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/09/14 15:07:51.0232 5356 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/09/14 15:07:51.0280 5356 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/09/14 15:07:51.0342 5356 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/09/14 15:07:51.0392 5356 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/09/14 15:07:51.0458 5356 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/09/14 15:07:51.0583 5356 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/14 15:07:51.0671 5356 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/09/14 15:07:51.0767 5356 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/09/14 15:07:52.0116 5356 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/09/14 15:07:52.0357 5356 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\Windows\system32\drivers\pavboot.sys
2011/09/14 15:07:52.0468 5356 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/09/14 15:07:52.0532 5356 pciide (1d8b3d8df8eb7fcf2f0ac02f9f947802) C:\Windows\system32\drivers\pciide.sys
2011/09/14 15:07:52.0603 5356 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/09/14 15:07:52.0700 5356 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/09/14 15:07:52.0885 5356 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/14 15:07:52.0937 5356 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/09/14 15:07:53.0053 5356 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/14 15:07:53.0184 5356 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/09/14 15:07:53.0288 5356 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/09/14 15:07:53.0570 5356 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/14 15:07:53.0883 5356 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/14 15:07:54.0013 5356 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/14 15:07:54.0496 5356 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/14 15:07:54.0622 5356 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/14 15:07:54.0688 5356 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/14 15:07:55.0215 5356 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/14 15:07:55.0584 5356 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/09/14 15:07:56.0171 5356 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/14 15:07:56.0301 5356 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/09/14 15:07:56.0446 5356 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/14 15:07:56.0530 5356 RTL8169 (5163f804256deb8cf1ef64b780a18caa) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/09/14 15:07:56.0582 5356 RTSTOR (2b7da5a2d2c4aae01098d910007edac5) C:\Windows\system32\drivers\RTSTOR.SYS
2011/09/14 15:07:56.0635 5356 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/09/14 15:07:56.0713 5356 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
2011/09/14 15:07:56.0778 5356 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/09/14 15:07:56.0847 5356 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/09/14 15:07:57.0071 5356 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/09/14 15:07:57.0380 5356 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/09/14 15:07:57.0502 5356 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/09/14 15:07:57.0555 5356 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/14 15:07:57.0651 5356 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/14 15:07:57.0718 5356 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/09/14 15:07:57.0812 5356 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/09/14 15:07:57.0870 5356 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/09/14 15:07:57.0940 5356 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/09/14 15:07:58.0014 5356 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/09/14 15:07:58.0159 5356 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/09/14 15:07:58.0241 5356 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/09/14 15:07:58.0785 5356 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/14 15:07:59.0144 5356 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/14 15:07:59.0226 5356 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/09/14 15:07:59.0306 5356 SSPORT (ef3458337d7341a05169cefc73709264) C:\Windows\system32\Drivers\SSPORT.sys
2011/09/14 15:07:59.0417 5356 STHDA (e3c50b029bd08a35fc6a5f0b1cf5d300) C:\Windows\system32\DRIVERS\stwrt.sys
2011/09/14 15:07:59.0487 5356 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/14 15:07:59.0556 5356 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/09/14 15:08:00.0003 5356 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/09/14 15:08:00.0366 5356 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/09/14 15:08:00.0735 5356 SynTP (067cb9d745407a8c1b26e89a6a2ce152) C:\Windows\system32\DRIVERS\SynTP.sys
2011/09/14 15:08:00.0888 5356 Tcpip (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\drivers\tcpip.sys
2011/09/14 15:08:00.0987 5356 Tcpip6 (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/14 15:08:01.0086 5356 tcpipreg (36606b165d04a397bdf613096986d85d) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/14 15:08:01.0150 5356 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/09/14 15:08:01.0203 5356 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/09/14 15:08:01.0341 5356 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/14 15:08:01.0420 5356 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/14 15:08:02.0151 5356 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/14 15:08:02.0487 5356 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/09/14 15:08:02.0577 5356 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/14 15:08:02.0621 5356 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/09/14 15:08:02.0695 5356 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/14 15:08:02.0773 5356 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/14 15:08:02.0833 5356 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/09/14 15:08:02.0870 5356 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/09/14 15:08:02.0910 5356 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/09/14 15:08:02.0965 5356 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/14 15:08:03.0031 5356 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
2011/09/14 15:08:03.0112 5356 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/14 15:08:03.0152 5356 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/09/14 15:08:03.0230 5356 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/14 15:08:03.0280 5356 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/14 15:08:03.0798 5356 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/09/14 15:08:04.0180 5356 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/14 15:08:04.0484 5356 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/09/14 15:08:04.0594 5356 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/14 15:08:04.0681 5356 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/14 15:08:04.0758 5356 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/09/14 15:08:04.0842 5356 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/14 15:08:04.0901 5356 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/09/14 15:08:04.0938 5356 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/09/14 15:08:04.0996 5356 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/09/14 15:08:05.0060 5356 viaide (ea1aa6e3abb3c194feba12a46de8cf2c) C:\Windows\system32\drivers\viaide.sys
2011/09/14 15:08:05.0113 5356 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/09/14 15:08:05.0519 5356 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/09/14 15:08:05.0775 5356 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/09/14 15:08:05.0826 5356 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/09/14 15:08:05.0888 5356 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/09/14 15:08:05.0946 5356 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/14 15:08:05.0970 5356 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/14 15:08:06.0050 5356 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/09/14 15:08:06.0142 5356 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/14 15:08:06.0319 5356 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/09/14 15:08:06.0423 5356 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/09/14 15:08:06.0518 5356 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/14 15:08:06.0624 5356 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/14 15:08:06.0835 5356 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/09/14 15:08:07.0027 5356 ZTEusbmdm6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
2011/09/14 15:08:07.0082 5356 ZTEusbnmea (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
2011/09/14 15:08:07.0211 5356 ZTEusbser6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
2011/09/14 15:08:07.0267 5356 ZTEusbvoice (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
2011/09/14 15:08:07.0316 5356 MBR (0x1B8) (588ae8f0c685c02ba11f30d9cd7e61a0) \Device\Harddisk0\DR0
2011/09/14 15:08:07.0332 5356 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
2011/09/14 15:08:07.0384 5356 Boot (0x1200) (fdff7141eb5b21f9eb2c11bcc4d4a247) \Device\Harddisk0\DR0\Partition0
2011/09/14 15:08:07.0420 5356 Boot (0x1200) (7987bae72a8f2d6ca13e9223be6771a5) \Device\Harddisk0\DR0\Partition1
2011/09/14 15:08:07.0433 5356 Boot (0x1200) (c0e4ab681d8009a6bdd50ffa045b0b52) \Device\Harddisk1\DR1\Partition0
2011/09/14 15:08:07.0442 5356 ================================================================================
2011/09/14 15:08:07.0442 5356 Scan finished
2011/09/14 15:08:07.0442 5356 ================================================================================
2011/09/14 15:08:07.0458 4944 Detected object count: 0
2011/09/14 15:08:07.0458 4944 Actual detected object count: 0
2011/09/14 15:07:17.0662 5288 ================================================================================
2011/09/14 15:07:17.0662 5288 SystemInfo:
2011/09/14 15:07:17.0663 5288
2011/09/14 15:07:17.0663 5288 OS Version: 6.0.6002 ServicePack: 2.0
2011/09/14 15:07:17.0663 5288 Product type: Workstation
2011/09/14 15:07:17.0663 5288 ComputerName: PC-DE-LAETITIA
2011/09/14 15:07:17.0663 5288 UserName: Laetitia
2011/09/14 15:07:17.0663 5288 Windows directory: C:\Windows
2011/09/14 15:07:17.0663 5288 System windows directory: C:\Windows
2011/09/14 15:07:17.0663 5288 Processor architecture: Intel x86
2011/09/14 15:07:17.0663 5288 Number of processors: 2
2011/09/14 15:07:17.0663 5288 Page size: 0x1000
2011/09/14 15:07:17.0663 5288 Boot type: Normal boot
2011/09/14 15:07:17.0663 5288 ================================================================================
2011/09/14 15:07:20.0014 5288 Initialize success
2011/09/14 15:07:28.0037 5356 ================================================================================
2011/09/14 15:07:28.0037 5356 Scan started
2011/09/14 15:07:28.0037 5356 Mode: Manual;
2011/09/14 15:07:28.0037 5356 ================================================================================
2011/09/14 15:07:29.0399 5356 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/09/14 15:07:29.0538 5356 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/09/14 15:07:29.0865 5356 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/09/14 15:07:29.0944 5356 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/09/14 15:07:30.0326 5356 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/09/14 15:07:30.0523 5356 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
2011/09/14 15:07:30.0610 5356 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/09/14 15:07:30.0671 5356 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/09/14 15:07:30.0727 5356 aliide (3d76fda1a10acc3dc84728f55c29b6d4) C:\Windows\system32\drivers\aliide.sys
2011/09/14 15:07:31.0107 5356 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/09/14 15:07:31.0168 5356 amdide (5b92e7839f5a1fbc1b39de67758ad6f8) C:\Windows\system32\drivers\amdide.sys
2011/09/14 15:07:31.0288 5356 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/09/14 15:07:31.0359 5356 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/09/14 15:07:31.0507 5356 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/09/14 15:07:31.0574 5356 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/09/14 15:07:31.0661 5356 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/14 15:07:31.0724 5356 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/09/14 15:07:31.0847 5356 athr (02d34ac487df3da4e3f01874e61eb619) C:\Windows\system32\DRIVERS\athr.sys
2011/09/14 15:07:31.0943 5356 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/09/14 15:07:32.0077 5356 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
2011/09/14 15:07:32.0430 5356 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/09/14 15:07:32.0659 5356 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/09/14 15:07:32.0779 5356 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/14 15:07:32.0871 5356 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/09/14 15:07:32.0939 5356 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/09/14 15:07:33.0034 5356 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/09/14 15:07:33.0102 5356 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/09/14 15:07:33.0163 5356 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/09/14 15:07:33.0229 5356 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/09/14 15:07:33.0356 5356 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/09/14 15:07:34.0000 5356 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/14 15:07:34.0276 5356 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/14 15:07:34.0845 5356 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/09/14 15:07:34.0907 5356 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/09/14 15:07:35.0056 5356 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/14 15:07:35.0095 5356 cmdide (d36372a6ea6805efbe8884d10772313f) C:\Windows\system32\drivers\cmdide.sys
2011/09/14 15:07:35.0431 5356 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/14 15:07:35.0660 5356 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/09/14 15:07:35.0733 5356 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/09/14 15:07:35.0857 5356 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
2011/09/14 15:07:35.0954 5356 DgiVecp (770471de2550820feeb7e5d24bf2e273) C:\Windows\system32\Drivers\DgiVecp.sys
2011/09/14 15:07:36.0086 5356 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/09/14 15:07:36.0206 5356 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
2011/09/14 15:07:36.0265 5356 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/09/14 15:07:36.0337 5356 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/09/14 15:07:36.0452 5356 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/09/14 15:07:36.0738 5356 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/14 15:07:37.0125 5356 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/09/14 15:07:37.0228 5356 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/09/14 15:07:37.0345 5356 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/09/14 15:07:37.0432 5356 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/09/14 15:07:37.0562 5356 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/09/14 15:07:37.0636 5356 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/09/14 15:07:37.0748 5356 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/14 15:07:37.0830 5356 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/09/14 15:07:37.0894 5356 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/09/14 15:07:37.0953 5356 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/14 15:07:38.0151 5356 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/09/14 15:07:38.0437 5356 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/14 15:07:38.0525 5356 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/09/14 15:07:38.0610 5356 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/09/14 15:07:38.0730 5356 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
