Aller au contenu

kingleroideskong

Membres
  • Compteur de contenus

    142
  • Inscription

  • Dernière visite

À propos de kingleroideskong

  • Date de naissance 24/05/1966

Profile Information

  • Sexe
    Male
  • Localisation
    perpignan

kingleroideskong's Achievements

Power Member

Power Member (5/12)

0

Réputation sur la communauté

  1. bonjour sous windows 7 pro sp1, mon DD externe WD de 500 GO en usb n'est plus reconnu . Il s'est installé correctement avec le bon pilote je le vois dans la gestion des peripheriques mais on ne me propose pas la possibilité de le renommer ni meme de l'initialiser dans la gestion des disques l'initialisation me renvoie a une fenetre " fonction imcorrecte " je l'ai desactivé et meme desinstallé---> rien n'y fait help !!!!!!!!!!!!!!!!!
  2. bonsoir premier rapport adw cleaner: # AdwCleaner v2.304 - Rapport créé le 12/07/2013 à 18:26:15 # Mis à jour le 03/07/2013 par Xplode # Système d'exploitation : Windows 7 Starter Service Pack 1 (32 bits) # Nom d'utilisateur : philippe leclercq - INVISIBLE # Mode de démarrage : Normal # Exécuté depuis : C:\Users\philippe leclercq\Desktop\adwcleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\ProgramData\Babylon Dossier Supprimé : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc Dossier Supprimé : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbgifebndpepjpjlgdikeonfmmbdebpl Dossier Supprimé : C:\Users\philippe leclercq\AppData\Local\PackageAware Dossier Supprimé : C:\Users\philippe leclercq\AppData\LocalLow\Conduit Dossier Supprimé : C:\Users\philippe leclercq\AppData\Roaming\Babylon Fichier Supprimé : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal Fichier Supprimé : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fbtemplate.conduitapps.com_0.localstorage-journal Fichier Supprimé : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_images.search.conduit.com_0.localstorage-journal Fichier Supprimé : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal Supprimé au redémarrage : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc Supprimé au redémarrage : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbgifebndpepjpjlgdikeonfmmbdebpl ***** [Registre] ***** Clé Supprimée : HKCU\Software\1ClickDownload Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\mbgifebndpepjpjlgdikeonfmmbdebpl Clé Supprimée : HKCU\Software\InstallCore Clé Supprimée : HKCU\Software\YahooPartnerToolbar Clé Supprimée : HKLM\Software\Babylon Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Clé Supprimée : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\elhjaoldnkkbifioodjndkijecdeinld Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ffpagccpapmkpfihnflfkdcbmodnagcc Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\mbgifebndpepjpjlgdikeonfmmbdebpl Clé Supprimée : HKLM\Software\Iminent Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107} Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi ***** [Navigateurs] ***** -\\ Internet Explorer v10.0.9200.16635 [OK] Le registre ne contient aucune entrée illégitime. -\\ Google Chrome v28.0.1500.71 Fichier : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Preferences Supprimée [l.28] : icon_url = "hxxp://search.conduit.com/fav.ico", Supprimée [l.31] : keyword = "search.conduit.com", Supprimée [l.35] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2[...] ************************* AdwCleaner[s1].txt - [7105 octets] - [15/08/2012 18:40:28] AdwCleaner[s2].txt - [1019 octets] - [18/08/2012 09:39:21] AdwCleaner[s3].txt - [4605 octets] - [12/07/2013 18:26:15] ########## EOF - C:\AdwCleaner[s3].txt - [4665 octets] ########## deuxieme rapport JRT: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.0.7 (07.11.2013:1) OS: Windows 7 Starter x86 Ran by philippe leclercq on 12/07/2013 at 18:41:51,52 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasmancs ~~~ Files Successfully deleted: [File] C:\eula.1028.txt Successfully deleted: [File] C:\eula.1031.txt Successfully deleted: [File] C:\eula.1033.txt Successfully deleted: [File] C:\eula.1036.txt Successfully deleted: [File] C:\eula.1040.txt Successfully deleted: [File] C:\eula.1041.txt Successfully deleted: [File] C:\eula.1042.txt Successfully deleted: [File] C:\eula.2052.txt Successfully deleted: [File] C:\install.res.1028.dll Successfully deleted: [File] C:\install.res.1031.dll Successfully deleted: [File] C:\install.res.1033.dll Successfully deleted: [File] C:\install.res.1036.dll Successfully deleted: [File] C:\install.res.1040.dll Successfully deleted: [File] C:\install.res.1041.dll Successfully deleted: [File] C:\install.res.1042.dll Successfully deleted: [File] C:\install.res.2052.dll Successfully deleted: [File] C:\install.res.3082.dll ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 12/07/2013 at 18:48:24,94 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ troisieme rapport ZHP Diag : Rapport de ZHPDiag v2013.7.5.7 par Nicolas Coolman, Update du 05/07/2013 Run by philippe leclercq at 12/07/2013 18:54:50 WebSite: Home - Malicius Software Information State : Problème connexion internet WhiteList : Disable High Elevated Privileges : OK UAC : Deactivate by program ---\\ Web Browser MSIE: Internet Explorer v10.0.9200.16635 GCIE: Google Chrome v28.0.1500.71 (Defaut) ---\\ Windows Product Information ~ Langage: Français Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows® 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : YCJVG Windows License : OK ~ Windows Remaining Initializations Number : 2 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Protection Avira AntiVir Personal - Free Antivirus Malwarebytes Anti-Malware version 1.65.1.1000 Windows Defender W7 ---\\ System Optimizer CCleaner v3.14 =>Piriform Ltd ---\\ Peer To Peer (P2P) µTorrent v3.1.2 =>P2P.µTorrent ---\\ Software Update Adobe Flash Player 11 Plugin Java 7 Update 21 ---\\ System Information ~ Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1014 MB (21% free) System Restore: Activé (Enable) System drive C: has 2 GB (2%) free of 80 GB ---\\ Logged in mode ~ Computer Name: INVISIBLE ~ User Name: philippe leclercq ~ All Users Names: philippe leclercq, Administrateur, ~ Unselected Option: O45,O61 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\philippe leclercq\AppData\Roaming\ ~ %Desktop% : C:\Users\philippe leclercq\Desktop\ ~ %Favorites% : C:\Users\philippe leclercq\Favorites\ ~ %LocalAppData% : C:\Users\philippe leclercq\AppData\Local\ ~ %StartMenu% : C:\Users\philippe leclercq\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 80 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 44 Go of 54 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 34 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.9BF7C7654EFD098EE3A27B49492A382A] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/06/2013 - 00:43:37.) -- C:\Windows\System32\wininet.dll [1767936] [MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720] [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536] [MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584] [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656] [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544] [MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336] [MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544] [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896] [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888] [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904] [MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904] [MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752] [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848] [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168] [MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752] [MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632] ~ Generic Processes: Scanned in 00mn 02s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/2319 ~ Mes musiques (My Musics) : 1/3037 ~ Mes Videos (My Videos) : 1/192 ~ Mes Favoris (My Favorites) : 1/52 ~ Mes Documents (My Documents) : 2/46 ~ Mon Bureau (My Desktop) : 3/205 ~ Menu demarrer (Programs) : 1/30 ~ Hidden Files: Scanned in 00mn 28s ---\\ Processus lancés [MD5.8F5CFA5A497DB84ED792614BAC2D5AE0] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\Windows\System32\ZoneLabs\vsmon.exe [2437176] [PID.1216] [MD5.0BA966FD5349BDF9895F40C045A7C7EC] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.1916] [MD5.13B671D7253F29DA148569288CECF74B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.1932] [MD5.052F402E557C9EC01B188AD56E336029] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.1940] [MD5.2477A2CC6D40FE623FD789D546CABD40] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11487848] [PID.1960] [MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816] [PID.1980] [MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289] [PID.1980] [MD5.2B3DB9C9D7E206CFCF3E327709BEF3AD] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [252952] [PID.1080] [MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089] [PID.1212] [MD5.C4FB2613D3C75364BB159B9C23A00E7A] - (...) -- C:\Windows\System32\AsusService.exe [219136] [PID.1160] [MD5.E56F39F6B7FDA0AC77A79B0FD3DE1A2F] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [42856] [PID.2144] [MD5.09C87F376507122A5FE1CBE06E015512] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.21.149\GoogleCrashHandler.exe [239496] [PID.2152] [MD5.85B16A92B117A5A800032ECD904B86DB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [399432] [PID.2524] [MD5.20E2469DB709FC675E655CEAA11BE312] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [676936] [PID.2548] [MD5.12E33DD823D74680DE6F33BFA359EFB3] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [766536] [PID.2652] [MD5.7548066DF68A8A1A56B043359F915F37] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.2856] [MD5.C5A75EB48E2344ABDC162BDA79E16841] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384] [PID.3336] [MD5.1EC9CFB7C0309CC479D1C9ACB5744117] - (.Oleg N. Scherbakov - 7z Setup SFX.) -- C:\Users\philippe leclercq\Desktop\JRT.exe [559306] [PID.2488] [MD5.815FD68F8A6AF88827232C2B94622970] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [846288] [PID.2728] [MD5.E5A7EA8C5C063943231A071789956893] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7667712] [PID.3328] [MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\windows\system32\sppsvc.exe [3179520] [PID.3432] ~ Processes Running: Scanned in 00mn 05s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] Rechercher G2 - GCE: Preference [user Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé) G2 - GCE: Preference [user Data\Default] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.5 (Activé) G2 - GCE: Preference [user Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé) G2 - GCE: Preference [user Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé) G2 - GCE: Preference [user Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé) G2 - GCE: Preference [user Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé) G2 - GCE: Preference [user Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé) ~ Google Browser: 11 Scanned in 00mn 32s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.21.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\windows\system32\npDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.21.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.21.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20513.