2011/09/14 15:07:38.0810 5356 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
2011/09/14 15:07:38.0959 5356 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/09/14 15:07:39.0051 5356 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/14 15:07:39.0164 5356 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/09/14 15:07:39.0239 5356 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/09/14 15:07:39.0602 5356 HidUsb (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/14 15:07:39.0866 5356 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/09/14 15:07:39.0985 5356 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
2011/09/14 15:07:40.0123 5356 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
2011/09/14 15:07:40.0264 5356 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/09/14 15:07:40.0435 5356 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/14 15:07:40.0529 5356 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/09/14 15:07:41.0025 5356 igfx (0391268713612372e4e0eceaadad41d5) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/09/14 15:07:41.0365 5356 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/09/14 15:07:41.0458 5356 IntcHdmiAddService (092a78e9c6f71bf0e22379503b90e800) C:\Windows\system32\drivers\IntcHdmi.sys
2011/09/14 15:07:41.0522 5356 intelide (dd512a049bd7b4bce8a83554c5eff2c1) C:\Windows\system32\drivers\intelide.sys
2011/09/14 15:07:41.0606 5356 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/14 15:07:41.0691 5356 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/14 15:07:41.0818 5356 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/09/14 15:07:41.0904 5356 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/09/14 15:07:41.0962 5356 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/09/14 15:07:42.0032 5356 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/09/14 15:07:42.0098 5356 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/14 15:07:42.0171 5356 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/09/14 15:07:42.0402 5356 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/09/14 15:07:42.0762 5356 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/14 15:07:42.0907 5356 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/14 15:07:42.0982 5356 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/14 15:07:43.0714 5356 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/14 15:07:44.0485 5356 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/09/14 15:07:44.0877 5356 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/09/14 15:07:45.0310 5356 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/09/14 15:07:45.0389 5356 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/09/14 15:07:45.0542 5356 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/09/14 15:07:45.0586 5356 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/09/14 15:07:45.0676 5356 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/09/14 15:07:46.0042 5356 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/14 15:07:46.0328 5356 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/14 15:07:46.0398 5356 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/14 15:07:46.0452 5356 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/09/14 15:07:46.0559 5356 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/09/14 15:07:46.0776 5356 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/14 15:07:46.0858 5356 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/09/14 15:07:46.0916 5356 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/09/14 15:07:47.0017 5356 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/14 15:07:47.0055 5356 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/14 15:07:47.0157 5356 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/14 15:07:47.0254 5356 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
2011/09/14 15:07:47.0679 5356 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/09/14 15:07:48.0031 5356 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/09/14 15:07:48.0103 5356 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/09/14 15:07:48.0190 5356 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/14 15:07:48.0288 5356 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/14 15:07:48.0326 5356 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/09/14 15:07:48.0412 5356 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/09/14 15:07:48.0461 5356 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/14 15:07:48.0525 5356 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/09/14 15:07:48.0588 5356 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/09/14 15:07:48.0716 5356 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/14 15:07:49.0284 5356 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/09/14 15:07:49.0466 5356 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/14 15:07:49.0501 5356 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/14 15:07:49.0573 5356 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/14 15:07:49.0643 5356 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/09/14 15:07:49.0726 5356 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/14 15:07:49.0811 5356 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/14 15:07:50.0058 5356 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
2011/09/14 15:07:50.0155 5356 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/09/14 15:07:50.0218 5356 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/09/14 15:07:50.0665 5356 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/14 15:07:51.0157 5356 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/09/14 15:07:51.0232 5356 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/09/14 15:07:51.0280 5356 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/09/14 15:07:51.0342 5356 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/09/14 15:07:51.0392 5356 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/09/14 15:07:51.0458 5356 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/09/14 15:07:51.0583 5356 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/14 15:07:51.0671 5356 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/09/14 15:07:51.0767 5356 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/09/14 15:07:52.0116 5356 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/09/14 15:07:52.0357 5356 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\Windows\system32\drivers\pavboot.sys
2011/09/14 15:07:52.0468 5356 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/09/14 15:07:52.0532 5356 pciide (1d8b3d8df8eb7fcf2f0ac02f9f947802) C:\Windows\system32\drivers\pciide.sys
2011/09/14 15:07:52.0603 5356 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/09/14 15:07:52.0700 5356 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/09/14 15:07:52.0885 5356 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/14 15:07:52.0937 5356 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/09/14 15:07:53.0053 5356 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/14 15:07:53.0184 5356 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/09/14 15:07:53.0288 5356 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/09/14 15:07:53.0570 5356 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/14 15:07:53.0883 5356 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/14 15:07:54.0013 5356 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/14 15:07:54.0496 5356 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/14 15:07:54.0622 5356 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/14 15:07:54.0688 5356 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/14 15:07:55.0215 5356 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/14 15:07:55.0584 5356 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/09/14 15:07:56.0171 5356 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/14 15:07:56.0301 5356 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/09/14 15:07:56.0446 5356 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/14 15:07:56.0530 5356 RTL8169 (5163f804256deb8cf1ef64b780a18caa) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/09/14 15:07:56.0582 5356 RTSTOR (2b7da5a2d2c4aae01098d910007edac5) C:\Windows\system32\drivers\RTSTOR.SYS
2011/09/14 15:07:56.0635 5356 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/09/14 15:07:56.0713 5356 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
2011/09/14 15:07:56.0778 5356 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/09/14 15:07:56.0847 5356 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/09/14 15:07:57.0071 5356 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/09/14 15:07:57.0380 5356 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/09/14 15:07:57.0502 5356 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/09/14 15:07:57.0555 5356 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/14 15:07:57.0651 5356 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/14 15:07:57.0718 5356 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/09/14 15:07:57.0812 5356 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/09/14 15:07:57.0870 5356 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/09/14 15:07:57.0940 5356 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/09/14 15:07:58.0014 5356 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/09/14 15:07:58.0159 5356 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/09/14 15:07:58.0241 5356 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/09/14 15:07:58.0785 5356 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/14 15:07:59.0144 5356 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/14 15:07:59.0226 5356 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/09/14 15:07:59.0306 5356 SSPORT (ef3458337d7341a05169cefc73709264) C:\Windows\system32\Drivers\SSPORT.sys
2011/09/14 15:07:59.0417 5356 STHDA (e3c50b029bd08a35fc6a5f0b1cf5d300) C:\Windows\system32\DRIVERS\stwrt.sys
2011/09/14 15:07:59.0487 5356 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/14 15:07:59.0556 5356 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/09/14 15:08:00.0003 5356 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/09/14 15:08:00.0366 5356 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/09/14 15:08:00.0735 5356 SynTP (067cb9d745407a8c1b26e89a6a2ce152) C:\Windows\system32\DRIVERS\SynTP.sys
2011/09/14 15:08:00.0888 5356 Tcpip (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\drivers\tcpip.sys
2011/09/14 15:08:00.0987 5356 Tcpip6 (6647fce6fc4970daafe5c64c794513d3) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/14 15:08:01.0086 5356 tcpipreg (36606b165d04a397bdf613096986d85d) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/14 15:08:01.0150 5356 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/09/14 15:08:01.0203 5356 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/09/14 15:08:01.0341 5356 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/14 15:08:01.0420 5356 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/14 15:08:02.0151 5356 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/14 15:08:02.0487 5356 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/09/14 15:08:02.0577 5356 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/14 15:08:02.0621 5356 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/09/14 15:08:02.0695 5356 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/14 15:08:02.0773 5356 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/14 15:08:02.0833 5356 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/09/14 15:08:02.0870 5356 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/09/14 15:08:02.0910 5356 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/09/14 15:08:02.0965 5356 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/14 15:08:03.0031 5356 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
2011/09/14 15:08:03.0112 5356 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/14 15:08:03.0152 5356 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/09/14 15:08:03.0230 5356 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/14 15:08:03.0280 5356 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/14 15:08:03.0798 5356 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/09/14 15:08:04.0180 5356 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/14 15:08:04.0484 5356 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/09/14 15:08:04.0594 5356 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/14 15:08:04.0681 5356 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/14 15:08:04.0758 5356 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/09/14 15:08:04.0842 5356 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/14 15:08:04.0901 5356 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/09/14 15:08:04.0938 5356 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/09/14 15:08:04.0996 5356 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/09/14 15:08:05.0060 5356 viaide (ea1aa6e3abb3c194feba12a46de8cf2c) C:\Windows\system32\drivers\viaide.sys
2011/09/14 15:08:05.0113 5356 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/09/14 15:08:05.0519 5356 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/09/14 15:08:05.0775 5356 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/09/14 15:08:05.0826 5356 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/09/14 15:08:05.0888 5356 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/09/14 15:08:05.0946 5356 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/14 15:08:05.0970 5356 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/14 15:08:06.0050 5356 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/09/14 15:08:06.0142 5356 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/14 15:08:06.0319 5356 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/09/14 15:08:06.0423 5356 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/09/14 15:08:06.0518 5356 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/14 15:08:06.0624 5356 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/14 15:08:06.0835 5356 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/09/14 15:08:07.0027 5356 ZTEusbmdm6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
2011/09/14 15:08:07.0082 5356 ZTEusbnmea (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
2011/09/14 15:08:07.0211 5356 ZTEusbser6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
2011/09/14 15:08:07.0267 5356 ZTEusbvoice (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
2011/09/14 15:08:07.0316 5356 MBR (0x1B8) (588ae8f0c685c02ba11f30d9cd7e61a0) \Device\Harddisk0\DR0
2011/09/14 15:08:07.0332 5356 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
2011/09/14 15:08:07.0384 5356 Boot (0x1200) (fdff7141eb5b21f9eb2c11bcc4d4a247) \Device\Harddisk0\DR0\Partition0
2011/09/14 15:08:07.0420 5356 Boot (0x1200) (7987bae72a8f2d6ca13e9223be6771a5) \Device\Harddisk0\DR0\Partition1
2011/09/14 15:08:07.0433 5356 Boot (0x1200) (c0e4ab681d8009a6bdd50ffa045b0b52) \Device\Harddisk1\DR1\Partition0
2011/09/14 15:08:07.0442 5356 ================================================================================
2011/09/14 15:08:07.0442 5356 Scan finished
2011/09/14 15:08:07.0442 5356 ================================================================================
2011/09/14 15:08:07.0458 4944 Detected object count: 0
2011/09/14 15:08:07.0458 4944 Actual detected object count: 0
2011N2
Messages postés
13352
Date d'inscription
samedi 29 janvier 2011
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
917
14 sept. 2011 à 17:55
14 sept. 2011 à 17:55
Toujours ces problèmes d'écritures et d'éxécution des logiciels ?
Si oui, fais ceci :
/!\ ATTENTION SUIVRE À LA LETTRE CES INDICATIONS/!\
__________________________________________________________
>>>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<<<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : DANGEREUX ! <<<<<<<<
=====================================================
? Surtout, pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur. Tout simplement car il ne sera pas détécté par l'infection.
Télécharge Combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
/!\Choisis la version adéquate (32 ou 64 bits)/!\
=>Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :
? Télécharge Defogger (de jpshortstuff) sur ton Bureau : http://www.jpshortstuff.247fixes.com/Defogger.exe
? Lance-le : Utilisateurs de Vista et Seven => Clic droit : Éxécuter en tant qu'administrateur.
Une fenêtre apparait : clique sur "Disable"
? Fais redémarrer l'ordinateur si l'outil te le demande.
>> N.B : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable" <<
_________________________________________________________
>> Referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°
Si tu as XP => double clique .
Si tu as Windows Vista ou Windows 7 => clic droit "Éxecuter en tant que Administrateur"
Sur le combofix renommé.
¤¤¤¤¤¤¤¤¤¤ LAISSE-LE INSTALLER LA CONSOLE DE RECUPERATION S'IL TE LE DEMANDE ¤¤¤¤¤¤¤¤¤¤
? !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....), sauf si l'outil te le demande !!!!! Cela peut planter complètement ton système !!!
? N'oublie pas de réactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
?? Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
Si tu as des questions sur l'utilisation de Combofix, n'hésite pas à me les poser !
@+
Gabriel.
Si oui, fais ceci :
/!\ ATTENTION SUIVRE À LA LETTRE CES INDICATIONS/!\
__________________________________________________________
>>>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<<<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : DANGEREUX ! <<<<<<<<
=====================================================
? Surtout, pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur. Tout simplement car il ne sera pas détécté par l'infection.
Télécharge Combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
/!\Choisis la version adéquate (32 ou 64 bits)/!\
=>Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :
? Télécharge Defogger (de jpshortstuff) sur ton Bureau : http://www.jpshortstuff.247fixes.com/Defogger.exe
? Lance-le : Utilisateurs de Vista et Seven => Clic droit : Éxécuter en tant qu'administrateur.
Une fenêtre apparait : clique sur "Disable"
? Fais redémarrer l'ordinateur si l'outil te le demande.
>> N.B : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable" <<
_________________________________________________________
>> Referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°
Si tu as XP => double clique .
Si tu as Windows Vista ou Windows 7 => clic droit "Éxecuter en tant que Administrateur"
Sur le combofix renommé.
¤¤¤¤¤¤¤¤¤¤ LAISSE-LE INSTALLER LA CONSOLE DE RECUPERATION S'IL TE LE DEMANDE ¤¤¤¤¤¤¤¤¤¤
? !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....), sauf si l'outil te le demande !!!!! Cela peut planter complètement ton système !!!
? N'oublie pas de réactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
?? Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
Si tu as des questions sur l'utilisation de Combofix, n'hésite pas à me les poser !
@+
Gabriel.
ComboFix 11-09-14.01 - Laetitia 14/09/2011 18:32:42.1.2 - x86
Lancé depuis: c:\users\Laetitia\Downloads\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Java\jre6\core.zip
c:\users\Laetitia\pokerclient.log
c:\windows\system32\AutoRun.inf
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-08-14 au 2011-09-14 ))))))))))))))))))))))))))))))))))))
.
.
2011-09-14 16:40 . 2011-09-14 16:40 -------- d-----w- c:\users\Laetitia\AppData\Local\temp
2011-09-14 16:40 . 2011-09-14 16:40 -------- d-----w- c:\users\postgres\AppData\Local\temp
2011-09-14 16:40 . 2011-09-14 16:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-14 11:06 . 2011-09-14 11:24 -------- d-----w- C:\Kill'em
2011-09-14 10:17 . 2011-09-14 11:02 -------- d-----w- C:\ZHP
2011-09-14 10:11 . 2011-09-14 11:01 -------- d-----w- c:\program files\ZHPDiag
2011-09-14 10:08 . 2011-08-29 14:10 2582227 ----a-w- c:\program files\Mozilla Firefox\ZHPDiag2\ZHPDiag2.exe
2011-09-14 10:07 . 2011-08-29 14:10 2582227 ----a-w- c:\program files\Mozilla Firefox\ZHPDiag2.exe
2011-09-14 06:53 . 2011-08-10 12:14 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-09-13 09:59 . 2011-08-16 06:48 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5DFBFC9B-9DE1-4C35-B2D7-781BD4F55A53}\mpengine.dll
2011-09-12 04:13 . 2011-09-12 04:13 -------- d-----w- c:\program files\CCleaner
2011-09-09 09:33 . 2011-09-09 23:30 -------- d-----w- c:\users\Laetitia\AppData\Roaming\Windows Live Writer
2011-09-09 09:33 . 2011-09-09 09:34 -------- d-----w- c:\users\Laetitia\AppData\Local\Windows Live Writer
2011-09-09 03:50 . 2011-09-09 03:50 -------- d-----w- c:\users\Laetitia\AppData\Roaming\Avira
2011-09-09 03:45 . 2011-07-21 10:22 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-09-09 03:45 . 2011-07-21 10:22 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-09-09 03:45 . 2011-09-09 03:45 -------- d-----w- c:\programdata\Avira
2011-09-09 03:45 . 2011-09-09 03:45 -------- d-----w- c:\program files\Avira
2011-09-08 15:51 . 2011-09-08 15:51 -------- d-----w- c:\users\Laetitia\AppData\Roaming\Uniblue
2011-09-08 15:51 . 2011-09-08 15:51 -------- dc-h--w- c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-09-08 15:51 . 2011-09-08 15:51 -------- d-----w- c:\program files\Uniblue
2011-09-08 15:50 . 2011-09-08 15:50 -------- d-----w- c:\users\Laetitia\AppData\Local\PackageAware
2011-09-08 09:37 . 2011-09-08 09:37 -------- d-----w- C:\022579749f2eadb051c2a6
2011-09-08 09:37 . 2011-09-08 09:37 -------- d-----w- c:\programdata\CA
2011-09-08 09:23 . 2011-09-08 09:23 -------- d-----w- C:\stdtsa
2011-09-07 08:39 . 2009-06-30 08:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2011-09-07 08:39 . 2011-09-07 08:39 -------- d-----w- c:\program files\Panda Security
2011-09-04 19:43 . 2011-09-07 08:25 -------- d-----w- c:\users\Laetitia\AppData\Roaming\QuickScan
2011-09-02 09:45 . 2011-09-02 09:45 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-09-02 09:45 . 2011-09-02 09:45 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-09-01 23:17 . 2011-09-01 23:17 -------- d-----w- C:\6c8399fdde8a05764cb49e8d59
2011-09-01 23:04 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2011-08-30 15:50 . 2011-08-30 15:50 -------- d-----w- c:\program files\Winamax Poker
2011-08-26 15:59 . 2011-08-26 15:59 -------- d-----w- c:\users\Laetitia\AppData\Local\Seven Zip
2011-08-26 15:39 . 2011-09-01 23:01 -------- d-----w- c:\program files\Ad-Remover
2011-08-25 20:51 . 2011-08-25 20:51 -------- d-----w- c:\users\Laetitia\AppData\Local\ElevatedDiagnostics
2011-08-24 09:17 . 2011-07-11 13:25 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-24 05:12 . 2011-08-24 05:12 -------- d-----w- c:\windows\fr
2011-08-23 17:06 . 2011-08-23 17:06 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2011-08-23 17:06 . 2011-08-23 17:06 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2011-08-23 17:06 . 2011-08-23 17:06 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2011-08-23 17:06 . 2011-08-23 17:06 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2011-08-23 17:06 . 2011-08-23 17:06 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2011-08-23 17:06 . 2011-08-23 17:06 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2011-08-23 17:06 . 2011-08-23 17:06 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2011-08-23 17:05 . 2011-08-23 17:06 -------- d-----w- c:\program files\QuickTime
2011-08-20 22:25 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-08-20 20:03 . 2011-08-20 20:03 -------- d-----w- c:\program files\BarrierePoker.fr
2011-08-20 06:16 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2011-08-20 06:16 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2011-08-20 05:37 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-08-20 05:36 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-08-20 03:26 . 2011-08-20 03:26 -------- d-----w- c:\users\Laetitia\AppData\Local\Microsoft Help
2011-08-20 02:58 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-08-20 01:34 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-08-20 01:34 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2011-08-20 01:34 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-08-20 01:34 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2011-08-20 01:34 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2011-08-20 01:34 . 2010-10-12 13:41 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe
2011-08-20 01:34 . 2010-10-12 13:41 515584 ----a-w- c:\program files\Windows Mail\wab.exe
2011-08-20 01:34 . 2010-10-12 15:53 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll
2011-08-20 01:32 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2011-08-20 01:31 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
2011-08-20 01:29 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-08-20 01:29 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-08-20 01:29 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-08-20 01:29 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-20 01:29 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-20 01:29 . 2011-06-17 20:13 913296 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-20 01:29 . 2011-06-17 13:31 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2011-08-20 01:29 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-08-20 01:29 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-08-20 01:21 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll
2011-08-19 19:46 . 2011-08-19 19:46 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-24 04:30 . 2011-05-20 19:07 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-05 16:37 . 2011-07-05 16:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-07-05 16:37 . 2011-07-05 16:37 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-09-07 08:23 . 2011-03-29 12:08 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-25 39408]
"Sony Ericsson PC Companion"="c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-02-28 427008]
"RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2011-08-18 67456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-10-28 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-10-28 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-10-28 154136]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-12-24 210216]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"WHITNEY_S2P"="c:\program files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe" [2007-01-08 274432]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-03 450652]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
2009-03-02 10:41 3399727 ----a-w- c:\program files\Free Download Manager\fdm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisor]
2008-11-18 09:57 966656 ----a-w- c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2008-06-09 08:16 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2011-05-13 14:03 4283256 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2008-10-10 11:24 206128 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2008-09-23 15:21 468264 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
2009-05-19 23:26 3561720 ----a-w- c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3319297030-3672419197-3718716493-1000]
"EnableNotificationsRef"=dword:00000003
"EnableNotifications"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
R2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files/PostgreSQL/8.4/data -w [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-12-04 222512]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-01-14 13224]
R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys [2009-10-09 105088]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-06-30 28552]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [2009-03-02 81920]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
S2 EnterpriseDBApachePHP;EnterpriseDB ApachePHP;c:\program files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe [2009-11-17 18432]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-12-23 365952]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-01-08 5120]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-09-22 112128]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - 43082680
*Deregistered* - 43082680
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 05:35]
.