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 3.3.0f4.) -- C:\Users\philippe leclercq\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll ~ Firefox Browser: 8 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Unity Technologies ApS - Unity Player 3.3.0f4.) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ IE Browser: 9 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll ~ BHO: 4 Scanned in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>Piriform Ltd O4 - HKCU\..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (.not file.) O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-21-2091292328-1087205343-3181550619-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-21-2091292328-1087205343-3181550619-1000\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>Piriform Ltd O4 - HKUS\S-1-5-21-2091292328-1087205343-3181550619-1000\..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (.not file.) ~ Application: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\TaskBar: Google Chrome (2).lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O4 - GS\TaskBar: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\TaskBar: Internet Explorer (3).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\TaskBar: Internet Explorer (5).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\TaskBar: VLC media player.lnk . (...) -- C:\Program Files\VideoLAN\VLC\vlc.exe O4 - GS\TaskBar: Windows Explorer (2).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\windows\explorer.exe O4 - GS\TaskBar: Windows Explorer (3).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\windows\explorer.exe O4 - GS\TaskBar: Windows Explorer (4).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\windows\explorer.exe O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\windows\explorer.exe O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\windows\system32\eudcedit.exe O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\windows\system32\WFS.exe O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O4 - GS\SendTo: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\fsquirt.exe ~ Global Startup: Scanned in 00mn 02s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - Synchronisation des favoris ActiveSync.) -- C:\windows\WindowsMobile\INetRepl.dll O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -- Clé orpheline O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll ~ Winsock: 9 Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} ((no name)) - https://static.impots.gouv.fr/abos/static/securite/certdgi1_2-0.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_2_1_0.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{5CBBC60F-00AF-41ED-9CA1-46055DD437ED}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{F537F381-17A3-443A-A90E-23BC2441989D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{5CBBC60F-00AF-41ED-9CA1-46055DD437ED}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{F537F381-17A3-443A-A90E-23BC2441989D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{5CBBC60F-00AF-41ED-9CA1-46055DD437ED}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{F537F381-17A3-443A-A90E-23BC2441989D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Asus Launcher Service (AsusService) . (...) - C:\Windows\System32\AsusService.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\Windows\System32\ZoneLabs\vsmon.exe ~ Services: 9 Scanned in 00mn 17s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1074] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1078] [MD5.9915504F602D277EE47FD843A677FD15] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [256904] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176] [MD5.00000000000000000000000000000000] [APT] [{0E239B48-FA3C-4BEA-BAD2-5CAFD4FDA462}] (...) -- C:\Users\philippe leclercq\Downloads\autocad 2008\Setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{2108D66E-F86F-44DD-9BDD-065C7B705952}] (...) -- C:\Users\philippe leclercq\Downloads\installer_synccell_for_motorola_3_1_French.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{211E888F-31DD-4031-A9F2-08921C1AD3B5}] (...) -- C:\Users\philippe leclercq\Downloads\Paint.NET.3.5.10.Install.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{56CB5BB0-ED09-4FE4-A4BC-43585F37FD4A}] (...) -- c:\users\philippe leclercq\appdata\local\google\chrome\application\chrome.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{BED547A6-5A4E-401C-BC8A-08F31CE6A1F2}] (...) -- C:\Users\philippe leclercq\AppData\Local\Temp\Temp1_Adobe Acrobat 7.0 Professional + keygen.zip\Adobe Acrobat 7.0 Professional + keygen\instmsiw.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{D0D96B42-A3E0-4667-879C-CA3630CC2813}] (...) -- C:\Users\philippe leclercq\Downloads\OOo_3.3.0_Win_x86_install_fr.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{D50D554B-13BB-485F-B4F2-027CBB8EE4F3}] (...) -- C:\Users\philippe leclercq\AppData\Local\Temp\Temp1_Adobe Acrobat 7.0 Professional + keygen.zip\Adobe Acrobat 7.0 Professional + keygen\setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{F3EE7331-5BA0-4AB9-BA8B-67D9DE4FD993}] (...) -- C:\Users\philippe leclercq\Downloads\PSPP12_Corel_TBYB_EN_IE_FR_DE_ES_IT_NL_ESD.exe (.not file.) [0] ~ Scheduled Task: 15 Scanned in 00mn 13s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\28.0.1500.71\Installer\chrmstp.exe O40 - ASIC: Shockwave Flash Object - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.7 r700.) -- C:\windows\system32\Macromed\Flash\Flash32_11_7_700_224.ocx ~ Active Setup: 8 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (AsUpIO) . (...) - C:\Windows\System32\drivers\AsUpIO.sys O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\System32\DRIVERS\avipbb.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (eusk2par) . (.Aladdin Knowledge Systems Ltd. - SmartKey Parallel Driver.) - C:\windows\system32\Drivers\eusk2par.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\Windows\System32\DRIVERS\vsdatant.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ~ Drivers: 78 Scanned in 00mn 02s ---\\ Logiciels installés (O42) O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {859D40CF-8491-44AD-8FA8-7389CB418C64} O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM] -- 7-Zip O42 - Logiciel: ASUS WebStorage - (.eCareme Technologies, Inc..) [HKLM] -- ASUS WebStorage O42 - Logiciel: ASUSUpdate for Eee PC - (.ASUSTeK Computer Inc..) [HKLM] -- {587178E7-B1DF-494E-9838-FA4DD36E873C} O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40} O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: AsusVibe2.0 - (.ASUSTEK.) [HKLM] -- Asus Vibe2.0 O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} O42 - Logiciel: Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} O42 - Logiciel: AutoCAD 2008 - English - (.Autodesk.) [HKLM] -- AutoCAD 2008 - English O42 - Logiciel: Autodesk DWF Viewer 7 - (.Autodesk, Inc..) [HKLM] -- {9A346205-EA92-4406-B1AB-50379DA3F057} O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Boingo Wi-Fi - (.Boingo Wireless, Inc..) [HKLM] -- {7E49ED48-B67E-4A27-839D-EE08590A96BB} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>Piriform Ltd O42 - Logiciel: CapsHook - (.AsusTek Computer.) [HKLM] -- {4B5092B6-F231-4D18-83BC-2618B729CA45} O42 - Logiciel: E-Cam - (...) [HKLM] -- {185AFA7A-F63E-450B-94AA-011CAC18090E} O42 - Logiciel: Eee Docking 3.7.0 - (.ASUSTek Computer Inc..) [HKLM] -- Eee Docking_is1 O42 - Logiciel: EeeSplendid - (.ASUS.) [HKLM] -- {6333FC29-BFE5-4024-AC78-958A1A7555D1} O42 - Logiciel: FontResizer - (.ASUSTek.) [HKLM] -- InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8} O42 - Logiciel: FontResizer - (.ASUSTek.) [HKLM] -- {17780F99-A9DF-450B-81B3-6781B20A17A8} O42 - Logiciel: Gestionnaire pour appareils Windows Mobile - (.Microsoft Corporation.) [HKLM] -- {904CCF62-818D-4675-BC76-D37EB399F917} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {468D22C0-8080-11E2-B86E-B8AC6F98CCE3} O42 - Logiciel: Hotkey Service - (.AsusTek Computer.) [HKLM] -- {71C0E38E-09F2-4386-9977-404D4F6640CD} O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: Java 7 Update 21 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217021FF} O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM] -- {1111706F-666A-4037-7777-211328764D10} O42 - Logiciel: LiveUpdate - (.AsusTek Computer Inc..) [HKLM] -- {38E5A3B1-ADF1-47E0-8024-76310A30EB36} O42 - Logiciel: LocaleMe - (.ASUS.) [HKLM] -- {F58C1D44-4AC9-48E8-9049-7A6CDFCB415C} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2721691) - (.Microsoft Corporation.) [HKLM] -- {355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB973685) - (.Microsoft Corporation.) [HKLM] -- {859DFA95-E4A6-48CD-B88E-A3E483E89B44} O42 - Logiciel: Malwarebytes Anti-Malware version 1.65.1.1000 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {CFF8B8E8-E086-4DE0-935F-FE22CAB54F80} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: MotoHelper MergeModules - (.Motorola.) [HKLM] -- {6F3D2F66-F050-45E3-BEB1-6523FE6D6690} O42 - Logiciel: MotoHelper MergeModules - (.Motorola.) [HKLM] -- {94CAC2F1-C856-47F4-AF24-65A1E75AEDB9} O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: Ralink RT2860 Wireless LAN Card - (.Ralink.) [HKLM] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Skype™ 6.5 - (.Skype Technologies S.A..) [HKLM] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D} O42 - Logiciel: StarterBackgroundChanger - (.Renaud Gerson.) [HKLM] -- StarterBackgroundChanger O42 - Logiciel: Super Hybrid Engine - (.AsusTek Computer.) [HKLM] -- {88F08F98-12BC-4613-81A2-8F9B88CFC73E} O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: VLC media player 1.1.10 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403) - (.Broadcom.) [HKLM] -- B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) - (.Broadcom.) [HKLM] -- B5C82F3814F82FB37F1513B3185399BD88892B08 O42 - Logiciel: Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) - (.Broadcom.) [HKLM] -- BF20603967CFDCB2BBF91950E8A56DFBC5C833FE O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm O42 - Logiciel: µTorrent - (...) [HKLM] -- uTorrent =>P2P.