2011-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 05:35]
.
2011-09-14 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-09-08 09:48]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\Laetitia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\6b3v8bh8.default\
FF - prefs.js: browser.startup.homepage - www.google.fr
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - (no file)
WebBrowser-{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - (no file)
HKCU-Run-Vidalia - c:\program files\Vidalia Bundle\Vidalia\vidalia.exe
HKCU-Run-uTorrent - c:\program files\uTorrent\uTorrent.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
MSConfigStartUp-Messenger Update - msnmsgr.exe
AddRemove-Free Download Manager - c:\program files\Free Download Manager\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-14 18:40
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2011-09-14 18:44:29
ComboFix-quarantined-files.txt 2011-09-14 16:44
.
Avant-CF: 193 253 519 360 octets libres
Après-CF: 193 163 395 072 octets libres
.
- - End Of File - - 947F593F60C44F90AE433E31CF1AC6ED
Lancé depuis: c:\users\Laetitia\Downloads\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Java\jre6\core.zip
c:\users\Laetitia\pokerclient.log
c:\windows\system32\AutoRun.inf
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-08-14 au 2011-09-14 ))))))))))))))))))))))))))))))))))))
.
.
2011-09-14 16:40 . 2011-09-14 16:40 -------- d-----w- c:\users\Laetitia\AppData\Local\temp
2011-09-14 16:40 . 2011-09-14 16:40 -------- d-----w- c:\users\postgres\AppData\Local\temp
2011-09-14 16:40 . 2011-09-14 16:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-14 11:06 . 2011-09-14 11:24 -------- d-----w- C:\Kill'em
2011-09-14 10:17 . 2011-09-14 11:02 -------- d-----w- C:\ZHP
2011-09-14 10:11 . 2011-09-14 11:01 -------- d-----w- c:\program files\ZHPDiag
2011-09-14 10:08 . 2011-08-29 14:10 2582227 ----a-w- c:\program files\Mozilla Firefox\ZHPDiag2\ZHPDiag2.exe
2011-09-14 10:07 . 2011-08-29 14:10 2582227 ----a-w- c:\program files\Mozilla Firefox\ZHPDiag2.exe
2011-09-14 06:53 . 2011-08-10 12:14 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-09-13 09:59 . 2011-08-16 06:48 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5DFBFC9B-9DE1-4C35-B2D7-781BD4F55A53}\mpengine.dll
2011-09-12 04:13 . 2011-09-12 04:13 -------- d-----w- c:\program files\CCleaner
2011-09-09 09:33 . 2011-09-09 23:30 -------- d-----w- c:\users\Laetitia\AppData\Roaming\Windows Live Writer
2011-09-09 09:33 . 2011-09-09 09:34 -------- d-----w- c:\users\Laetitia\AppData\Local\Windows Live Writer
2011-09-09 03:50 . 2011-09-09 03:50 -------- d-----w- c:\users\Laetitia\AppData\Roaming\Avira
2011-09-09 03:45 . 2011-07-21 10:22 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-09-09 03:45 . 2011-07-21 10:22 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-09-09 03:45 . 2011-09-09 03:45 -------- d-----w- c:\programdata\Avira
2011-09-09 03:45 . 2011-09-09 03:45 -------- d-----w- c:\program files\Avira
2011-09-08 15:51 . 2011-09-08 15:51 -------- d-----w- c:\users\Laetitia\AppData\Roaming\Uniblue
2011-09-08 15:51 . 2011-09-08 15:51 -------- dc-h--w- c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-09-08 15:51 . 2011-09-08 15:51 -------- d-----w- c:\program files\Uniblue
2011-09-08 15:50 . 2011-09-08 15:50 -------- d-----w- c:\users\Laetitia\AppData\Local\PackageAware
2011-09-08 09:37 . 2011-09-08 09:37 -------- d-----w- C:\022579749f2eadb051c2a6
2011-09-08 09:37 . 2011-09-08 09:37 -------- d-----w- c:\programdata\CA
2011-09-08 09:23 . 2011-09-08 09:23 -------- d-----w- C:\stdtsa
2011-09-07 08:39 . 2009-06-30 08:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2011-09-07 08:39 . 2011-09-07 08:39 -------- d-----w- c:\program files\Panda Security
2011-09-04 19:43 . 2011-09-07 08:25 -------- d-----w- c:\users\Laetitia\AppData\Roaming\QuickScan
2011-09-02 09:45 . 2011-09-02 09:45 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-09-02 09:45 . 2011-09-02 09:45 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-09-01 23:17 . 2011-09-01 23:17 -------- d-----w- C:\6c8399fdde8a05764cb49e8d59
2011-09-01 23:04 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2011-08-30 15:50 . 2011-08-30 15:50 -------- d-----w- c:\program files\Winamax Poker
2011-08-26 15:59 . 2011-08-26 15:59 -------- d-----w- c:\users\Laetitia\AppData\Local\Seven Zip
2011-08-26 15:39 . 2011-09-01 23:01 -------- d-----w- c:\program files\Ad-Remover
2011-08-25 20:51 . 2011-08-25 20:51 -------- d-----w- c:\users\Laetitia\AppData\Local\ElevatedDiagnostics
2011-08-24 09:17 . 2011-07-11 13:25 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-24 05:12 . 2011-08-24 05:12 -------- d-----w- c:\windows\fr
2011-08-23 17:06 . 2011-08-23 17:06 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2011-08-23 17:06 . 2011-08-23 17:06 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2011-08-23 17:06 . 2011-08-23 17:06 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2011-08-23 17:06 . 2011-08-23 17:06 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2011-08-23 17:06 . 2011-08-23 17:06 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2011-08-23 17:06 . 2011-08-23 17:06 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2011-08-23 17:06 . 2011-08-23 17:06 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2011-08-23 17:05 . 2011-08-23 17:06 -------- d-----w- c:\program files\QuickTime
2011-08-20 22:25 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-08-20 20:03 . 2011-08-20 20:03 -------- d-----w- c:\program files\BarrierePoker.fr
2011-08-20 06:16 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2011-08-20 06:16 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2011-08-20 05:37 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-08-20 05:36 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-08-20 03:26 . 2011-08-20 03:26 -------- d-----w- c:\users\Laetitia\AppData\Local\Microsoft Help
2011-08-20 02:58 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-08-20 01:34 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-08-20 01:34 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2011-08-20 01:34 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-08-20 01:34 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2011-08-20 01:34 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2011-08-20 01:34 . 2010-10-12 13:41 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe
2011-08-20 01:34 . 2010-10-12 13:41 515584 ----a-w- c:\program files\Windows Mail\wab.exe
2011-08-20 01:34 . 2010-10-12 15:53 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll
2011-08-20 01:32 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2011-08-20 01:31 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
2011-08-20 01:29 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-08-20 01:29 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-08-20 01:29 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-08-20 01:29 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-20 01:29 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-20 01:29 . 2011-06-17 20:13 913296 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-20 01:29 . 2011-06-17 13:31 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2011-08-20 01:29 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-08-20 01:29 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-08-20 01:21 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll
2011-08-19 19:46 . 2011-08-19 19:46 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-24 04:30 . 2011-05-20 19:07 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-05 16:37 . 2011-07-05 16:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-07-05 16:37 . 2011-07-05 16:37 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-09-07 08:23 . 2011-03-29 12:08 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-25 39408]
"Sony Ericsson PC Companion"="c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-02-28 427008]
"RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2011-08-18 67456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-10-28 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-10-28 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-10-28 154136]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-12-24 210216]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"WHITNEY_S2P"="c:\program files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe" [2007-01-08 274432]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-03 450652]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
2009-03-02 10:41 3399727 ----a-w- c:\program files\Free Download Manager\fdm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisor]
2008-11-18 09:57 966656 ----a-w- c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2008-06-09 08:16 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2011-05-13 14:03 4283256 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2008-10-10 11:24 206128 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2008-09-23 15:21 468264 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
2009-05-19 23:26 3561720 ----a-w- c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3319297030-3672419197-3718716493-1000]
"EnableNotificationsRef"=dword:00000003
"EnableNotifications"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
R2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files/PostgreSQL/8.4/data -w [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-12-04 222512]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-01-14 13224]
R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys [2009-10-09 105088]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-06-30 28552]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [2009-03-02 81920]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
S2 EnterpriseDBApachePHP;EnterpriseDB ApachePHP;c:\program files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe [2009-11-17 18432]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-12-23 365952]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-01-08 5120]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-09-22 112128]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - 43082680
*Deregistered* - 43082680
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 05:35]
.
2011-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 05:35]
.
2011-09-14 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-09-08 09:48]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\Laetitia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\6b3v8bh8.default\
FF - prefs.js: browser.startup.homepage - www.google.fr
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - (no file)
WebBrowser-{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - (no file)
HKCU-Run-Vidalia - c:\program files\Vidalia Bundle\Vidalia\vidalia.exe
HKCU-Run-uTorrent - c:\program files\uTorrent\uTorrent.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
MSConfigStartUp-Messenger Update - msnmsgr.exe
AddRemove-Free Download Manager - c:\program files\Free Download Manager\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-14 18:40
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2011-09-14 18:44:29
ComboFix-quarantined-files.txt 2011-09-14 16:44
.
Avant-CF: 193 253 519 360 octets libres
Après-CF: 193 163 395 072 octets libres
.
- - End Of File - - 947F593F60C44F90AE433E31CF1AC6ED
2011N2
Messages postés
13352
Date d'inscription
samedi 29 janvier 2011
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
917
14 sept. 2011 à 20:04
14 sept. 2011 à 20:04
Re,
Ok. Donne moi des nouvelles du PC stp...
ATTENTION ! Plusieurs heures de scan sont probables !
Tu pourras brancher tes périphériques externes pour les scanner en même temps si tu le souhaites.
Télécharge Malwarebytes' Anti-Malware MBAMsur ton bureau : http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Si problème essaie avec celui-ci : https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
. Enregistre-le sur ton bureau.
. Double clique sur le fichier téléchargé pour lancer le processus d'installation. (Vista et 7 : Éxécuter en tant qu'administrateur)
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte.
. Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour".
Fais le plusieurs fois jusqu'à ce qu'il te dise que tu as la dernière version de base de données.
. Une fois la mise à jour terminée :
. Rends-toi dans l'onglet "Recherche"
. Sélectionne Exécuter un Examen complet.