µTorrent ~ Logic: 96 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\AC3Filter] [HKCU\Software\ASUS] [HKCU\Software\AVS4YOU] [HKCU\Software\Adobe] [HKCU\Software\Anonymous] [HKCU\Software\AppDataLow\Google] [HKCU\Software\AppDataLow\ISWVolatile] [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow\Software\Monitored] [HKCU\Software\AppDataLow\Software\Unity] [HKCU\Software\AppDataLow\Software\settings] [HKCU\Software\AppDataLow] [HKCU\Software\Autodesk] [HKCU\Software\Avira] [HKCU\Software\BIDCOM Technologies] [HKCU\Software\BVRP Software] [HKCU\Software\BackgroundChanger] [HKCU\Software\BitTorrent] =>P2P.BitTorrent [HKCU\Software\CheckPoint] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CompanionLink] [HKCU\Software\Cygnus Solutions] [HKCU\Software\DT Soft] [HKCU\Software\ECAREME] [HKCU\Software\Foxit Software] [HKCU\Software\GoBoingo] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Laudrin] [HKCU\Software\Lexmark] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Magicbit] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Motorola Inc.] [HKCU\Software\Motorola] [HKCU\Software\MozillaPlugins] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\PDFCreator] [HKCU\Software\Paint.NET] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\PowerISO] [HKCU\Software\PowerPack] [HKCU\Software\Realtek] [HKCU\Software\Research In Motion] [HKCU\Software\Samsung] [HKCU\Software\Screamer Radio] [HKCU\Software\Skype] [HKCU\Software\StarterBackgroundChanger] [HKCU\Software\Synaptics] [HKCU\Software\Tomato] [HKCU\Software\Trolltech] [HKCU\Software\Unity] [HKCU\Software\VirtualDub.org] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Wow6432Node] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\Zone Labs] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\AVS4YOU] [HKLM\Software\ActiveXperts] [HKLM\Software\Adobe] [HKLM\Software\AdwCleaner] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\AsusTek Computer] [HKLM\Software\Atheros Communications Inc.] [HKLM\Software\Atheros] [HKLM\Software\Autodesk] [HKLM\Software\AviSynth] [HKLM\Software\Avira] [HKLM\Software\CheckPoint] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CoreSecurity] [HKLM\Software\Cygnus Solutions] [HKLM\Software\DT Soft] [HKLM\Software\E-Cam] [HKLM\Software\ECAREME] [HKLM\Software\GoBoingo] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IM Providers] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\LEXMARK] [HKLM\Software\Licenses] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nero] [HKLM\Software\ODBC] [HKLM\Software\Oberon Media] [HKLM\Software\OldTimer Tools] [HKLM\Software\Oracle] [HKLM\Software\PDFCreator] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\PowerISO] [HKLM\Software\Ralink] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Research In Motion] [HKLM\Software\SAMSUNG] [HKLM\Software\SRS Labs] [HKLM\Software\Skype] [HKLM\Software\Synaptics] [HKLM\Software\Transtechnology] [HKLM\Software\VideoLAN] [HKLM\Software\Volatile] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] [HKLM\Software\X-AVCSD] [HKLM\Software\Zone Labs] ~ Key Software: 172 Scanned in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 05/12/2010 - 21:01:12 - [3,348] ----D C:\Program Files\7-Zip O43 - CFD: 04/12/2010 - 20:14:49 - [1,668] ----D C:\Program Files\Adobe O43 - CFD: 06/08/2011 - 22:16:18 - [130,200] ----D C:\Program Files\ASUS O43 - CFD: 24/06/2010 - 18:02:16 - [0,001] ----D C:\Program Files\Atheros O43 - CFD: 12/04/2011 - 13:59:01 - [538,933] ----D C:\Program Files\AutoCAD 2008 O43 - CFD: 12/04/2011 - 13:50:17 - [34,319] ----D C:\Program Files\Autodesk O43 - CFD: 04/12/2010 - 21:10:41 - [176,005] ----D C:\Program Files\Avira O43 - CFD: 20/04/2012 - 18:55:56 - [0,138] ----D C:\Program Files\AviSynth 2.5 O43 - CFD: 17/07/2012 - 14:42:18 - [0] ----D C:\Program Files\AVS4YOU O43 - CFD: 04/12/2010 - 19:18:29 - [4,157] ----D C:\Program Files\Boingo O43 - CFD: 13/01/2012 - 21:51:34 - [4,137] ----D C:\Program Files\CCleaner =>Piriform Ltd O43 - CFD: 04/12/2010 - 21:16:45 - [0,064] ----D C:\Program Files\CheckPoint O43 - CFD: 13/06/2013 - 19:56:06 - [429,108] ----D C:\Program Files\Common Files O43 - CFD: 24/06/2010 - 18:04:02 - [0,520] ----D C:\Program Files\DIFX O43 - CFD: 22/06/2011 - 23:30:31 - [3,997] ----D C:\Program Files\DVD Maker O43 - CFD: 04/12/2010 - 19:18:19 - [19,452] ----D C:\Program Files\E-Cam O43 - CFD: 24/06/2010 - 18:07:56 - [0,000] ----D C:\Program Files\EBI O43 - CFD: 24/06/2010 - 18:21:12 - [8,545] ----D C:\Program Files\EeePC O43 - CFD: 10/12/2010 - 22:28:09 - [10,669] ----D C:\Program Files\Foxit reader O43 - CFD: 05/05/2013 - 17:26:11 - [604,855] ----D C:\Program Files\Google O43 - CFD: 13/01/2012 - 19:48:22 - [74,734] --H-D C:\Program Files\InstallShield Installation Information O43 - CFD: 24/06/2010 - 18:00:53 - [58,942] ----D C:\Program Files\Intel O43 - CFD: 12/07/2013 - 16:56:59 - [5,223] ----D C:\Program Files\Internet Explorer O43 - CFD: 13/06/2013 - 19:53:30 - [122,325] ----D C:\Program Files\Java O43 - CFD: 24/01/2013 - 22:31:17 - [12,699] ----D C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 05/02/2011 - 14:59:33 - [2,447] ----D C:\Program Files\MarkAny O43 - CFD: 04/12/2010 - 19:21:49 - [2,541] ----D C:\Program Files\Microsoft O43 - CFD: 18/11/2011 - 08:56:17 - [562,925] ----D C:\Program Files\Microsoft Office O43 - CFD: 12/07/2013 - 16:58:01 - [40,851] ----D C:\Program Files\Microsoft Silverlight O43 - CFD: 06/03/2011 - 00:30:09 - [0,014] ----D C:\Program Files\Microsoft Visual Studio O43 - CFD: 06/03/2011 - 00:22:46 - [1,323] ----D C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 07/03/2011 - 09:24:36 - [3,554] ----D C:\Program Files\Microsoft Works O43 - CFD: 06/03/2011 - 00:28:03 - [7,789] ----D C:\Program Files\Microsoft.NET O43 - CFD: 09/05/2013 - 19:26:55 - [0,016] ----D C:\Program Files\Motorola O43 - CFD: 06/03/2011 - 00:30:34 - [0,025] ----D C:\Program Files\MSBuild O43 - CFD: 24/06/2010 - 19:02:50 - [0,147] ----D C:\Program Files\MSXML 4.0 O43 - CFD: 13/08/2011 - 15:45:37 - [0] ----D C:\Program Files\Naviextras O43 - CFD: 24/01/2013 - 20:57:47 - [0] ----D C:\Program Files\OnlineHD.TV O43 - CFD: 05/07/2012 - 12:51:59 - [33,205] ----D C:\Program Files\Oracle O43 - CFD: 24/01/2013 - 21:12:03 - [0] ----D C:\Program Files\Paint.NET O43 - CFD: 04/12/2010 - 23:12:09 - [24,289] ----D C:\Program Files\PDFCreator O43 - CFD: 10/12/2010 - 22:27:10 - [0,052] ----D C:\Program Files\plugins O43 - CFD: 04/12/2010 - 19:12:43 - [16,976] ----D C:\Program Files\Realtek O43 - CFD: 14/07/2009 - 06:52:30 - [37,357] ----D C:\Program Files\Reference Assemblies O43 - CFD: 05/02/2011 - 15:01:45 - [1,759] ----D C:\Program Files\Samsung O43 - CFD: 14/06/2013 - 20:22:34 - [18,953] R---D C:\Program Files\Skype O43 - CFD: 12/12/2010 - 13:43:17 - [1,259] ----D C:\Program Files\StarterBackgroundChanger O43 - CFD: 04/12/2010 - 19:14:25 - [28,744] ----D C:\Program Files\Synaptics O43 - CFD: 13/01/2012 - 19:52:38 - [0] --H-D C:\Program Files\Temp O43 - CFD: 14/07/2009 - 06:53:23 - [0] --H-D C:\Program Files\Uninstall Information O43 - CFD: 12/02/2012 - 21:04:42 - [0,924] ----D C:\Program Files\uTorrent =>P2P.µTorrent O43 - CFD: 04/12/2010 - 22:02:39 - [80,873] ----D C:\Program Files\VideoLAN O43 - CFD: 12/07/2013 - 16:56:52 - [2,909] ----D C:\Program Files\Windows Defender O43 - CFD: 09/05/2013 - 14:37:21 - [2,786] ----D C:\Program Files\Windows Live O43 - CFD: 04/12/2010 - 19:21:32 - [0,234] ----D C:\Program Files\Windows Live SkyDrive O43 - CFD: 22/06/2011 - 23:30:32 - [5,895] ----D C:\Program Files\Windows Mail O43 - CFD: 14/07/2009 - 06:52:30 - [11,632] ----D C:\Program Files\Windows NT O43 - CFD: 22/06/2011 - 23:30:29 - [4,213] ----D C:\Program Files\Windows Photo Viewer O43 - CFD: 22/06/2011 - 23:30:30 - [0,181] ----D C:\Program Files\Windows Portable Devices O43 - CFD: 22/06/2011 - 23:30:31 - [5,717] ----D C:\Program Files\Windows Sidebar O43 - CFD: 30/05/2013 - 20:31:23 - [4,131] ----D C:\Program Files\WinRAR O43 - CFD: 12/07/2013 - 18:56:19 - [17,048] ----D C:\Program Files\ZHPDiag O43 - CFD: 04/12/2010 - 21:16:09 - [18,609] ----D C:\Program Files\Zone Labs O43 - CFD: 24/06/2010 - 18:08:23 - [30,668] ----D C:\Program Files\Common Files\Adobe AIR O43 - CFD: 24/01/2013 - 21:00:26 - [44,663] ----D C:\Program Files\Common Files\Autodesk Shared O43 - CFD: 17/07/2012 - 14:42:19 - [0,171] ----D C:\Program Files\Common Files\AVSMedia O43 - CFD: 12/04/2011 - 13:48:01 - [0,187] ----D C:\Program Files\Common Files\DESIGNER O43 - CFD: 12/04/2011 - 13:51:24 - [6,816] ----D C:\Program Files\Common Files\InstallShield O43 - CFD: 13/06/2013 - 19:56:06 - [1,189] ----D C:\Program Files\Common Files\Java O43 - CFD: 17/07/2012 - 17:08:14 - [244,996] ----D C:\Program Files\Common Files\microsoft shared O43 - CFD: 21/06/2011 - 20:19:10 - [0,176] ----D C:\Program Files\Common Files\Motorola Shared O43 - CFD: 21/06/2011 - 20:18:44 - [0,675] ----D C:\Program Files\Common Files\MSSoap O43 - CFD: 21/06/2011 - 23:12:51 - [5,338] ----D C:\Program Files\Common Files\Nero O43 - CFD: 24/06/2010 - 18:10:24 - [0,338] ----D C:\Program Files\Common Files\Oberon Media O43 - CFD: 14/07/2009 - 04:37:05 - [0,003] ----D C:\Program Files\Common Files\Services O43 - CFD: 03/05/2013 - 20:48:49 - [1,904] ----D C:\Program Files\Common Files\Skype O43 - CFD: 14/07/2009 - 04:37:05 - [39,200] ----D C:\Program Files\Common Files\SpeechEngines O43 - CFD: 11/07/2012 - 19:16:20 - [45,388] ----D C:\Program Files\Common Files\System O43 - CFD: 15/12/2011 - 22:04:46 - [7,397] ----D C:\Program Files\Common Files\Tomato O43 - CFD: 04/12/2010 - 19:18:48 - [0] ----D C:\Program Files\Common Files\Windows Live O43 - CFD: 04/12/2010 - 20:14:41 - [0,000] ----D C:\ProgramData\Adobe O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Application Data O43 - CFD: 24/06/2010 - 18:02:31 - [0,009] ----D C:\ProgramData\Atheros O43 - CFD: 23/04/2011 - 13:45:56 - [33,347] ----D C:\ProgramData\Autodesk O43 - CFD: 04/12/2010 - 21:10:41 - [11,641] ----D C:\ProgramData\Avira O43 - CFD: 19/03/2011 - 13:41:14 - [0] ----D C:\ProgramData\AVS4YOU O43 - CFD: 04/07/2011 - 23:09:22 - [32,753] ----D C:\ProgramData\BVRP Software O43 - CFD: 04/12/2010 - 21:15:25 - [0,004] ----D C:\ProgramData\CheckPoint O43 - CFD: 10/02/2011 - 23:31:22 - [0] ----D C:\ProgramData\CorelDRAW Graphics Suite X5 O43 - CFD: 05/12/2010 - 19:53:18 - [0,001] ----D C:\ProgramData\DAEMON Tools Lite O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Documents O43 - CFD: 24/06/2010 - 18:08:02 - [0] ----D C:\ProgramData\EBI O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Favorites O43 - CFD: 04/12/2010 - 19:18:29 - [21,354] ----D C:\ProgramData\GoBoingo O43 - CFD: 15/08/2012 - 19:22:23 - [17,093] ----D C:\ProgramData\Malwarebytes O43 - CFD: 17/07/2012 - 17:07:56 - [256,265] ----D C:\ProgramData\Microsoft O43 - CFD: 12/07/2013 - 16:29:16 - [0,066] ----D C:\ProgramData\Microsoft Help O43 - CFD: 21/06/2011 - 23:15:28 - [8,230] ----D C:\ProgramData\Motorola O43 - CFD: 25/11/2011 - 20:22:52 - [0] ----D C:\ProgramData\Motorola Media Link O43 - CFD: 01/06/2012 - 21:30:26 - [0,742] ----D C:\ProgramData\Nero O43 - CFD: 05/02/2011 - 14:36:16 - [0,000] ----D C:\ProgramData\PC Drivers HeadQuarters O43 - CFD: 30/12/2011 - 20:54:31 - [0,003] ----D C:\ProgramData\philippe leclercq O43 - CFD: 24/06/2010 - 18:02:59 - [2,199] ----D C:\ProgramData\Ralink Driver O43 - CFD: 24/06/2010 - 18:08:02 - [0] ----D C:\ProgramData\RSMR O43 - CFD: 06/06/2011 - 11:28:37 - [0,437] ----D C:\ProgramData\Samsung O43 - CFD: 14/06/2013 - 20:22:40 - [59,682] ----D C:\ProgramData\Skype O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Start Menu O43 - CFD: 05/12/2010 - 19:24:42 - [0,000] ----D C:\ProgramData\Sun O43 - CFD: 30/12/2011 - 22:28:32 - [0] ----D C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Templates O43 - CFD: 24/06/2010 - 18:55:21 - [20,289] ----D C:\Users\philippe leclercq\AppData\Roaming\Adobe O43 - CFD: 08/10/2011 - 09:16:30 - [5,827] ----D C:\Users\philippe leclercq\AppData\Roaming\ASUS WebStorage O43 - CFD: 06/08/2011 - 17:17:27 - [9,121] ----D C:\Users\philippe leclercq\AppData\Roaming\Autodesk O43 - CFD: 20/04/2012 - 18:47:31 - [0,062] ----D C:\Users\philippe leclercq\AppData\Roaming\AVS4YOU O43 - CFD: 04/12/2010 - 21:17:12 - [0,111] ----D C:\Users\philippe leclercq\AppData\Roaming\CheckPoint O43 - CFD: 10/04/2012 - 11:56:08 - [0,001] ----D C:\Users\philippe leclercq\AppData\Roaming\com.adobe.example.widget.F826D533138FC008516DC0DE4625BA08DCDBC443.1 O43 - CFD: 04/01/2012 - 00:42:25 - [0,015] ----D C:\Users\philippe leclercq\AppData\Roaming\CompanionLink O43 - CFD: 05/12/2010 - 19:53:08 - [0] ----D C:\Users\philippe leclercq\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 04/02/2011 - 19:32:07 - [0,000] ----D C:\Users\philippe leclercq\AppData\Roaming\dvdcss O43 - CFD: 04/12/2010 - 19:17:29 - [0,000] ----D C:\Users\philippe leclercq\AppData\Roaming\E-Cam O43 - CFD: 04/12/2010 - 22:06:28 - [0,222] ----D C:\Users\philippe leclercq\AppData\Roaming\Foxit Software O43 - CFD: 22/11/2011 - 23:17:17 - [0] ----D C:\Users\philippe leclercq\AppData\Roaming\GoBoingo O43 - CFD: 14/07/2009 - 06:54:12 - [0] ----D C:\Users\philippe leclercq\AppData\Roaming\Identities O43 - CFD: 24/06/2010 - 18:00:39 - [0] ----D C:\Users\philippe leclercq\AppData\Roaming\InstallShield O43 - CFD: 24/06/2010 - 18:08:17 - [0,001] ----D C:\Users\philippe leclercq\AppData\Roaming\Macromedia O43 - CFD: 15/08/2012 - 19:22:49 - [0,008] ----D C:\Users\philippe leclercq\AppData\Roaming\Malwarebytes O43 - CFD: 16/07/2012 - 21:39:29 - [1,999] -S--D C:\Users\philippe leclercq\AppData\Roaming\Microsoft O43 - CFD: 17/02/2012 - 11:14:53 - [0,000] ----D C:\Users\philippe leclercq\AppData\Roaming\motorola O43 - CFD: 06/12/2011 - 20:58:29 - [0,000] ----D C:\Users\philippe leclercq\AppData\Roaming\Mozilla O43 - CFD: 05/12/2010 - 19:31:12 - [2,521] ----D C:\Users\philippe leclercq\AppData\Roaming\OpenOffice.org O43 - CFD: 12/12/2010 - 13:43:33 - [0,215] ----D C:\Users\philippe leclercq\AppData\Roaming\RGE O43 - CFD: 06/06/2011 - 11:28:37 - [0] ----D C:\Users\philippe leclercq\AppData\Roaming\Samsung O43 - CFD: 18/06/2013 - 23:42:09 - [4,224] ----D C:\Users\philippe leclercq\AppData\Roaming\Skype O43 - CFD: 30/12/2011 - 20:54:34 - [0,008] ----D C:\Users\philippe leclercq\AppData\Roaming\SyncCell O43 - CFD: 06/12/2010 - 13:57:26 - [14,488] ----D C:\Users\philippe leclercq\AppData\Roaming\Thunderbird O43 - CFD: 15/12/2011 - 22:10:04 - [0,052] ----D C:\Users\philippe leclercq\AppData\Roaming\Tomato O43 - CFD: 05/03/2013 - 18:54:43 - [2,470] ----D C:\Users\philippe leclercq\AppData\Roaming\uTorrent =>P2P.µTorrent O43 - CFD: 10/02/2013 - 00:14:54 - [1,556] ----D C:\Users\philippe leclercq\AppData\Roaming\vlc O43 - CFD: 30/05/2013 - 20:31:57 - [0,000] ----D C:\Users\philippe leclercq\AppData\Roaming\WinRAR O43 - CFD: 04/12/2010 - 20:14:20 - [0,120] ----D C:\Users\philippe leclercq\AppData\Local\Adobe O43 - CFD: 04/12/2010 - 19:11:35 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Application Data O43 - CFD: 04/12/2010 - 21:46:31 - [1,173] ----D C:\Users\philippe leclercq\AppData\Local\Apps O43 - CFD: 17/12/2010 - 23:59:34 - [0,001] ----D C:\Users\philippe leclercq\AppData\Local\ASUS O43 - CFD: 12/04/2011 - 13:53:45 - [3,137] ----D C:\Users\philippe leclercq\AppData\Local\Autodesk O43 - CFD: 02/07/2011 - 14:30:30 - [0] ----D C:\Users\philippe leclercq\AppData\Local\BVRP Software O43 - CFD: 05/05/2013 - 19:55:04 - [3,685] ----D C:\Users\philippe leclercq\AppData\Local\CRE O43 - CFD: 04/12/2010 - 21:46:48 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Deployment O43 - CFD: 20/06/2013 - 23:57:56 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Diagnostics O43 - CFD: 28/06/2011 - 22:30:53 - [134,687] ----D C:\Users\philippe leclercq\AppData\Local\Downloaded Installations O43 - CFD: 05/05/2013 - 17:40:42 - [126,255] ----D C:\Users\philippe leclercq\AppData\Local\Google O43 - CFD: 04/12/2010 - 19:11:35 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Historique O43 - CFD: 01/12/2012 - 16:12:06 - [1107,514] ----D C:\Users\philippe leclercq\AppData\Local\Microsoft O43 - CFD: 12/03/2012 - 20:24:30 - [0,194] ----D C:\Users\philippe leclercq\AppData\Local\Microsoft Help O43 - CFD: 01/02/2012 - 00:00:44 - [0] ----D C:\Users\philippe leclercq\AppData\Local\MigWiz O43 - CFD: 01/06/2012 - 21:31:48 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Motorola O43 - CFD: 04/01/2013 - 21:59:24 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Paint.NET O43 - CFD: 06/06/2011 - 11:28:37 - [0,000] ----D C:\Users\philippe leclercq\AppData\Local\Samsung O43 - CFD: 05/12/2010 - 11:18:13 - [2,902] ----D C:\Users\philippe leclercq\AppData\Local\Screamer Radio O43 - CFD: 12/07/2013 - 18:52:52 - [2,136] ----D C:\Users\philippe leclercq\AppData\Local\Temp O43 - CFD: 04/12/2010 - 19:11:35 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Temporary Internet Files O43 - CFD: 06/12/2010 - 13:57:26 - [5,182] ----D C:\Users\philippe leclercq\AppData\Local\Thunderbird O43 - CFD: 12/06/2011 - 20:48:06 - [0,200] ----D C:\Users\philippe leclercq\AppData\Local\Unity O43 - CFD: 27/06/2011 - 22:31:04 - [0,048] ----D C:\Users\philippe leclercq\AppData\Local\VirtualStore O43 - CFD: 05/12/2010 - 11:37:06 - [0] ----D C:\Users\philippe leclercq\AppData\Local\Windows Live O43 - CFD: 29/12/2011 - 23:32:53 - [0] ----D C:\Users\philippe leclercq\AppData\Local\WMTools Downloaded Files O43 - CFD: 14/07/2009 - 06:42:04 - [0,014] R---D C:\Users\philippe leclercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 17/05/2013 - 18:49:27 - [0,000] R---D C:\Users\philippe leclercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 14/07/2009 - 06:37:42 - [0,001] R---D C:\Users\philippe leclercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 04/12/2010 - 23:14:05 - [0,006] ----D C:\Users\philippe leclercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio O43 - CFD: 17/05/2013 - 18:49:27 - [0,000] R---D C:\Users\philippe leclercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 30/05/2013 - 20:31:24 - [0,003] ----D C:\Users\philippe leclercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Program Folder: 172 Scanned in 00mn 32s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.6B059283E9344CAC7D45D86B1E076193] - 12/07/2013 - 17:40:09 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1022349] O44 - LFC:[MD5.6DA42E2D10C12D667147631DA4D9B1DE] - 12/07/2013 - 17:30:53 ---A- . (...) -- C:\Windows\setupact.log [1624] O44 - LFC:[MD5.C19A939A219640E0C007ED891E3449A3] - 12/07/2013 - 17:30:51 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.1BCC404D2F62607414C27394AD739897] - 12/07/2013 - 17:28:19 ---A- . (...) -- C:\AdwCleaner[s3].txt [4734] O44 - LFC:[MD5.D53D7C51394130D101A1E624144DFB0D] - 12/07/2013 - 17:28:19 ---A- . (...) -- C:\Windows\DeleteOnReboot.bat [316] O44 - LFC:[MD5.19645C0C25514796F8329AE8A7C37CB5] - 12/07/2013 - 16:47:58 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1549936] O44 - LFC:[MD5.98FD9A711FF2C1B7DEC2FBE3BDF0D7DE] - 12/07/2013 - 16:47:58 ---A- . (...) -- C:\Windows\System32\perfc009.dat [106622] O44 - LFC:[MD5.0CC33ED9F88A95A61073F7198B8B525D] - 12/07/2013 - 16:47:58 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [130988] O44 - LFC:[MD5.8B204C37BB1F9CE9394E372FD77B3FD5] - 12/07/2013 - 16:47:58 ---A- . (...) -- C:\Windows\System32\perfh009.dat [616242] O44 - LFC:[MD5.081CEF23C9CBBE22B4A7F9F3F4D409D4] - 12/07/2013 - 16:47:58 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [704714] O44 - LFC:[MD5.88F2AD0A8DDEC95BEDD2DBFC47874D49] - 12/07/2013 - 16:00:07 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [524096] O44 - LFC:[MD5.BF1D2CFAE91C1E835902ECA27F8F7470] - 12/07/2013 - 15:30:15 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2706432] O44 - LFC:[MD5.52F71A5790E1B6FFC34648F3B311EEE1] - 12/07/2013 - 15:30:14 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript.dll [690688] O44 - LFC:[MD5.CB811C14C225DD07B98E676DFB0221E6] - 12/07/2013 - 15:30:11 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [2877440] O44 - LFC:[MD5.AC9A9B64AF7005E488390E38AE00D117] - 12/07/2013 - 15:30:10 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [39424] O44 - LFC:[MD5.B6A67646BD7E3A0AF2515703CBBD9A1C] - 12/07/2013 - 15:30:09 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [61440] O44 - LFC:[MD5.6A32A12A2C76B729D6485D04FCFB2175] - 12/07/2013 - 15:30:08 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [391168] O44 - LFC:[MD5.DED7DCF831A05D21F49510EA03F8F2C5] - 12/07/2013 - 15:30:06 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll [109056] O44 - LFC:[MD5.EED047A0C528813D6AAF4F4F8B2C40C4] - 12/07/2013 - 15:30:06 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [493056] O44 - LFC:[MD5.0D2F075863C2FA4F84FB95AC00B95151] - 12/07/2013 - 15:30:06 ---A- . (.Microsoft Corporation - Registers custom PKEYs for IE.) -- C:\Windows\System32\RegisterIEPKEYs.exe [71680] O44 - LFC:[MD5.F4A608A800C1BB6838797390CBBC1269] - 12/07/2013 - 15:30:06 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [33280] O44 - LFC:[MD5.6D404DDC4D0C13350E8EF0DD0421A7ED] - 12/07/2013 - 15:30:06 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [42496] O44 - LFC:[MD5.225D276C730DF08CC83EABAC407F0D75] - 12/07/2013 - 15:30:05 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1141248] O44 - LFC:[MD5.FE29131E35902038066C924CF9C59DF8] - 12/07/2013 - 15:30:03 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2046976] O44 - LFC:[MD5.9BF7C7654EFD098EE3A27B49492A382A] - 12/07/2013 - 15:29:58 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [1767936] O44 - LFC:[MD5.CC3FD6DEEE458D0BE9A69241E0749717] - 12/07/2013 - 15:29:52 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [13760512] O44 - LFC:[MD5.AF31E7D2C385F647ADFD5F5736B3BA64] - 12/07/2013 - 15:29:45 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll [14329856] O44 - LFC:[MD5.1C0E369575F387460E2A5F28269B2CC4] - 11/07/2013 - 20:05:25 ---A- . (.Microsoft Corporation - Services de typographie Microsoft DirectX.) -- C:\Windows\System32\DWrite.dll [1247744] O44 - LFC:[MD5.56D61BE56DA22334829E14CDE6A8C1FE] - 11/07/2013 - 20:05:22 ---A- . (.Microsoft Corporation - Windows Media Video Decoder.) -- C:\Windows\System32\WMVDECOD.DLL [1620480] O44 - LFC:[MD5.674EB817CF6E43B7DF3EC26E06E98D98] - 11/07/2013 - 20:05:20 ---A- . (.Microsoft Corporation - Édition DirectShow..) -- C:\Windows\System32\qedit.dll [509440] O44 - LFC:[MD5.4D52150FC35E333F6CBBB6B6E6D9366D] - 11/07/2013 - 20:05:18 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [2347520] O44 - LFC:[MD5.2E0FF281FFFA4289E504716629B2C48B] - 07/07/2013 - 00:12:06 ---A- . (...) -- C:\Windows\PFRO.log [866] O44 - LFC:[MD5.54C9C26A5CAFAC3E724E433D9DC2053D] - 06/07/2013 - 20:44:39 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] ~ Files: 33 Scanned in 02mn 33s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 13 Scanned in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{65e1d9b1-9c22-11e0-baf0-20cf30426731}\AutoRun\command. (...) -- E:\setup.exe (.not file.) O51 - MPSK:{ef9af0ed-85e2-11e2-ac19-20cf30426731}\AutoRun\command. (...) -- E:\setup.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"vidc.i420"="i420vfw.dll" . (.www.helixcommunity.org - Helix I420 YUV Codec.) -- C:\Windows\System32\i420vfw.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.yv12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\Windows\System32\yv12vfw.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 5 Scanned in 00mn 01s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0 ~ MWPS: 18 Scanned in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 ~ MWPE Keys: 1 Scanned in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] ~ Drivers: Scanned in 00mn 00s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ ADS: Scanned in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 25/04/2011 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - 09/02/2011 - Pas de propriétaire (AsUpIO) .(...) - LEGACY_ASUPIO O64 - Services: CurCS - 13/02/2009 - C:\Program Files\Avira\AntiVir Desktop\avgio.sys (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - 25/11/2009 - C:\Windows\System32\DRIVERS\avgntflt.sys (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 30/03/2009 - C:\Windows\System32\DRIVERS\avipbb.sys (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE O64 - Services: CurCS - 10/04/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - 18/12/2008 - C:\windows\system32\Drivers\eusk2par.sys (eusk2par) .(.Aladdin Knowledge Systems Ltd. - SmartKey Parallel Driver.) - LEGACY_EUSK2PAR O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat) .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - 29/09/2012 - C:\windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\webclnt.dll (MRxDAV) .(.