. Sélectionne Tous les disques si proposé.
. Clique sur Rechercher.
. Le scan démarre. Patiente, cela peut durer plusieurs heures, selon la taille de tes disques.
. À la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement ou autre. Clique sur "Afficher les résultats" pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés<souligne>, clique sur Afficher les résultats.
. <souligne>Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Redemarre le PC si il le fait pas lui même.
. Une fois redémarré double-clique sur Malwarebytes' AntiMalware.
. Rends toi dans l'onglet "rapport/log".
. Tu cliques sur le rapport pour l'afficher.
. Tu cliques sur Edition en haut du boc notes,et puis sur Sélectionner tout.
. Tu recliques sur Edition et puis sur Copier et tu reviens sur le forum et dans ta réponse, colle le rapport (CTRL + V).
=> Si tu as besoin d'aide regarde ce tutoriel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Si tu as des questions, n'hésite pas à me les poser !
Merci,
Gabriel.
Ok. Donne moi des nouvelles du PC stp...
ATTENTION ! Plusieurs heures de scan sont probables !
Tu pourras brancher tes périphériques externes pour les scanner en même temps si tu le souhaites.
Télécharge Malwarebytes' Anti-Malware MBAMsur ton bureau : http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Si problème essaie avec celui-ci : https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
. Enregistre-le sur ton bureau.
. Double clique sur le fichier téléchargé pour lancer le processus d'installation. (Vista et 7 : Éxécuter en tant qu'administrateur)
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte.
. Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour".
Fais le plusieurs fois jusqu'à ce qu'il te dise que tu as la dernière version de base de données.
. Une fois la mise à jour terminée :
. Rends-toi dans l'onglet "Recherche"
. Sélectionne Exécuter un Examen complet.
. Sélectionne Tous les disques si proposé.
. Clique sur Rechercher.
. Le scan démarre. Patiente, cela peut durer plusieurs heures, selon la taille de tes disques.
. À la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement ou autre. Clique sur "Afficher les résultats" pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés<souligne>, clique sur Afficher les résultats.
. <souligne>Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Redemarre le PC si il le fait pas lui même.
. Une fois redémarré double-clique sur Malwarebytes' AntiMalware.
. Rends toi dans l'onglet "rapport/log".
. Tu cliques sur le rapport pour l'afficher.
. Tu cliques sur Edition en haut du boc notes,et puis sur Sélectionner tout.
. Tu recliques sur Edition et puis sur Copier et tu reviens sur le forum et dans ta réponse, colle le rapport (CTRL + V).
=> Si tu as besoin d'aide regarde ce tutoriel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Si tu as des questions, n'hésite pas à me les poser !
Merci,
Gabriel.
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Version de la base de données: 7512
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928
20/08/2011 02:47:37
mbam-log-2011-08-20 (02-47-37).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 522119
Temps écoulé: 3 heure(s), 58 minute(s), 48 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 19
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mypokfr (Poker) (PUP.Casino.Gen) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PokerXtremfr (Poker) (PUP.Casino.Gen) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CelebPoker (PUP.Casino) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chilipoker (PUP.Casino) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Poker83 (PUP.Casino) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Titan Poker (PUP.Casino) -> Not selected for removal.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\downloads\casinoaction.exe (PUP.Casino.Gen) -> Not selected for removal.
c:\downloads\everest poker.fr.exe (PUP.Casino) -> Not selected for removal.
c:\downloads\goldentiger.exe (PUP.Casino.Gen) -> Not selected for removal.
c:\downloads\pokerxtrem.exe (PUP.Casino.Gen) -> Not selected for removal.
c:\downloads\Software\setuppoker_24a8ba.exe (PUP.Casino) -> Not selected for removal.
c:\downloads\Software\setuppoker_d9f6e9.exe (PUP.Casino) -> Not selected for removal.
c:\microgaming\Poker\mypokfr\install.exe (PUP.Casino.Gen) -> Not selected for removal.
c:\microgaming\Poker\pokerxtremfrmpp\install.exe (PUP.Casino.Gen) -> Not selected for removal.
c:\Poker\setupcasino_4a50.exe (PUP.Casino) -> Not selected for removal.
c:\Poker\setupcasino_eb1.exe (PUP.Casino) -> Not selected for removal.
c:\Poker\celebpoker\_setuppoker_d9f6e9.exe (PUP.Casino) -> Not selected for removal.
c:\Poker\chilipoker\_setupcasino_4a50.exe (PUP.Casino) -> Not selected for removal.
c:\Poker\Poker83\_setuppoker.exe_4126d8.exe (PUP.Casino) -> Not selected for removal.
c:\Poker\titan poker\_setuppoker_24a8ba.exe (PUP.Casino) -> Not selected for removal.
c:\program files\crazyloader\crazyloader_file.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Laetitia\documents\poker\everest poker.exe (PUP.Casino) -> Not selected for removal.
c:\Users\Laetitia\downloads\setuppoker.exe_4126d8.exe (PUP.Casino) -> Not selected for removal.
c:\Users\Laetitia\downloads\MyPok.exe (PUP.Casino.Gen) -> Not selected for removal.
c:\Users\Laetitia\Pictures\im51332.jpg-www.myspace.com.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
www.malwarebytes.org
Version de la base de données: 7512
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928
20/08/2011 02:47:37
mbam-log-2011-08-20 (02-47-37).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 522119
Temps écoulé: 3 heure(s), 58 minute(s), 48 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 19
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mypokfr (Poker) (PUP.Casino.Gen) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PokerXtremfr (Poker) (PUP.Casino.Gen) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CelebPoker (PUP.Casino) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chilipoker (PUP.Casino) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Poker83 (PUP.Casino) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Titan Poker (PUP.Casino) -> Not selected for removal.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\downloads\casinoaction.exe (PUP.Casino.Gen) -> Not selected for removal.
c:\downloads\everest poker.fr.exe (PUP.Casino) -> Not selected for removal.
c:\downloads\goldentiger.exe (PUP.Casino.Gen) -> Not selected for removal.
c:\downloads\pokerxtrem.exe (PUP.Casino.Gen) -> Not selected for removal.
c:\downloads\Software\setuppoker_24a8ba.exe (PUP.Casino) -> Not selected for removal.
c:\downloads\Software\setuppoker_d9f6e9.exe (PUP.Casino) -> Not selected for removal.
c:\microgaming\Poker\mypokfr\install.exe (PUP.Casino.Gen) -> Not selected for removal.
c:\microgaming\Poker\pokerxtremfrmpp\install.exe (PUP.Casino.Gen) -> Not selected for removal.
c:\Poker\setupcasino_4a50.exe (PUP.Casino) -> Not selected for removal.
c:\Poker\setupcasino_eb1.exe (PUP.Casino) -> Not selected for removal.
c:\Poker\celebpoker\_setuppoker_d9f6e9.exe (PUP.Casino) -> Not selected for removal.
c:\Poker\chilipoker\_setupcasino_4a50.exe (PUP.Casino) -> Not selected for removal.
c:\Poker\Poker83\_setuppoker.exe_4126d8.exe (PUP.Casino) -> Not selected for removal.
c:\Poker\titan poker\_setuppoker_24a8ba.exe (PUP.Casino) -> Not selected for removal.
c:\program files\crazyloader\crazyloader_file.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Laetitia\documents\poker\everest poker.exe (PUP.Casino) -> Not selected for removal.
c:\Users\Laetitia\downloads\setuppoker.exe_4126d8.exe (PUP.Casino) -> Not selected for removal.
c:\Users\Laetitia\downloads\MyPok.exe (PUP.Casino.Gen) -> Not selected for removal.
c:\Users\Laetitia\Pictures\im51332.jpg-www.myspace.com.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
2011N2
Messages postés
13352
Date d'inscription
samedi 29 janvier 2011
Statut
Contributeur sécurité
Dernière intervention
24 décembre 2016
917
15 sept. 2011 à 22:04
15 sept. 2011 à 22:04
Ok.
Tu arrives à faire ZHPdiag ?
@+
Gabriel.
Tu arrives à faire ZHPdiag ?
@+
Gabriel.
Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011
Run by Laetitia at 15/09/2011 22:20:16
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 6.0.2 v6.0.2 (Defaut)
OBIE: Safari v5.34.50.0
---\\ Windows Product Information
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
Windows Automatic Updates : OK
---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2974 MB (31% free)
System Restore: Activé (Enable)
System drive C: has 182 GB (63%) free of 288 GB
---\\ Logged in mode
~ Computer Name: PC-DE-LAETITIA
~ User Name: Laetitia
~ All Users Names: postgres, Laetitia, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Laetitia\AppData\Roaming\
~ %Desktop% : C:\Users\Laetitia\Desktop\
~ %Favorites% : C:\Users\Laetitia\Favorites\
~ %LocalAppData% : C:\Users\Laetitia\AppData\Local\
~ %StartMenu% : C:\Users\Laetitia\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 182 Go of 288 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 10 Go)
E:\ CD-ROM drive (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Free 2 Go of 2 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.20/08/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:33:13.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.2C7332C222D1FE1FC57D622699A8C001] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/08/2011 - 06:09:36.) -- C:\Windows\system32\wininet.dll [1126912]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/08/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.20/08/2009 - 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.20/08/2009 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]
[MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.27/02/2009 - 05:27:51.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/1267
~ Mes musiques (My Musics) : 65/481
~ Mes Videos (My Videos) : 1/48
~ Mes Favoris (My Favorites) : 8/45
~ Mes Documents (My Documents) : 1/619
~ Mon Bureau (My Desktop) : 52/418
~ Menu demarrer (Programs) : 7/38
~ Scan Hidden Files in 00mn 02s
---\\ Processus lancés
[MD5.B180EA29DB432DA75D545CA8CE3A0DFC] - (.Uniblue Systems Limited - Uniblue RegistryBooster Monitor.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe [25472] [PID.300]
[MD5.44D737F69D503691BC3BB73F176994FF] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [150040] [PID.3448]
[MD5.86CE84BCE11309992A13425B3871E6D7] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [178712] [PID.3456]
[MD5.271B58DD141EC8E3EA525EE5E8895EC7] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [PID.3480]
[MD5.31E7668C5E9194D74ECB36426673C279] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [154136] [PID.3508]
[MD5.C0BA1E3A4EB73DD5A104C8C9ABC972B6] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1721640] [PID.3528]
[MD5.692493B9136287C06DE23F7CE823FC40] - (.Hewlett-Packard - HP Wireless Assistant main program.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [432432] [PID.3692]
[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040] [PID.3756]
[MD5.A8B7BB79D19186A9F26C3354F4F7746A] - (.Pas de propriétaire - ScanToPc MFC Application.) -- C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe [274432] [PID.3764]
[MD5.B236FE89F31893CDF6DB5A1DC6FCB369] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [450652] [PID.3772]
[MD5.95D0EA1BECAD6D781C3D09AEC1295E8F] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3780]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.3824]
[MD5.FEA82FFCF26DCB0DB12E9F549C067AE7] - (.Sony Ericsson - Sony Ericsson PC Companion.) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [427008] [PID.3976]
[MD5.FF2F087A24373FE1C6F756B99B6D5936] - (...) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe [74960] [PID.4092]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3732]
[MD5.28343BE55C4481EE797559BCE8CCCBAD] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.3056]
[MD5.F28C33D2589F7B89185F3B9445641F84] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe [628016] [PID.3620]
[MD5.6A88DA10D061B2CF91818EF953574594] - (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\wlmail.exe [92024] [PID.5040]
[MD5.E08418CE9CE29B2FBE1B4317253F73E8] - (.Playtech - Playtech Client Engine Application.) -- C:\Poker\Poker83\casino.exe [2998784] [PID.3236]
[MD5.1ED2124313CCE34C877247574212EFC8] - (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\System32\calc.exe [176128] [PID.4484]
[MD5.06FBF731A87FCBDE8FDB57165839D960] - (.Microgaming - Microgaming Poker Engine.) -- C:\MicroGaming\Poker\mypokfr\MPPoker.exe [300032] [PID.1432]
[MD5.63346640E170B63970C093F720065DAB] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\Firefox.exe [924632] [PID.4648]
[MD5.7653CD0E8F2C0052185673B574DB699E] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.3500]
[MD5.3A8BDAFEA2681003CA21F88A7870BD66] - (...) -- C:\Program Files\Winamax Poker\Winamax Poker.exe [142848] [PID.3408]
[MD5.4CBE2BD48A10404A7CB9FA9D45FD77A3] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [1047208] [PID.4696]
[MD5.0F164D2F5A10A50748264AAE1608B390] - (.AxBx - Détecte et supprime les principaux virus, v.) -- C:\Program Files\AxBx\Multi Virus Cleaner 2011\MVC.exe [2750872] [PID.7300]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.7236]
[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [669696] [PID.8088]
[MD5.2E3DB7DBC4D96949F4DA4383AA02AE72] - (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe [217170] [PID.]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.]
[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.]
[MD5.827DBC22C96EECF6D36A13162FABAFD3] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [81920] [PID.]
[MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.]
[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.]
[MD5.A0506011ED380575DD4D9EE2979042DB] - (.Apache Software Foundation - Apache HTTP Server.) -- C:\Program Files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe [18432] [PID.]
[MD5.ABF90FC5A127F481219B873C1B8DFC1C] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.]
[MD5.2063D6B51FD874E67502B31A9FDBA685] - (.Pas de propriétaire - STServices.) -- C:\Program Files\SMINST\BLService.exe [365952] [PID.]
[MD5.498EB62A160674E793FA40FD65390625] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152] [PID.]
[MD5.A275FBB7C99458C12E088DFF3E58EB4D] - (.Microsoft Corporation - TCP/IP Services Application.) -- C:\Windows\System32\tcpsvcs.exe [9728] [PID.]
[MD5.188FF0ADF66768D53AD94F43972E1E9A] - (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [223232] [PID.]
[MD5.A19B0BB5A7EB6DF2DD4A0711D36955EE] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208] [PID.]
~ Scan Processes Running in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Laetitia\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
G2 - GCE: Preference [User Data\Default] [bjeikeheijdjdfjbmknpefojickbkmom] Offerbox v.2.1.2613.41 (Activé)
G2 - GCE: Preference [User Data\Default] [fikmanfpkongnopggnndbikhhicdpfka] Interest Recognizer for Crazyloader v.3.4.1545.153 (Activé)
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\6b3v8bh8.default\prefs.js
C:\Users\Laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\6b3v8bh8.default\user.js
M3 - MFPP: Plugins - [Laetitia] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Laetitia] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Laetitia] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Laetitia] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Laetitia] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Laetitia] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Laetitia] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Laetitia - 6b3v8bh8.default] www.google.fr
M2 - MFEP: prefs.js [Laetitia - 6b3v8bh8.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)
M2 - MFEP: prefs.js [Laetitia - 6b3v8bh8.default\{7b13ec3e-999a-4b70-b9cb-2617b8323822}] [] Zynga Community Toolbar v3.6.0.10 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Laetitia - 6b3v8bh8.default\{e001c731-5e37-4538-a5cb-8168736a2360}] [bitdefender] BitDefender QuickScan v0.9.9.99 (.Echipa R&D BitDefender.)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 1.5.0.52.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pandasecurity.com/activescan] - (.Panda Security, S.L. - Panda ActiveScan 2.0 Plugin for Firefox.) -- C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@veoh.com/VeohTVPlugin] - (.Veoh Networks - NPVeohTVPlugin.) -- C:\Program Files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
P2 - FPN: [HKLM] [@veoh.com/VeohWebPlayer] - (.Veoh - Veoh Web Video Player Browser Plugin.) -- C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKUS\S-1-5-21-3319297030-3672419197-3718716493-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://ie.search.msn.com
R1 - HKUS\S-1-5-21-3319297030-3672419197-3718716493-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = 0
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} . (...) -- C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} . (.Veoh Networks Inc - Veoh Video Finder.) -- C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} . (.Veoh Networks - Veoh Video Compass.) -- C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] Clé orpheline
O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdatePDIRShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [WirelessAssistant] . (.Hewlett-Packard - HP Wireless Assistant main program.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [WHITNEY_S2P] . (.Pas de propriétaire - ScanToPc MFC Application.) -- C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-3319297030-3672419197-3718716493-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-3319297030-3672419197-3718716493-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\Ad-Remover.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\Bestonepoker.lnk . (...) -- C:\Program Files\B2BPOKER\Bestonepoker\Client.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\DivX Movies.lnk . (...) -- C:\Users\Laetitia\Videos\DivX Movies
O4 - Global Startup: C:\Users\Laetitia\Desktop\Leader Board Assistant.lnk . (...) -- C:\Program Files\Leader Board Assistant\Leader Board Assistant.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\MediaCoder.lnk . (.Sinovation Inc..) -- C:\Program Files\MediaCoder\mediacoder.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\Multi Virus Cleaner 2011.lnk . (.AxBx.) -- C:\Program Files\AxBx\Multi Virus Cleaner 2011\MVC.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\muvee Reveal.lnk . (.muvee Technologies Pte Ltd.) -- C:\Program Files\muvee Technologies\muvee Reveal - SE\muveereveal.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\Photo Flash Maker Free.lnk . (.AnvSoft Inc..) -- C:\Program Files\AnvSoft\Photo Flash Maker Free Version\pfmfree.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\photofiltre.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\Uniblue RegistryBooster.lnk . (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\Veoh.com.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...) -- C:\Windows\Installer\{735619D4-B42A-437A-958C-199BFCAEDB38}\SafariIco.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MyPok.lnk . (.Microgaming.) -- C:\MicroGaming\Poker\mypokfr\MPPoker.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk . (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\Launcher.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Veoh Web Player Beta.lnk . (.Veoh Networks.) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dlfvideo.htm
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {77BF5300-1474-4EC7-9980-D32B190E9B07} . (...) -- C:\PROGRA~1\Skype\Toolbars\INTERN~1\favicon.ico
O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO
O9 - Extra button: &Envoyer à OneNote - {d9288080-1baa-4bc4-9cf8-a92d743db949} -- C:\Users\Laetitia\AppData\Roaming\IMVUClient\imvu.ico (.not file.)
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD6CD660-F193-41DC-B8A2-8B25EF116468}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DD6CD660-F193-41DC-B8A2-8B25EF116468}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{DD6CD660-F193-41DC-B8A2-8B25EF116468}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: EnterpriseDB ApachePHP (EnterpriseDBApachePHP) . (.Apache Software Foundation - Apache HTTP Server.) - C:\Program Files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) . (.PostgreSQL Global Development Group - pg_ctl - starts/stops/restarts the PostgreS.) - C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe
O23 - Service: Recovery Service for Windows (Recovery Service for Windows) . (.Pas de propriétaire - STServices.) - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegistryBooster.job
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.AE37F6508716D2DD6122744C46686BEC] [APT] [HP Health Check] (.Hewlett-Packard.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
[MD5.B180EA29DB432DA75D545CA8CE3A0DFC] [APT] [RegistryBooster] (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
[MD5.B4744A908D4CF167068C480121510EE6] [APT] [RunAsStdUser Task for VeohWebPlayer] (.Veoh Networks.) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
[MD5.00000000000000000000000000000000] [APT] [{6A6FB696-1805-4648-93A7-8FFFE036FDA3}] (...) -- C:\Program Files\Psi\uninstall.exe (.not file.)