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) - LEGACY_MRXDAV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10 O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR O64 - Services: CurCS - 05/12/2010 - C:\Windows\System32\Drivers\sptd.sys (sptd) .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2 O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - 11/05/2009 - C:\Windows\System32\DRIVERS\ssmdrv.sys (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - 15/05/2010 - C:\Windows\System32\DRIVERS\vsdatant.sys (Vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (vwififlt) .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6 O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\WudfPf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF ~ Legacy: 74 Scanned in 00mn 01s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ FASS Keys: 19 Scanned in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - Bing ~ Keys: Scanned in 00mn 00s ---\\ Crack & Keygen Files (O82) C:\Users\philippe leclercq\AppData\Roaming\uTorrent\Adobe Acrobat 7.0 Professional + keygen.zip.torrent =>P2P.µTorrent C:\Users\philippe leclercq\AppData\Roaming\uTorrent\Adobe Acrobat 7.0 Professional + keygen.zip.torrent =>P2P.µTorrent ~ Files: Scanned in 01mn 31s ---\\ Recherche des services démarrés par Svchost (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [168960] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [593408] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [674304] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [473600] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [286208] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [242176] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [521216] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1933848] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [585728] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [499712] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [47104] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [49664] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164352] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [750592] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [71168] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [113664] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102912] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [37376] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800] ~ Services: 32 Scanned in 00mn 01s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.0D3B680986310AE5540578C0E481C6A0] [sPRF][02/03/2010] (...) -- C:\ProgramData\FullRemove.exe [131984] [MD5.CA3EDB923F1E762D820EA3D3830E88D5] [sPRF][09/07/2013] (...) -- C:\Users\philippe leclercq\AppData\Local\Temp\ICReinstall_VuuPC_Setup.exe [591904] [MD5.1078C8BD8C62CF4DEE6FE1058C3D56A7] [sPRF][12/07/2013] (...) -- C:\Users\philippe leclercq\Desktop\adwcleaner.exe [650027] [MD5.1EC9CFB7C0309CC479D1C9ACB5744117] [sPRF][12/07/2013] (.Oleg N. Scherbakov - 7z Setup SFX.) -- C:\Users\philippe leclercq\Desktop\JRT.exe [559306] [MD5.585CAD98B9DCFD8FFDB55B99946D5597] [sPRF][06/07/2013] (.Pas de propriétaire - Nettoyage des fichiers temporaires.) -- C:\Users\philippe leclercq\Desktop\SFTGC.exe [1064342] [MD5.CA3EDB923F1E762D820EA3D3830E88D5] [sPRF][09/07/2013] (...) -- C:\Users\philippe leclercq\Desktop\VuuPC_Setup.exe [591904] [MD5.C4B0A988EBF817CB52BA2E8979771772] [sPRF][06/07/2013] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\philippe leclercq\Desktop\ZHPDiag2.exe [5701171] [MD5.279BE2F0827082F7F5BA149290CE0F69] [sPRF][20/12/2010] (.Direction Générale des Impôts - Module de délivrance de certificat MINEFI.) -- C:\Windows\Downloaded Program Files\CERTDGI1.dll [105944] [MD5.92149D7FC2B90B189F8AEECC2F9DDCEE] [sPRF][12/02/2007] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropENU.dll [114792] ~ Files: Scanned in 00mn 02s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-LLMNR-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "{0C356285-224D-4988-B599-382E3E366D14}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{25DE5CF8-8540-4AF7-B7B7-82379F794AB3}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{4FA3ECBA-F511-4A77-8364-02B56B7D75C6}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{F0817109-B2C2-4C0F-BB5F-EF61F1DCDF6C}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{1CB5EB54-520B-4144-9C65-9F74D464D437}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{20F9C29D-6E5B-4C20-80CC-6E7A0E7F0352}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe ~ Firewall: 117 Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : v2.12676 - (05/07/2013) Clés trouvées (Keys found) : 7 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\CLSID\{AC6240AE-33B6-40D3-8683-31BBE86049A0}] =>Toolbar.Conduit [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6240AE-33B6-40D3-8683-31BBE86049A0}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ef79f67a-6ad7-4715-a0f8-932fca442023}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ef79f67a-6ad7-4715-a0f8-932fca442023}] =>Toolbar.Conduit [HKLM\Software\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF79F67A-6AD7-4715-A0F8-932FCA442023}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF79F67A-6AD7-4715-A0F8-932FCA442023}] =>Toolbar.Conduit ~ Additionnel Scan: 207206 Items scanned in 00mn 50s ---\\ Product Upgrade Codes (O90) O90 - PUC: "0C22D86408082E118BE68BCAF689CC3E" . (.Google Earth.) -- C:\windows\Installer\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}\ARPPRODUCTICON.exe O90 - PUC: "1B3A5E831FDA0E7408426713A003BE63" . (.LiveUpdate.) -- C:\windows\Installer\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}\ARPPRODUCTICON.exe O90 - PUC: "26FCC409D8185764CB673DE73B999F71" . (.Gestionnaire pour appareils Windows Mobile.) -- C:\windows\Installer\{904CCF62-818D-4675-BC76-D37EB399F917}\wmdc.exe O90 - PUC: "44D1C85F9CA48E840994A7C6FDBC14C5" . (.LocaleMe.) -- C:\windows\Installer\{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}\ARPPRODUCTICON.exe O90 - PUC: "502643A929AE60441BBA0573D93A0F75" . (.Autodesk DWF Viewer 7.) -- C:\windows\Installer\{9A346205-EA92-4406-B1AB-50379DA3F057}\ARPPRODUCTICON.exe O90 - PUC: "84DE94E7E76B72A438D9EE8095A069BB" . (.Boingo Wi-Fi.) -- C:\windows\Installer\{7E49ED48-B67E-4A27-839D-EE08590A96BB}\BoingoIco.exe O90 - PUC: "907018673D7AD86419761A87C0E167C6" . (.Windows Live FolderShare.) -- C:\windows\Installer\{76810709-A7D3-468D-9167-A1780C1E766C}\FolderShare48x48.ico O90 - PUC: "99F08771FD9AB054183B76182BA0718A" . (.FontResizer.) -- C:\windows\Installer\{17780F99-A9DF-450B-81B3-6781B20A17A8}\ARPPRODUCTICON.exe O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon O90 - PUC: "DDB6C50237B7ED245850A990F3532A83" . (.Outil de téléchargement Windows Live.) -- C:\windows\Installer\{205C6BDD-7B73-42DE-8505-9A093F35A238}\RichUpload.ico O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype™ 6.5.) -- C:\windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe O90 - PUC: "F6071111A6667304777712318267D401" . (.JavaFX 2.1.1.) -- C:\windows\Installer\{1111706F-666A-4037-7777-211328764D10}\javaIcon.ico ~ Update Products: 57 Scanned in 00mn 00s ---\\ MyComputer Name Space (O92) O92 - MNS: ASUS WebStorage Drive - {d6044399-0b9e-4084-a9ac-c4b7c7800fcf} ~ MNS: 1 Scanned in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 14/06/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 13/05/2009 108289 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 21/07/2009 185089 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 219136 | (AsusService) . (...) - C:\Windows\System32\AsusService.exe SS - | Demand 12/04/2011 85096 | (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe SS - | Auto 04/12/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 04/12/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SR - | Auto 05/06/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe SR - | Auto 29/09/2012 399432 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe SR - | Auto 29/09/2012 676936 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SR - | Auto 14/07/2009 20992 | C:\windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 22/09/2010 249136 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe SS - | Auto 03/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe SR - | Auto 20/05/2010 2437176 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\Windows\System32\ZoneLabs\vsmon.exe SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 04s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover ~ MBR: 1 Scanned in 00mn 02s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by philippe leclercq at 12/07/2013 19:03:09 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ---\\ Malicius Software Information ~ Toolbar.Conduit - Malicius Software Information =>Toolbar.Conduit ~ MSI: 1 link(s) detected in 00mn 07s End of the scan (1314 lines in 08mn 22s)(2) merci encore
  3. bonsoir quand je clic sur : Téléchargements - Outils de Xplode - AdwCleaner j arrive sur une page où la seule proposition de telechargement est située à droite dans un écran et j'obtiens " VuuPC_Setup.exe ".Je n'ose pas le lancer puisqu'il ne s'agit pas à priori de ADWCleaner
  4. rapport zhp diag: © CJoint.com, 2012 rapport sft : © CJoint.com, 2012
  5. bonjour monpc estlent et les pages internet plantent souvent aidez moi svp
  6. deuxieme rapport : # AdwCleaner v2.105 - Rapport créé le 13/01/2013 à 18:53:55 # Mis à jour le 08/01/2013 par Xplode # Système d'exploitation : Windows 7 Home Premium (64 bits) # Nom d'utilisateur : elisabeth - ELISABETH-TOSH # Mode de démarrage : Normal # Exécuté depuis : C:\Users\elisabeth\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U5AJEL6A\adwcleaner (1).exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** ***** [Registre] ***** ***** [Navigateurs] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v18.0 (fr) Fichier : C:\Users\elisabeth\AppData\Roaming\Mozilla\Firefox\Profiles\4qxhj5sx.default\prefs.js [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [1050 octets] - [13/01/2013 18:34:21] AdwCleaner[R2].txt - [1094 octets] - [13/01/2013 18:51:08] AdwCleaner[s1].txt - [1115 octets] - [13/01/2013 18:37:32] AdwCleaner[s2].txt - [1028 octets] - [13/01/2013 18:53:55] ########## EOF - C:\AdwCleaner[s2].txt - [1088 octets] ##########
  7. rapport : # AdwCleaner v2.105 - Rapport créé le 13/01/2013 à 18:51:08 # Mis à jour le 08/01/2013 par Xplode # Système d'exploitation : Windows 7 Home Premium (64 bits) # Nom d'utilisateur : elisabeth - ELISABETH-TOSH # Mode de démarrage : Normal # Exécuté depuis : C:\Users\elisabeth\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U5AJEL6A\adwcleaner (1).exe # Option [Recherche] ***** [services] ***** ***** [Fichiers / Dossiers] ***** ***** [Registre] ***** ***** [Navigateurs] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v18.0 (fr) Fichier : C:\Users\elisabeth\AppData\Roaming\Mozilla\Firefox\Profiles\4qxhj5sx.default\prefs.js [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [1050 octets] - [13/01/2013 18:34:21] AdwCleaner[R2].txt - [906 octets] - [13/01/2013 18:51:08] AdwCleaner[s1].txt - [1115 octets] - [13/01/2013 18:37:32] ########## EOF - C:\AdwCleaner[R2].txt - [1025 octets] ##########
  8. voici le rapport : http://cjoint.com/?CAntaSPGRXA ___________________ EDIT ______________________ Ce genre de rapport, par sa longueur, est susceptible de bloquer le sujet et de le rendre ainsi inaccessible pour toi, comme pour le Helper qui t'a pris en charge. Il convient d'héberger les documents volumineux, par exemple chez . C'est que je viens de faire ici. Merci - Tonton.