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 02s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\system32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: AnvSoft Photo Flash Maker Free 5.16 - (.AnvSoft, Inc..) [HKLM] -- AnvSoft Photo Flash Maker Free
O42 - Logiciel: ApachePhp 2.2.14-5.2.11 - (.EnterpriseDB.) [HKLM] -- ApachePhp 2.2.14-5.2.11-1
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: BarrierePoker.fr - (.SOCIETE DE PRESTATIONS INTERNET SAS.) [HKLM] -- fr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
O42 - Logiciel: Everest Poker.fr (Remove Only) - (.Pas de propriétaire.) [HKLM] -- Everest Poker.fr
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {57A5AEC1-97FC-474D-92C4-908FCC2253D4}
O42 - Logiciel: HP DVD Play 3.7 - (.Hewlett-Packard.) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1}
O42 - Logiciel: HP Photosmart All-In-One Driver Software 9.0.A Corporate Edition - (.HP.) [HKLM] -- {3E8DD348-4174-4fe8-8FDC-238AAFBD2488}
O42 - Logiciel: HP Quick Launch Buttons 6.40 M1 - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355}
O42 - Logiciel: HP Total Care Setup - (.Hewlett-Packard Company.) [HKLM] -- {95A747E0-DF19-46CB-A622-20A0107201BD}
O42 - Logiciel: Holdem Manager - (.Pas de propriétaire.) [HKLM] -- HoldemManager
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Leader Board Assistant - (.Pas de propriétaire.) [HKCU] -- Leader Board Assistant
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Magic Desktop - (.EasyBits Software AS.) [HKLM] -- EasyBits Magic Desktop
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: MediaCoder 0.6.0 - (.Stanley Huang.) [HKLM] -- MediaCoder
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 6.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0.2 (x86 fr)
O42 - Logiciel: Multi Virus Cleaner 2011 - (.AxBx.) [HKLM] -- Multi Virus Cleaner 2011_is1
O42 - Logiciel: Panda ActiveScan 2.0 - (.Panda Security.) [HKLM] -- ActiveScan 2.0
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: PostgreSQL 8.4 - (.PostgreSQL Global Development Group.) [HKLM] -- PostgreSQL 8.4
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: Readiris Pro 10 - (.Pas de propriétaire.) [HKLM] -- {14D08502-FEE4-40E5-90D3-8A967A1D8BA2}
O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}
O42 - Logiciel: Samsung SCX-4x21 Series - (.Samsung Electronics CO.,LTD.) [HKLM] -- Samsung SCX-4x21 Series
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553074) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5729F1AE-5895-468F-9165-BAD161C9E982}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2553073) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{65EA4836-B5A3-4C1D-8883-0C35E471003A}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: SmarThru 4 - (.Pas de propriétaire.) [HKLM] -- {90F1943D-EA4A-4460-B59F-30023F3BA69A}
O42 - Logiciel: SmarThru PC Fax - (.Pas de propriétaire.) [HKLM] -- SmarThru PC Fax
O42 - Logiciel: Sony Ericsson PC Companion 2.01.149 - (.Sony Ericsson.) [HKLM] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}
O42 - Logiciel: Sony Ericsson Update Engine - (.Sony Ericsson Mobile Communications AB.) [HKLM] -- Update Engine
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- Uniblue RegistryBooster
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Veoh Video Compass - (.Veoh Networks, Inc..) [HKLM] -- Veoh Video Compass
O42 - Logiciel: Veoh Web Player - (.Veoh Networks, Inc..) [HKLM] -- Veoh Web Player Beta
O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM] -- wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ACF]
[HKCU\Software\ALWIL Software]
[HKCU\Software\AOL]
[HKCU\Software\AVAST Software]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\Affinix]
[HKCU\Software\Anvsoft]
[HKCU\Software\AppDataLow\Aurigma]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avira]
[HKCU\Software\BVRP Software]
[HKCU\Software\Bestonepoker]
[HKCU\Software\Binary Noise]
[HKCU\Software\BitDefender]
[HKCU\Software\BitTorrent]
[HKCU\Software\Bugsplat]
[HKCU\Software\CDDB]
[HKCU\Software\Casino]
[HKCU\Software\CelebPoker]
[HKCU\Software\Chilipoker]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Club Dice Poker]
[HKCU\Software\CyberLink]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EasyBits]
[HKCU\Software\FreeDownloadManager.ORG]
[HKCU\Software\Freeware]
[HKCU\Software\Full Tilt Poker.fr]
[HKCU\Software\Full Tilt Poker]
[HKCU\Software\GNU]
[HKCU\Software\Google]
[HKCU\Software\Grand Virtual]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HipSoft]
[HKCU\Software\HoldemManager]
[HKCU\Software\IDT]
[HKCU\Software\IGA]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Lavalys]
[HKCU\Software\LeakBuster 2.5]
[HKCU\Software\Licenses]
[HKCU\Software\LightScribe]
[HKCU\Software\MGS]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Muvee)]
[HKCU\Software\MainConcept (Muvee2)]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MimarSinan]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\PartyFrance]
[HKCU\Software\Piriform]
[HKCU\Software\Poker83]
[HKCU\Software\PokerTrainer]
[HKCU\Software\Policies]
[HKCU\Software\Polipo]
[HKCU\Software\PostgreSQL]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SFR]
[HKCU\Software\SOCID]
[HKCU\Software\SSPrint]
[HKCU\Software\SSScan]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Samsung]
[HKCU\Software\Simply Super Software]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\Sony Ericsson]
[HKCU\Software\Speed-Downloading]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VHLD]
[HKCU\Software\Veoh]
[HKCU\Software\Victor Chandler]
[HKCU\Software\Wget]
[HKCU\Software\WildTangent]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\eMule]
[HKCU\Software\g3n-h@ckm@n]
[HKCU\Software\pgAdmin III]
[HKCU\Software\psi-im.org]
[HKCU\Software\shockwave.com]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AVAST Software]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Adobe]
[HKLM\Software\Affinix]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Atheros]
[HKLM\Software\Avira]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Caphyon]
[HKLM\Software\CelebPoker]
[HKLM\Software\Chilipoker]
[HKLM\So
Run by Laetitia at 15/09/2011 22:20:16
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 6.0.2 v6.0.2 (Defaut)
OBIE: Safari v5.34.50.0
---\\ Windows Product Information
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
Windows Automatic Updates : OK
---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2974 MB (31% free)
System Restore: Activé (Enable)
System drive C: has 182 GB (63%) free of 288 GB
---\\ Logged in mode
~ Computer Name: PC-DE-LAETITIA
~ User Name: Laetitia
~ All Users Names: postgres, Laetitia, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Laetitia\AppData\Roaming\
~ %Desktop% : C:\Users\Laetitia\Desktop\
~ %Favorites% : C:\Users\Laetitia\Favorites\
~ %LocalAppData% : C:\Users\Laetitia\AppData\Local\
~ %StartMenu% : C:\Users\Laetitia\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 182 Go of 288 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 10 Go)
E:\ CD-ROM drive (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Free 2 Go of 2 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.20/08/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:33:13.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.2C7332C222D1FE1FC57D622699A8C001] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/08/2011 - 06:09:36.) -- C:\Windows\system32\wininet.dll [1126912]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/08/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.20/08/2009 - 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.20/08/2009 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]
[MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.27/02/2009 - 05:27:51.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/1267
~ Mes musiques (My Musics) : 65/481
~ Mes Videos (My Videos) : 1/48
~ Mes Favoris (My Favorites) : 8/45
~ Mes Documents (My Documents) : 1/619
~ Mon Bureau (My Desktop) : 52/418
~ Menu demarrer (Programs) : 7/38
~ Scan Hidden Files in 00mn 02s
---\\ Processus lancés
[MD5.B180EA29DB432DA75D545CA8CE3A0DFC] - (.Uniblue Systems Limited - Uniblue RegistryBooster Monitor.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe [25472] [PID.300]
[MD5.44D737F69D503691BC3BB73F176994FF] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [150040] [PID.3448]
[MD5.86CE84BCE11309992A13425B3871E6D7] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [178712] [PID.3456]
[MD5.271B58DD141EC8E3EA525EE5E8895EC7] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [PID.3480]
[MD5.31E7668C5E9194D74ECB36426673C279] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [154136] [PID.3508]
[MD5.C0BA1E3A4EB73DD5A104C8C9ABC972B6] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1721640] [PID.3528]
[MD5.692493B9136287C06DE23F7CE823FC40] - (.Hewlett-Packard - HP Wireless Assistant main program.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [432432] [PID.3692]
[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040] [PID.3756]
[MD5.A8B7BB79D19186A9F26C3354F4F7746A] - (.Pas de propriétaire - ScanToPc MFC Application.) -- C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe [274432] [PID.3764]
[MD5.B236FE89F31893CDF6DB5A1DC6FCB369] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [450652] [PID.3772]
[MD5.95D0EA1BECAD6D781C3D09AEC1295E8F] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3780]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.3824]
[MD5.FEA82FFCF26DCB0DB12E9F549C067AE7] - (.Sony Ericsson - Sony Ericsson PC Companion.) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [427008] [PID.3976]
[MD5.FF2F087A24373FE1C6F756B99B6D5936] - (...) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe [74960] [PID.4092]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3732]
[MD5.28343BE55C4481EE797559BCE8CCCBAD] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.3056]
[MD5.F28C33D2589F7B89185F3B9445641F84] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe [628016] [PID.3620]
[MD5.6A88DA10D061B2CF91818EF953574594] - (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\wlmail.exe [92024] [PID.5040]
[MD5.E08418CE9CE29B2FBE1B4317253F73E8] - (.Playtech - Playtech Client Engine Application.) -- C:\Poker\Poker83\casino.exe [2998784] [PID.3236]
[MD5.1ED2124313CCE34C877247574212EFC8] - (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\System32\calc.exe [176128] [PID.4484]
[MD5.06FBF731A87FCBDE8FDB57165839D960] - (.Microgaming - Microgaming Poker Engine.) -- C:\MicroGaming\Poker\mypokfr\MPPoker.exe [300032] [PID.1432]
[MD5.63346640E170B63970C093F720065DAB] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\Firefox.exe [924632] [PID.4648]
[MD5.7653CD0E8F2C0052185673B574DB699E] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.3500]
[MD5.3A8BDAFEA2681003CA21F88A7870BD66] - (...) -- C:\Program Files\Winamax Poker\Winamax Poker.exe [142848] [PID.3408]
[MD5.4CBE2BD48A10404A7CB9FA9D45FD77A3] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [1047208] [PID.4696]
[MD5.0F164D2F5A10A50748264AAE1608B390] - (.AxBx - Détecte et supprime les principaux virus, v.) -- C:\Program Files\AxBx\Multi Virus Cleaner 2011\MVC.exe [2750872] [PID.7300]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.7236]
[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [669696] [PID.8088]
[MD5.2E3DB7DBC4D96949F4DA4383AA02AE72] - (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe [217170] [PID.]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.]
[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.]
[MD5.827DBC22C96EECF6D36A13162FABAFD3] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [81920] [PID.]
[MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.]
[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.]
[MD5.A0506011ED380575DD4D9EE2979042DB] - (.Apache Software Foundation - Apache HTTP Server.) -- C:\Program Files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe [18432] [PID.]
[MD5.ABF90FC5A127F481219B873C1B8DFC1C] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.]
[MD5.2063D6B51FD874E67502B31A9FDBA685] - (.Pas de propriétaire - STServices.) -- C:\Program Files\SMINST\BLService.exe [365952] [PID.]
[MD5.498EB62A160674E793FA40FD65390625] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152] [PID.]
[MD5.A275FBB7C99458C12E088DFF3E58EB4D] - (.Microsoft Corporation - TCP/IP Services Application.) -- C:\Windows\System32\tcpsvcs.exe [9728] [PID.]
[MD5.188FF0ADF66768D53AD94F43972E1E9A] - (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [223232] [PID.]
[MD5.A19B0BB5A7EB6DF2DD4A0711D36955EE] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208] [PID.]
~ Scan Processes Running in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Laetitia\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
G2 - GCE: Preference [User Data\Default] [bjeikeheijdjdfjbmknpefojickbkmom] Offerbox v.2.1.2613.41 (Activé)
G2 - GCE: Preference [User Data\Default] [fikmanfpkongnopggnndbikhhicdpfka] Interest Recognizer for Crazyloader v.3.4.1545.153 (Activé)
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\6b3v8bh8.default\prefs.js
C:\Users\Laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\6b3v8bh8.default\user.js
M3 - MFPP: Plugins - [Laetitia] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Laetitia] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Laetitia] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Laetitia] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Laetitia] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Laetitia] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Laetitia] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Laetitia - 6b3v8bh8.default] www.google.fr
M2 - MFEP: prefs.js [Laetitia - 6b3v8bh8.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)
M2 - MFEP: prefs.js [Laetitia - 6b3v8bh8.default\{7b13ec3e-999a-4b70-b9cb-2617b8323822}] [] Zynga Community Toolbar v3.6.0.10 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Laetitia - 6b3v8bh8.default\{e001c731-5e37-4538-a5cb-8168736a2360}] [bitdefender] BitDefender QuickScan v0.9.9.99 (.Echipa R&D BitDefender.)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 1.5.0.52.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pandasecurity.com/activescan] - (.Panda Security, S.L. - Panda ActiveScan 2.0 Plugin for Firefox.) -- C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@veoh.com/VeohTVPlugin] - (.Veoh Networks - NPVeohTVPlugin.) -- C:\Program Files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
P2 - FPN: [HKLM] [@veoh.com/VeohWebPlayer] - (.Veoh - Veoh Web Video Player Browser Plugin.) -- C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKUS\S-1-5-21-3319297030-3672419197-3718716493-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://ie.search.msn.com
R1 - HKUS\S-1-5-21-3319297030-3672419197-3718716493-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = 0
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} . (...) -- C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} . (.Veoh Networks Inc - Veoh Video Finder.) -- C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} . (.Veoh Networks - Veoh Video Compass.) -- C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] Clé orpheline
O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdatePDIRShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [WirelessAssistant] . (.Hewlett-Packard - HP Wireless Assistant main program.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [WHITNEY_S2P] . (.Pas de propriétaire - ScanToPc MFC Application.) -- C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-3319297030-3672419197-3718716493-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-3319297030-3672419197-3718716493-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\Ad-Remover.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\Bestonepoker.lnk . (...) -- C:\Program Files\B2BPOKER\Bestonepoker\Client.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\DivX Movies.lnk . (...) -- C:\Users\Laetitia\Videos\DivX Movies
O4 - Global Startup: C:\Users\Laetitia\Desktop\Leader Board Assistant.lnk . (...) -- C:\Program Files\Leader Board Assistant\Leader Board Assistant.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\MediaCoder.lnk . (.Sinovation Inc..) -- C:\Program Files\MediaCoder\mediacoder.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\Multi Virus Cleaner 2011.lnk . (.AxBx.) -- C:\Program Files\AxBx\Multi Virus Cleaner 2011\MVC.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\muvee Reveal.lnk . (.muvee Technologies Pte Ltd.) -- C:\Program Files\muvee Technologies\muvee Reveal - SE\muveereveal.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\Photo Flash Maker Free.lnk . (.AnvSoft Inc..) -- C:\Program Files\AnvSoft\Photo Flash Maker Free Version\pfmfree.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\photofiltre.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\Uniblue RegistryBooster.lnk . (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe
O4 - Global Startup: C:\Users\Laetitia\Desktop\Veoh.com.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...) -- C:\Windows\Installer\{735619D4-B42A-437A-958C-199BFCAEDB38}\SafariIco.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MyPok.lnk . (.Microgaming.) -- C:\MicroGaming\Poker\mypokfr\MPPoker.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk . (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\Launcher.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Veoh Web Player Beta.lnk . (.Veoh Networks.) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
O4 - Global Startup: C:\Users\Laetitia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dlfvideo.htm
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {77BF5300-1474-4EC7-9980-D32B190E9B07} . (...) -- C:\PROGRA~1\Skype\Toolbars\INTERN~1\favicon.ico
O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO
O9 - Extra button: &Envoyer à OneNote - {d9288080-1baa-4bc4-9cf8-a92d743db949} -- C:\Users\Laetitia\AppData\Roaming\IMVUClient\imvu.ico (.not file.)
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD6CD660-F193-41DC-B8A2-8B25EF116468}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DD6CD660-F193-41DC-B8A2-8B25EF116468}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{DD6CD660-F193-41DC-B8A2-8B25EF116468}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: EnterpriseDB ApachePHP (EnterpriseDBApachePHP) . (.Apache Software Foundation - Apache HTTP Server.) - C:\Program Files\PostgreSQL\EnterpriseDB-ApachePhp\apache\bin\httpd.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) . (.PostgreSQL Global Development Group - pg_ctl - starts/stops/restarts the PostgreS.) - C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe
O23 - Service: Recovery Service for Windows (Recovery Service for Windows) . (.Pas de propriétaire - STServices.) - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegistryBooster.job
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.AE37F6508716D2DD6122744C46686BEC] [APT] [HP Health Check] (.Hewlett-Packard.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
[MD5.B180EA29DB432DA75D545CA8CE3A0DFC] [APT] [RegistryBooster] (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
[MD5.B4744A908D4CF167068C480121510EE6] [APT] [RunAsStdUser Task for VeohWebPlayer] (.Veoh Networks.) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
[MD5.00000000000000000000000000000000] [APT] [{6A6FB696-1805-4648-93A7-8FFFE036FDA3}] (...) -- C:\Program Files\Psi\uninstall.exe (.not file.)
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 02s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\system32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: AnvSoft Photo Flash Maker Free 5.16 - (.AnvSoft, Inc..) [HKLM] -- AnvSoft Photo Flash Maker Free
O42 - Logiciel: ApachePhp 2.2.14-5.2.11 - (.EnterpriseDB.) [HKLM] -- ApachePhp 2.2.14-5.2.11-1
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: BarrierePoker.fr - (.SOCIETE DE PRESTATIONS INTERNET SAS.) [HKLM] -- fr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
O42 - Logiciel: Everest Poker.fr (Remove Only) - (.Pas de propriétaire.) [HKLM] -- Everest Poker.fr
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {57A5AEC1-97FC-474D-92C4-908FCC2253D4}
O42 - Logiciel: HP DVD Play 3.7 - (.Hewlett-Packard.) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1}
O42 - Logiciel: HP Photosmart All-In-One Driver Software 9.0.A Corporate Edition - (.HP.) [HKLM] -- {3E8DD348-4174-4fe8-8FDC-238AAFBD2488}
O42 - Logiciel: HP Quick Launch Buttons 6.40 M1 - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355}
O42 - Logiciel: HP Total Care Setup - (.Hewlett-Packard Company.) [HKLM] -- {95A747E0-DF19-46CB-A622-20A0107201BD}
O42 - Logiciel: Holdem Manager - (.Pas de propriétaire.) [HKLM] -- HoldemManager
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Leader Board Assistant - (.Pas de propriétaire.) [HKCU] -- Leader Board Assistant
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Magic Desktop - (.EasyBits Software AS.) [HKLM] -- EasyBits Magic Desktop
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: MediaCoder 0.6.0 - (.Stanley Huang.) [HKLM] -- MediaCoder
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 6.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0.2 (x86 fr)
O42 - Logiciel: Multi Virus Cleaner 2011 - (.AxBx.) [HKLM] -- Multi Virus Cleaner 2011_is1
O42 - Logiciel: Panda ActiveScan 2.0 - (.Panda Security.) [HKLM] -- ActiveScan 2.0
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: PostgreSQL 8.4 - (.PostgreSQL Global Development Group.) [HKLM] -- PostgreSQL 8.4
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: Readiris Pro 10 - (.Pas de propriétaire.) [HKLM] -- {14D08502-FEE4-40E5-90D3-8A967A1D8BA2}
O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}
O42 - Logiciel: Samsung SCX-4x21 Series - (.Samsung Electronics CO.,LTD.) [HKLM] -- Samsung SCX-4x21 Series
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553074) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5729F1AE-5895-468F-9165-BAD161C9E982}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2553073) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{65EA4836-B5A3-4C1D-8883-0C35E471003A}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: SmarThru 4 - (.Pas de propriétaire.) [HKLM] -- {90F1943D-EA4A-4460-B59F-30023F3BA69A}
O42 - Logiciel: SmarThru PC Fax - (.Pas de propriétaire.) [HKLM] -- SmarThru PC Fax
O42 - Logiciel: Sony Ericsson PC Companion 2.01.149 - (.Sony Ericsson.) [HKLM] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}
O42 - Logiciel: Sony Ericsson Update Engine - (.Sony Ericsson Mobile Communications AB.) [HKLM] -- Update Engine
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- Uniblue RegistryBooster
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Veoh Video Compass - (.Veoh Networks, Inc..) [HKLM] -- Veoh Video Compass
O42 - Logiciel: Veoh Web Player - (.Veoh Networks, Inc..) [HKLM] -- Veoh Web Player Beta
O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM] -- wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ACF]
[HKCU\Software\ALWIL Software]
[HKCU\Software\AOL]
[HKCU\Software\AVAST Software]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\Affinix]
[HKCU\Software\Anvsoft]
[HKCU\Software\AppDataLow\Aurigma]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avira]
[HKCU\Software\BVRP Software]
[HKCU\Software\Bestonepoker]
[HKCU\Software\Binary Noise]
[HKCU\Software\BitDefender]
[HKCU\Software\BitTorrent]
[HKCU\Software\Bugsplat]
[HKCU\Software\CDDB]
[HKCU\Software\Casino]
[HKCU\Software\CelebPoker]
[HKCU\Software\Chilipoker]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Club Dice Poker]
[HKCU\Software\CyberLink]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EasyBits]
[HKCU\Software\FreeDownloadManager.ORG]
[HKCU\Software\Freeware]
[HKCU\Software\Full Tilt Poker.fr]
[HKCU\Software\Full Tilt Poker]
[HKCU\Software\GNU]
[HKCU\Software\Google]
[HKCU\Software\Grand Virtual]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HipSoft]
[HKCU\Software\HoldemManager]
[HKCU\Software\IDT]
[HKCU\Software\IGA]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Lavalys]
[HKCU\Software\LeakBuster 2.5]
[HKCU\Software\Licenses]
[HKCU\Software\LightScribe]
[HKCU\Software\MGS]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Muvee)]
[HKCU\Software\MainConcept (Muvee2)]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MimarSinan]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\PartyFrance]
[HKCU\Software\Piriform]
[HKCU\Software\Poker83]
[HKCU\Software\PokerTrainer]
[HKCU\Software\Policies]
[HKCU\Software\Polipo]
[HKCU\Software\PostgreSQL]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SFR]
[HKCU\Software\SOCID]
[HKCU\Software\SSPrint]
[HKCU\Software\SSScan]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Samsung]
[HKCU\Software\Simply Super Software]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\Sony Ericsson]
[HKCU\Software\Speed-Downloading]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VHLD]
[HKCU\Software\Veoh]
[HKCU\Software\Victor Chandler]
[HKCU\Software\Wget]
[HKCU\Software\WildTangent]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\eMule]
[HKCU\Software\g3n-h@ckm@n]
[HKCU\Software\pgAdmin III]
[HKCU\Software\psi-im.org]
[HKCU\Software\shockwave.com]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AVAST Software]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Adobe]
[HKLM\Software\Affinix]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Atheros]
[HKLM\Software\Avira]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Caphyon]
[HKLM\Software\CelebPoker]
[HKLM\Software\Chilipoker]
[HKLM\So