  9. bonjour mon pc est anormalement lent et se bloque sur firefox pouvez vous m aider ?
  10. bonjour ca a l air d aller. Je n ai plus de fenetre qui s affiche toute seule merci pour tout
  11. bonjour All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\ not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ef79f67a-6ad7-4715-a0f8-932fca442023} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ef79f67a-6ad7-4715-a0f8-932fca442023}\ not found. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{704F44C6-BB9D-4C0F-BB50-CD99876C35EC}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{704F44C6-BB9D-4C0F-BB50-CD99876C35EC}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DBE038AB-ABB8-4DD2-88CC-1271944A1BB9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBE038AB-ABB8-4DD2-88CC-1271944A1BB9}\ not found. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\searchplugin folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\modules folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\META-INF folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\defaults folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\components folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}\chrome folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023}\searchplugin folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023}\modules folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023}\META-INF folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023}\defaults folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023}\components folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023}\chrome folder moved successfully. C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023} folder moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 321 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: philippe leclercq ->Temp folder emptied: 1514806 bytes ->Temporary Internet Files folder emptied: 3541725 bytes ->Java cache emptied: 517339 bytes ->Google Chrome cache emptied: 115480278 bytes ->Flash cache emptied: 42152 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 5 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 121699787 bytes RecycleBin emptied: 40960 bytes Total Files Cleaned = 232.00 mb OTL by OldTimer - Version 3.2.57.0 log created on 08202012_121858 Files\Folders moved on Reboot... C:\windows\temp\TMP0000000824DC9173D9B75C4B moved successfully. C:\windows\temp\ZLT07b5b.TMP moved successfully. PendingFileRenameOperations files... File C:\windows\temp\TMP0000000824DC9173D9B75C4B not found! File C:\windows\temp\ZLT07b5b.TMP not found! Registry entries deleted on Reboot...
  12. bonjour # AdwCleaner v1.801 - Rapport créé le 18/08/2012 à 09:39:21 # Mis à jour le 14/08/2012 par Xplode # Système d'exploitation : Windows 7 Starter Service Pack 1 (32 bits) # Nom d'utilisateur : philippe leclercq - INVISIBLE # Mode de démarrage : Normal # Exécuté depuis : C:\Users\philippe leclercq\Downloads\adwcleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** ***** [Registre] ***** ***** [Registre - GUID] ***** ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.7601.17514 [OK] Le registre ne contient aucune entrée illégitime. -\\ Google Chrome v21.0.1180.79 Fichier : C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[s1].txt - [7105 octets] - [15/08/2012 18:40:28] AdwCleaner[s2].txt - [891 octets] - [18/08/2012 09:39:21] ########## EOF - C:\AdwCleaner[s2].txt - [1018 octets] ########## Malwarebytes Anti-Malware (Essai) 1.62.0.1300 www.malwarebytes.org Version de la base de données: v2012.08.17.06 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 8.0.7601.17514 philippe leclercq :: INVISIBLE [administrateur] Protection: Activé 18/08/2012 10:25:49 mbam-log-2012-08-18 (10-25-49).txt Type d'examen: Examen complet (C:\|D:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 319064 Temps écoulé: 1 heure(s), 56 minute(s), 15 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 0 (Aucun élément nuisible détecté) (fin) OTL logfile created on: 8/18/2012 1:57:26 PM - Run 1 OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\philippe leclercq\Downloads Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1014.18 Mb Total Physical Memory | 100.38 Mb Available Physical Memory | 9.90% Memory free 1.55 Gb Paging File | 0.15 Gb Available in Paging File | 10.01% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 80.00 Gb Total Space | 0.70 Gb Free Space | 0.87% Space Free | Partition Type: NTFS Drive D: | 54.03 Gb Total Space | 0.01 Gb Free Space | 0.01% Space Free | Partition Type: NTFS Computer Name: INVISIBLE | User Name: philippe leclercq | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\philippe leclercq\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe () PRC - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) PRC - C:\Windows\System32\AsusService.exe () PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) ========== Modules (No Company Name) ========== MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll () MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll () MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\libglesv2.dll () MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\libegl.dll () MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\avutil-51.dll () MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\avformat-54.dll () MOD - C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\avcodec-54.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe () MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\PROGRA~1\ASUS\ASUSWE~1\3084~1.161\ASUSWS~1.DLL () ========== Win32 Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MotoHelper) -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe () SRV - (Autodesk Licensing Service) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) SRV - (vsmon) -- C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) SRV - (AsusService) -- C:\Windows\System32\AsusService.exe () SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (RimUsb) -- System32\Drivers\RimUsb.sys File not found DRV - (motusbdevice) -- system32\DRIVERS\motusbdevice.sys File not found DRV - (Motousbnet) -- system32\DRIVERS\Motousbnet.sys File not found DRV - (MotoSwitchService) -- system32\DRIVERS\motswch.sys File not found DRV - (motmodem) -- system32\DRIVERS\motmodem.sys File not found DRV - (motccgpfl) -- system32\DRIVERS\motccgpfl.sys File not found DRV - (motccgp) -- system32\DRIVERS\motccgp.sys File not found DRV - (motandroidusb) -- System32\Drivers\motoandroid.sys File not found DRV - (btwrchid) -- C:\windows\system32\DRIVERS\btwrchid.sys File not found DRV - (btwl2cap) -- system32\DRIVERS\btwl2cap.sys File not found DRV - (btwavdt) -- C:\windows\system32\DRIVERS\btwavdt.sys File not found DRV - (btwaudio) -- system32\drivers\btwaudio.sys File not found DRV - (BTCFilterService) -- system32\DRIVERS\motfilt.sys File not found DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (AsUpIO) -- C:\Windows\System32\drivers\AsUpIO.sys () DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD) DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.) DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.) DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( ) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = {searchTerms} - Bing IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = ASUS Eee Family | Easy to Learn, Work and Play [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - No CLSID value found IE - HKCU\..\URLSearchHook: {ef79f67a-6ad7-4715-a0f8-932fca442023} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = {searchTerms} - Bing IE - HKCU\..\SearchScopes\{704F44C6-BB9D-4C0F-BB50-CD99876C35EC}: "URL" = {searchTerms} - Yahoo! France Résultats de recherche IE - HKCU\..\SearchScopes\{DBE038AB-ABB8-4DD2-88CC-1271944A1BB9}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=KSO&o=41647939&src=crm&q={searchTerms}&locale=fr_FR&apn_ptnrs=7R&apn_dtid=YYYYYYYYFR&apn_uid=3f59661f-8d64-4990-a477-ee220244000c&apn_sauid=B9D17693-229C-49E0-9EE7-BC0392703FBC& IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {e2fda1a4-762b-4020-b5ad-a41df1933103}:1.0b2 FF - prefs.js..extensions.enabledItems: [email protected]:3.9.2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\philippe leclercq\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\philippe leclercq\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\philippe leclercq\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) [2010/12/06 13:57:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\philippe leclercq\AppData\Roaming\mozilla\Extensions [2010/12/06 13:57:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\philippe leclercq\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012/01/01 21:59:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions [2011/12/06 20:58:32 | 000,000,000 | ---D | M] (uTorrentBar_FR Community Toolbar) -- C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} [2012/01/01 21:59:20 | 000,000,000 | ---D | M] (BittorrentBar_FR Community Toolbar) -- C:\Users\philippe leclercq\AppData\Roaming\mozilla\Firefox\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023} [2010/12/07 22:44:09 | 000,000,000 | ---D | M] (Lightning) -- C:\USERS\PHILIPPE LECLERCQ\APPDATA\ROAMING\THUNDERBIRD\PROFILES\N1R7AGUE.DEFAULT\EXTENSIONS\{E2FDA1A4-762B-4020-B5AD-A41DF1933103} [2010/12/07 22:58:39 | 000,000,000 | ---D | M] (Dictionnaire français «Classique & Réforme 1990») -- C:\USERS\PHILIPPE LECLERCQ\APPDATA\ROAMING\THUNDERBIRD\PROFILES\N1R7AGUE.DEFAULT\EXTENSIONS\[email protected] ========== Chrome ========== CHR - homepage: Google CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: Google CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Java Platform SE 7 U2 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Ma-Config.com plugin (Enabled) = C:\Program Files\ma-config.com\nphardwaredetection.dll CHR - Extension: YouTube = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Recherche Google = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: FD Plugin = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaankaoacjlcnkdfagcnnncmeojkoeai\1.0.2_1\ CHR - Extension: Gmail = C:\Users\philippe leclercq\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} https://static.impots.gouv.fr/abos/static/securite/certdgi1_2-0.cab (Module de délivrance de certificat MINEFI) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_2_1_0.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CBBC60F-00AF-41ED-9CA1-46055DD437ED}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F537F381-17A3-443A-A90E-23BC2441989D}: NameServer = 172.16.48.242,172.16.48.244 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{65e1d9b1-9c22-11e0-baf0-20cf30426731}\Shell - "" = AutoRun O33 - MountPoints2\{65e1d9b1-9c22-11e0-baf0-20cf30426731}\Shell\AutoRun\command - "" = E:\setup.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\windows\System32\i420vfw.dll (www.helixcommunity.org) Drivers32: vidc.yv12 - C:\windows\System32\yv12vfw.dll (www.helixcommunity.org) PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: vsmon - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {69E9D29D-482A-4DDA-D1CB-7E1A9A07A627} - Offline Browsing Pack ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {9A9B7981-608F-76B3-2831-FCB18EEF7CA5} - Themes Setup ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CACB6E31-8047-3D19-C342-5C33695EE5AA} - Browser Customizations ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Reg Error: Value error. ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\windows\System32\i420vfw.dll (www.helixcommunity.org) Drivers32: vidc.yv12 - C:\windows\System32\yv12vfw.dll (www.helixcommunity.org) ========== Files/Folders - Created Within 30 Days ========== [2012/08/18 09:37:46 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2012/08/15 19:22:49 | 000,000,000 | ---D | C] -- C:\Users\philippe leclercq\AppData\Roaming\Malwarebytes [2012/08/15 19:22:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/08/15 19:22:20 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2012/08/15 19:22:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012/08/15 18:40:36 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2012/08/15 18:40:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2012/08/15 18:40:32 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2012/08/15 18:40:31 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2012/08/15 18:40:31 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll [2012/08/15 18:40:23 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srcore.dll [2012/08/15 18:40:17 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2012/08/15 18:40:04 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\browcli.dll [2012/08/01 09:15:48 | 000,000,000 | ---D | C] -- C:\Users\philippe leclercq\Desktop\contenu motorola defy [2012/07/31 19:42:20 | 000,000,000 | ---D | C] -- C:\Users\philippe leclercq\Desktop\Nouveau dossier [2012/07/25 10:38:25 | 000,000,000 | ---D | C] -- C:\Users\philippe leclercq\Desktop\Camera [2011/07/02 14:16:07 | 000,092,064 | ---- | C] (MCCI) -- C:\Users\philippe leclercq\mqdmmdm.sys [2011/07/02 14:16:07 | 000,079,328 | ---- | C] (MCCI) -- C:\Users\philippe leclercq\mqdmserd.sys [2011/07/02 14:16:07 | 000,066,656 | ---- | C] (MCCI) -- C:\Users\philippe leclercq\mqdmbus.sys [2011/07/02 14:16:07 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Users\philippe leclercq\usbsermptxp.sys [2011/07/02 14:16:07 | 000,022,768 | ---- | C] (Microsoft Corporation) -- C:\Users\philippe leclercq\usbsermpt.sys [2011/07/02 14:16:07 | 000,009,232 | ---- | C] (MCCI) -- C:\Users\philippe leclercq\mqdmmdfl.sys [2011/07/02 14:16:07 | 000,006,208 | ---- | C] (MCCI) -- C:\Users\philippe leclercq\mqdmcmnt.sys [2011/07/02 14:16:07 | 000,005,936 | ---- | C] (MCCI) -- C:\Users\philippe leclercq\mqdmwhnt.sys [2011/07/02 14:16:07 | 000,004,048 | ---- | C] (MCCI) -- C:\Users\philippe leclercq\mqdmcr.sys [1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/08/18 14:02:13 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2012/08/18 13:53:00 | 000,001,078 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2012/08/18 13:48:00 | 000,001,002 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2012/08/18 13:39:01 | 000,001,126 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2091292328-1087205343-3181550619-1000UA.job [2012/08/18 11:39:11 | 000,001,074 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2091292328-1087205343-3181550619-1000Core.job [2012/08/18 10:25:34 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2012/08/18 10:25:34 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/08/18 10:25:34 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/08/18 10:17:36 | 000,001,074 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2012/08/18 10:17:02 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012/08/18 10:16:57 | 797,581,312 | -HS- | M] () -- C:\hiberfil.sys [2012/08/17 09:22:56 | 000,522,016 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2012/08/15 18:48:29 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe [2012/08/15 18:48:29 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2012/08/14 14:24:07 | 000,704,508 | ---- | M] () -- C:\windows\System32\perfh00C.dat [2012/08/14 14:24:07 | 000,616,036 | ---- | M] () -- C:\windows\System32\perfh009.dat [2012/08/14 14:24:07 | 000,130,782 | ---- | M] () -- C:\windows\System32\perfc00C.dat [2012/08/14 14:24:07 | 000,106,416 | ---- | M] () -- C:\windows\System32\perfc009.dat [2012/08/12 12:32:06 | 000,405,828 | ---- | M] () -- C:\Users\philippe leclercq\Desktop\100_6421.JPG [2012/08/09 08:44:02 | 000,401,274 | ---- | M] () -- C:\Users\philippe leclercq\Desktop\100_6420.JPG [2012/07/29 20:41:00 | 004,334,592 | ---- | M] () -- C:\Users\philippe leclercq\Desktop\contacts outlook.pst [1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/08/18 14:02:13 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2012/08/12 17:05:30 | 000,401,274 | ---- | C] () -- C:\Users\philippe leclercq\Desktop\100_6420.JPG [2012/08/12 16:56:58 | 000,405,828 | ---- | C] () -- C:\Users\philippe leclercq\Desktop\100_6421.JPG [2012/07/29 20:39:51 | 004,334,592 | ---- | C] () -- C:\Users\philippe leclercq\Desktop\contacts outlook.pst [2012/04/20 18:56:05 | 000,027,648 | ---- | C] () -- C:\windows\System32\AVSredirect.dll [2012/01/13 19:48:45 | 000,200,468 | ---- | C] () -- C:\windows\System32\drivers\RTAIODAT.DAT [2011/12/30 20:53:19 | 000,000,019 | ---- | C] () -- C:\windows\info9.ini [2011/12/30 20:53:19 | 000,000,019 | ---- | C] () -- C:\windows\info7.ini [2011/12/30 20:53:19 | 000,000,019 | ---- | C] () -- C:\windows\info4.ini [2011/12/30 20:53:19 | 000,000,019 | ---- | C] () -- C:\windows\info10.ini [2011/07/02 16:31:00 | 000,038,458 | ---- | C] () -- C:\Users\philippe leclercq\AppData\Roaming\Valeurs séparées par une virgule (Windows).ADR [2011/07/02 16:22:12 | 000,038,443 | ---- | C] () -- C:\Users\philippe leclercq\AppData\Roaming\Microsoft Excel 97-2003.ADR [2011/07/02 14:16:07 | 000,009,913 | ---- | C] () -- C:\Users\philippe leclercq\MCCI_MDM.INF [2011/07/02 14:16:07 | 000,009,232 | ---- | C] () -- C:\Users\philippe leclercq\USB_MOT_BRIT.INF [2011/07/02 14:16:07 | 000,007,201 | ---- | C] () -- C:\Users\philippe leclercq\USBMOT2000.INF [2011/07/02 14:16:07 | 000,006,989 | ---- | C] () -- C:\Users\philippe leclercq\MCCI_BUS.INF [2011/07/02 14:16:07 | 000,006,141 | ---- | C] () -- C:\Users\philippe leclercq\USBMOT2000XP.INF [2011/07/02 14:16:07 | 000,005,960 | ---- | C] () -- C:\Users\philippe leclercq\USB_MOT_A1000.INF [2011/07/02 14:16:07 | 000,005,880 | ---- | C] () -- C:\Users\philippe leclercq\USB_CMCS_2000.INF [2011/07/02 14:16:07 | 000,004,477 | ---- | C] () -- C:\Users\philippe leclercq\MCCI_SDM.INF [2011/07/02 14:15:51 | 000,114,656 | ---- | C] () -- C:\Users\philippe leclercq\1309608951-(null) - Copie [2011/07/02 14:15:51 | 000,067,229 | ---- | C] () -- C:\Users\philippe leclercq\1309608951-(null) [2011/06/28 22:36:23 | 000,000,069 | ---- | C] () -- C:\windows\NeroDigital.ini [2011/01/29 18:00:22 | 000,974,848 | ---- | C] () -- C:\windows\System32\cis-2.4.dll [2011/01/29 18:00:22 | 000,081,920 | ---- | C] () -- C:\windows\System32\issacapi_bs-2.3.dll [2011/01/29 18:00:22 | 000,065,536 | ---- | C] () -- C:\windows\System32\issacapi_pe-2.3.dll [2011/01/29 18:00:22 | 000,057,344 | ---- | C] () -- C:\windows\System32\issacapi_se-2.3.dll [2010/12/09 22:59:29 | 000,000,000 | ---- | C] () -- C:\windows\mtstack.INI [2010/12/08 00:01:30 | 000,000,376 | ---- | C] () -- C:\windows\ODBC.INI [2010/12/07 23:34:10 | 000,033,134 | ---- | C] () -- C:\Users\philippe leclercq\AppData\Roaming\UserTile.png [2010/12/07 23:25:38 | 000,015,872 | ---- | C] () -- C:\Users\philippe leclercq\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/12/07 22:26:48 | 000,045,056 | ---- | C] () -- C:\windows\System32\mtstack.exe [2010/12/04 23:11:02 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll [2010/12/04 20:42:50 | 000,006,144 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS [2010/12/04 19:29:57 | 000,000,117 | ---- | C] () -- C:\windows\TmPfw.ini [2010/12/04 19:12:53 | 000,004,692 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat [2010/12/04 19:12:53 | 000,000,008 | ---- | C] () -- C:\windows\System32\drivers\rtkhdaud.dat [2010/06/24 18:10:26 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== Custom Scans ========== < HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\prevhost.exe: 8000 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\sllauncher.exe: 8000 < HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs > < HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs > < hklm\software\clients\startmenuinternet|command /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2010/11/20 14:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2010/11/20 14:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2010/11/20 14:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2010/11/20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2010/11/20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) < hklm\software\clients\startmenuinternet|command /64 /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\philippe leclercq\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/08/14 06:31:01 | 001,229,848 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2010/11/20 14:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2010/11/20 14:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2010/11/20 14:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2010/11/20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2010/11/20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) < HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s > "timer" = timer.drv -- [2009/07/13 23:41:39 | 000,004,048 | ---- | M] (Microsoft Corporation) < HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s > "C:\Windows\System32\l3codeca.acm" = Fraunhofer IIS MPEG Layer-3 Codec "wdmaud.drv" = Realtek High Definition Audio "vfwwdm32.dll" = WDM Video For Windows Capture Driver (Win32) "sirenacm.dll" = Messenger Audio Codec < %temp%\smtmp\1\*.* /s > < %temp%\smtmp\2\*.* /s > < %temp%\smtmp\4\*.* /s > < nslookup Google /c > DNS request timed out. timeout was 2 seconds. Serveur : UnKnown Address: 172.16.48.242 < %systemroot%\system32\drivers\*.sys /lockedfiles > [2010/05/15 17:30:50 | 000,461,400 | ---- | M] (Check Point Software Technologies LTD) Unable to obtain MD5 -- C:\windows\system32\drivers\vsdatant.sys < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/07/14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\LocationApi.dll [1 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < End of report >
  13. Bonjour J'ai en permanence des fenêtres qui s'ouvrent d'une façon intempestive de chez ACTU: Comment gagner de l'argent facile avec les options binaires pouvez vous m'aider ? Merci
  14. # AdwCleaner v1.703 - Rapport créé le 27/07/2012 à 20:08:13 # Mis à jour le 20/07/2012 par Xplode # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits) # Nom d'utilisateur : marion - PORTABLEAMARION # Exécuté depuis : C:\Users\marion\Downloads\adwcleaner.exe # Option [suppression] ***** [services] ***** Arrêté & Supprimé : supdate ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Users\marion\AppData\Local\Babylon Dossier Supprimé : C:\Users\marion\AppData\Local\Conduit Dossier Supprimé : C:\Users\marion\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0 Dossier Supprimé : C:\Users\marion\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Dossier Supprimé : C:\Users\marion\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaihkehdlhkocphopopahkfjcfcphef Dossier Supprimé : C:\Users\marion\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} Dossier Supprimé : C:\Users\marion\AppData\Local\I Want This Dossier Supprimé : C:\Users\marion\AppData\Local\Ilivid Player Dossier Supprimé : C:\Users\marion\AppData\LocalLow\BabylonToolbar Dossier Supprimé : C:\Users\marion\AppData\LocalLow\Conduit Dossier Supprimé : C:\Users\marion\AppData\LocalLow\searchquband Dossier Supprimé : C:\Users\marion\AppData\LocalLow\Searchqutoolbar Dossier Supprimé : C:\Users\marion\AppData\Roaming\Babylon Dossier Supprimé : C:\Users\marion\AppData\Roaming\Mozilla\Firefox\Profiles\oqexwpxc.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} Dossier Supprimé : C:\Users\marion\AppData\Roaming\Mozilla\Firefox\Profiles\oqexwpxc.default\extensions\[email protected] Dossier Supprimé : C:\ProgramData\Babylon Dossier Supprimé : C:\ProgramData\boost_interprocess Dossier Supprimé : C:\ProgramData\SweetIM Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly Supprimé au redémarrage : C:\Program Files (x86)\BabylonToolbar Dossier Supprimé : C:\Program Files (x86)\Boxore Supprimé au redémarrage : C:\Program Files (x86)\Conduit Supprimé au redémarrage : C:\Program Files (x86)\DealPly Dossier Supprimé : C:\Program Files (x86)\I Want This Dossier Supprimé : C:\Program Files (x86)\Ilivid Supprimé au redémarrage : C:\Program Files (x86)\Searchqu Toolbar Dossier Supprimé : C:\Program Files (x86)\SweetIM Dossier Supprimé : C:\Program Files (x86)\Vuze_Remote Supprimé au redémarrage : C:\Program Files (x86)\Windows Searchqu Toolbar Dossier Supprimé : C:\Windows\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3} Fichier Supprimé : C:\Users\marion\AppData\Roaming\Mozilla\Firefox\Profiles\oqexwpxc.default\searchplugins\SweetIm.xml ***** [Registre] ***** [*] Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO [*] Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO.1 [*] Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi [*] Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi.1 [*] Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox [*] Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox.1 [*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT1750559 [*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2613520 Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit Clé Supprimée : HKCU\Software\AppDataLow\Software\I Want This Clé Supprimée : HKCU\Software\AppDataLow\Software\searchqutoolbar Clé Supprimée : HKCU\Software\AppDataLow\Toolbar Clé Supprimée : HKCU\Software\BabylonToolbar Clé Supprimée : HKCU\Software\Conduit Clé Supprimée : HKCU\Software\Cr_Installer Clé Supprimée : HKCU\Software\DataMngr Clé Supprimée : HKCU\Software\DataMngr_Toolbar Clé Supprimée : HKCU\Software\DealPly Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Clé Supprimée : HKCU\Software\ilivid Clé Supprimée : HKCU\Software\Softonic Clé Supprimée : HKCU\Software\SweetIm Clé Supprimée : HKLM\SOFTWARE\Babylon Clé Supprimée : HKLM\SOFTWARE\BabylonToolbar Clé Supprimée : HKLM\SOFTWARE\Boxore Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Clé Supprimée : HKLM\SOFTWARE\Classes\b Clé Supprimée : HKLM\SOFTWARE\Classes\Babylon.dskBnd Clé Supprimée : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Clé Supprimée : HKLM\SOFTWARE\Classes\bbylnApp.appCore Clé Supprimée : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8 Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8 Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160 Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24 Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Clé Supprimée : HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.software.oneclickctrl.8 Clé Supprimée : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard Clé Supprimée : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 Clé Supprimée : HKLM\SOFTWARE\Classes\sim-packages Clé Supprimée : HKLM\SOFTWARE\Classes\Software.OneClickCtrl.8 Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass.1 Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine.1.0 Clé Supprimée : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar Clé Supprimée : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1 Clé Supprimée : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook Clé Supprimée : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.sweetie Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1 Clé Supprimée : HKLM\SOFTWARE\Conduit Clé Supprimée : HKLM\SOFTWARE\DataMngr Clé Supprimée : HKLM\SOFTWARE\DealPly Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\jeaihkehdlhkocphopopahkfjcfcphef Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ForceRenive Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{006E6A46-8D55-4F10-BBA8-2C9653B4278B} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6084C211-01A1-464E-97A0-09772E122B50} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 0 MediaBar Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar Clé Supprimée : HKLM\SOFTWARE\Moovida Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8 Clé Supprimée : HKLM\SOFTWARE\SearchquMediabarTb Clé Supprimée : HKLM\SOFTWARE\Software Clé Supprimée : HKLM\SOFTWARE\SweetIM Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [boxore Client] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [sweetIM] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [sweetpacks Communicator] Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{9CD2384C-143B-4790-A075-E7FEFE2A554B}] [x64] Clé Supprimée : HKLM\SOFTWARE\DataMngr [x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160 [x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24 [x64] Clé Supprimée : HKLM\SOFTWARE\Software ***** [Registre - GUID] ***** Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{092A2C6B-43EE-4F9F-8F8E-14ED5E11C14B} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011221158} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022222258} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{257A6158-1416-4B31-9BF8-29FF49F3814F} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{32451DFC-C23B-4E12-866C-FC7982238504} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033223358} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7555B87D-D711-48B2-B97D-04DF700652BA} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AC5C4189-A8A0-4C9D-8910-C9CEF8360077} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C9FC4C5A-2C9B-4E41-8DA2-2F379D74CF45} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055225558} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{736EF78E-5A04-46F9-893E-EDEC6EA5DF45} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7A1BCE27-099C-4628-B63A-AEC00C6376B3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AF3AFF7C-B9E9-48DD-9002-212B6DEAAC02} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DBE82879-914A-422F-BAE9-2ECC80BE536F} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E12D7149-73EF-45E4-A1E9-99FD7DAE62D3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F2B184F1-547C-4EE9-BFC4-AC489C7077D9} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044224458} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7555B87D-D711-48B2-B97D-04DF700652BA} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9FC4C5A-2C9B-4E41-8DA2-2F379D74CF45} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7555B87D-D711-48B2-B97D-04DF700652BA} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C9FC4C5A-2C9B-4E41-8DA2-2F379D74CF45} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}] Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}] [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055225558} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} [x64] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} [x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} [x64] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0} ***** [Navigateurs] ***** -\\ Internet Explorer v9.0.8112.16421 Remplacé : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10016&barid={5AE97EE4-862A-467C-8CF3-4731662F2CA8} --> hxxp://www.google.com Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchnu.com/406 --> hxxp://www.google.com -\\ Mozilla Firefox v [impossible d'obtenir la version] Nom du profil : default Fichier : C:\Users\marion\AppData\Roaming\Mozilla\Firefox\Profiles\oqexwpxc.default\prefs.js C:\Users\marion\AppData\Roaming\Mozilla\Firefox\Profiles\oqexwpxc.default\user.js ... Supprimé ! Supprimée : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Supprimée : user_pref("CT2504091.CTID", "CT2504091"); Supprimée : user_pref("CT2504091.CurrentServerDate", "28-8-2010"); Supprimée : user_pref("CT2504091.DialogsAlignMode", "LTR"); Supprimée : user_pref("CT2504091.DownloadReferralCookieData", ""); Supprimée : user_pref("CT2504091.EMailNotifierPollDate", "Sat Aug 28 2010 04:20:05 GMT+0200"); Supprimée : user_pref("CT2504091.FeedLastCount129079840422964131", 10); Supprimée : user_pref("CT2504091.FeedPollDate128891351169457140", "Sat Aug 28 2010 05:35:05 GMT+0200"); Supprimée : user_pref("CT2504091.FeedPollDate129079840422964131", "Sat Aug 28 2010 03:35:07 GMT+0200"); Supprimée : user_pref("CT2504091.FeedTTL128891351169457140", 40); Supprimée : user_pref("CT2504091.FirstServerDate", "28-8-2010"); Supprimée : user_pref("CT2504091.FirstTime", true); Supprimée : user_pref("CT2504091.FirstTimeFF3", true); Supprimée : user_pref("CT2504091.FirstTimeSettingsDone", true); Supprimée : user_pref("CT2504091.FixPageNotFoundErrors", true); Supprimée : user_pref("CT2504091.GroupingServerCheckInterval", 1440); Supprimée : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Supprimée : user_pref("CT2504091.Initialize", true); Supprimée : user_pref("CT2504091.InitializeCommonPrefs", true); Supprimée : user_pref("CT2504091.InstallationAndCookieDataSentCount", 2); Supprimée : user_pref("CT2504091.InstallationType", "UnknownIntegration"); Supprimée : user_pref("CT2504091.InstalledDate", "Sat Aug 28 2010 01:35:05 GMT+0200"); Supprimée : user_pref("CT2504091.IsGrouping", false); Supprimée : user_pref("CT2504091.IsMulticommunity", false); Supprimée : user_pref("CT2504091.IsOpenThankYouPage", false); Supprimée : user_pref("CT2504091.IsOpenUninstallPage", false); Supprimée : user_pref("CT2504091.LanguagePackLastCheckTime", "Sat Aug 28 2010 01:35:07 GMT+0200"); Supprimée : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440); Supprimée : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Supprimée : user_pref("CT2504091.LastLogin_2.7.2.0", "Sat Aug 28 2010 05:35:06 GMT+0200"); Supprimée : user_pref("CT2504091.LatestVersion", "2.7.2.0"); Supprimée : user_pref("CT2504091.Locale", "en-us"); Supprimée : user_pref("CT2504091.LoginCache", 4); Supprimée : user_pref("CT2504091.MCDetectTooltipHeight", "83"); Supprimée : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Supprimée : user_pref("CT2504091.MCDetectTooltipWidth", "295"); Supprimée : user_pref("CT2504091.SearchFromAddressBarIsInit", true); Supprimée : user_pref("CT2504091.SearchInNewTabEnabled", true); Supprimée : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440); Supprimée : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Sat Aug 28 2010 01:35:05 GMT+0200"); Supprimée : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Supprimée : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Supprimée : user_pref("CT2504091.SettingsCheckIntervalMin", 120); Supprimée : user_pref("CT2504091.SettingsLastCheckTime", "Sat Aug 28 2010 01:35:04 GMT+0200"); Supprimée : user_pref("CT2504091.SettingsLastUpdate", "1281645367"); Supprimée : user_pref("CT2504091.ThirdPartyComponentsInterval", 504); Supprimée : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Sat Aug 28 2010 01:35:03 GMT+0200"); Supprimée : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1246790578"); Supprimée : user_pref("CT2504091.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...] Supprimée : user_pref("CT2504091.UserID", "UN47128897205225606"); Supprimée : user_pref("CT2504091.ValidationData_Toolbar", 1); Supprimée : user_pref("CT2504091.alertChannelId", "897164"); Supprimée : user_pref("CT2504091.clientLogIsEnabled", true); Supprimée : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Supprimée : user_pref("CT2504091.myStuffEnabled", true); Supprimée : user_pref("CT2504091.myStuffPublihserMinWidth", 400); Supprimée : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Supprimée : user_pref("CT2504091.myStuffServiceIntervalMM", 1440); Supprimée : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Supprimée : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Supprimée : user_pref("browser.startup.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10016&barid={5AE97EE4-[...] Supprimée : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "www.google.fr"); Supprimée : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10016&barid={5AE9[...] Supprimée : user_pref("browser.search.defaultenginename", "SweetIM Search"); Supprimée : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); Supprimée : user_pref("browser.search.selectedEngine", "SweetIM Search"); Supprimée : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); -\\ Google Chrome v20.0.1132.57 Fichier : C:\Users\marion\AppData\Local\Google\Chrome\User Data\Default\Preferences Supprimée : "homepage": "hxxp://www.searchnu.com/406", Supprimée : "urls_to_restore_on_startup": [ "hxxp://www.searchnu.com/406", "hxxp://www.google.fr/" ] Supprimée : "name": "Search Results", Supprimée : "search_url": "hxxp://dts.search-results.com/sr?src=crb&appid=101&systemid=406&sr=0&q={searchT[...] Supprimée : "description": "SweetIm for Facebook", Supprimée : "name": "SweetIM for Facebook", Supprimée : "homepage": "hxxp://www.searchnu.com/406", Supprimée : "urls_to_restore_on_startup": [ "hxxp://www.searchnu.com/406", "hxxp://www.google.fr/" ] ************************* AdwCleaner[R1].txt - [40397 octets] - [27/07/2012 20:03:39] AdwCleaner[s1].txt - [31744 octets] - [27/07/2012 20:08:13] ########## EOF - C:\AdwCleaner[s1].txt - [31873 octets] ########## Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Version de la base de données: v2012.07.27.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 marion :: PORTABLEAMARION [administrateur] Protection: Activé 27/07/2012 20:32:44 mbam-log-2012-07-27 (20-32-44).txt Type d'examen: Examen complet (C:\|D:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 365882 Temps écoulé: 1 heure(s), 44 minute(s), 55 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 8 C:\Users\marion\Downloads\freeyoutubetomp3_telechargement_01net.exe (PUP.Toolbar.Repacked) -> Mis en quarantaine et supprimé avec succès. C:\Users\marion\Downloads\SoftonicDownloader_pour_winds-pro (1).exe (PUP.ToolbarDownloader) -> Mis en quarantaine et supprimé avec succès. C:\Users\marion\Downloads\SoftonicDownloader_pour_winds-pro (2).exe (PUP.ToolbarDownloader) -> Mis en quarantaine et supprimé avec succès. C:\Users\marion\Downloads\SoftonicDownloader_pour_winds-pro (3).exe (PUP.ToolbarDownloader) -> Mis en quarantaine et supprimé avec succès. C:\Users\marion\Downloads\SoftonicDownloader_pour_winds-pro.exe (PUP.ToolbarDownloader) -> Mis en quarantaine et supprimé avec succès. C:\Users\marion\Downloads\video_downloader (1).exe (PUP.BundleInstaller.VG) -> Mis en quarantaine et supprimé avec succès. C:\Users\marion\Downloads\video_downloader (2).exe (PUP.BundleInstaller.VG) -> Mis en quarantaine et supprimé avec succès. C:\Users\marion\Downloads\video_downloader.exe (PUP.BundleInstaller.VG) -> Mis en quarantaine et supprimé avec succès. (fin)
×
×
  • Créer...