mimic8535

Membres

Afficher le profil Afficher son activité

Compteur de contenus
21
Inscription
le 14 avril 2009
Dernière visite
le 28 juillet 2011

mimic8535's Achievements

Member (4/12)

Réputation sur la communauté

fenetre publicitaire intempestive

mimic8535 a répondu à un(e) sujet de mimic8535 dans Analyses et éradication malwares

Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Version de la base de données: 7299 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 27/07/2011 22:51:27 mbam-log-2011-07-27 (22-51-27).txt Type d'examen: Examen complet (C:\|D:\|E:\|) Elément(s) analysé(s): 367437 Temps écoulé: 1 heure(s), 14 minute(s), 32 seconde(s) Processus mémoire infecté(s): 1 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 10 Processus mémoire infecté(s): c:\program files\ESET\minodlogin\minodlogin.exe (Riskware.KG) -> 2068 -> Not selected for removal. Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MiNODLogin (Riskware.KG) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\program files\ESET\minodlogin\minodlogin.exe (Riskware.KG) -> Not selected for removal. c:\program files\ESET\minodlogin\minodloginuninst.exe (Riskware.KG) -> Not selected for removal. c:\program files\MAGIX\video_deluxe_16_premium\blz-magix.video.deluxe.16.premium.exe (PUP.Hacktool.Patcher) -> Not selected for removal. c:\Qoobox\quarantine\C\program files\ESET\minodlogin\minodlogin.exe.vir (Riskware.KG) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\program files\ESET\minodlogin\minodloginuninst.exe.vir (Riskware.KG) -> Quarantined and deleted successfully. c:\Qoobox\quarantine\C\Users\yannick\AppData\Roaming\windowsupdate\windowsupdate.exe.vir (Trojan.Banker) -> Quarantined and deleted successfully. c:\Users\yannick\Desktop\xvid_setup1.2.2-win32.exe (Trojan.Dropper) -> Quarantined and deleted successfully. d:\LOGICIEL\ghost\ngh15.0+keygen_recovery\ngh15.0+keygen_recovery\KEYGEN\keygen.exe (Trojan.Agent) -> Not selected for removal. d:\LOGICIEL\antivirus\nod32 4 64 bit\nod32 4 64 bit\minodlogin\elf 3.9.7.0.exe (Riskware.KG) -> Not selected for removal. d:\LOGICIEL\utilitaire disque dur ubcd\disk director suite 10 fr by gl4t0r\acronis keygen.exe (RiskWare.Tool.HCK) -> Not selected for removal.
- le 27 juillet 2011
- 9 réponses
fenetre publicitaire intempestive

mimic8535 a répondu à un(e) sujet de mimic8535 dans Analyses et éradication malwares

c'est en cour
- le 27 juillet 2011
- 9 réponses
fenetre publicitaire intempestive

mimic8535 a répondu à un(e) sujet de mimic8535 dans Analyses et éradication malwares

resultat clean 1 ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 11:45:54 le 27/06/2011, Mode normal Microsoft Windows 7 Édition Intégrale (X86) yannick@YANNICK-PC (MSI MS-7369) ============== ACTION(S) ============== Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js Fichier supprimé: C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default\searchplugins\ask.xml Dossier supprimé: C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default\conduit Fichier supprimé: C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default\searchplugins\conduit.xml Fichier supprimé: C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default\searchplugins\fissa.xml Dossier supprimé: C:\Users\yannick\AppData\LocalLow\Conduit Dossier supprimé: C:\Program Files\Conduit Dossier supprimé: C:\Users\yannick\AppData\Roaming\FissaSearch Dossier supprimé: C:\Users\yannick\AppData\LocalLow\PriceGong Dossier supprimé: C:\Users\yannick\AppData\LocalLow\Toolbar4 (!) -- Fichiers temporaires supprimés. -- Fichier ouvert: C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default\Prefs.js -- Ligne supprimée: user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER... Ligne supprimée: user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/897164/892962/FR", "\"0\"")... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", ... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091",... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2504091/CT2504091... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"... Ligne supprimée: user_pref("CommunityToolbar.EngineHiddenByUser", true); Ligne supprimée: user_pref("CommunityToolbar.EngineOwner", ""); Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerGuid", "{ba14329e-9550-4989-b3f2-9732e92d17cc}"); Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "vuze_remote"); Ligne supprimée: user_pref("CommunityToolbar.IsEngineShown", false); Ligne supprimée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Ligne supprimée: user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\yannick\\AppData\\Roaming\\Mozilla\... Ligne supprimée: user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12"); Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2504091"); Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{ba14329e-9550-4989-b3f2-9732e92d17cc}"); Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "vuze_remote"); Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://toolbar.ask.com/toolbarv/askRedir... Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT2504091"); Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2504091"); Ligne supprimée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Apr 03 2011 15:35:52 GMT+02... Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Apr 11 2011 14:54:09 GMT+0200"); Ligne supprimée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Ligne supprimée: user_pref("CommunityToolbar.alert.locale", "en"); Ligne supprimée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 00:12:59 GMT+0200"); Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559"); Ligne supprimée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Ligne supprimée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Ligne supprimée: user_pref("CommunityToolbar.alert.showTrayIcon", false); Ligne supprimée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Ligne supprimée: user_pref("CommunityToolbar.alert.userId", "55d25f6c-d86d-4018-96e7-aec2eadd1ae2"); Ligne supprimée: user_pref("CommunityToolbar.globalUserId", "646b51f2-72b9-4bac-a224-a620000ed690"); Ligne supprimée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Ligne supprimée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2504091"); Ligne supprimée: user_pref("CommunityToolbar.killedEngine", true); Ligne supprimée: user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Jun 27 2011 09:39:4... Ligne supprimée: user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440); Ligne supprimée: user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Jun 27 2011 10:39:59 GMT+020... Ligne supprimée: user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Ligne supprimée: user_pref("CommunityToolbar.notifications.locale", "en"); Ligne supprimée: user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Ligne supprimée: user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Jun 27 2011 09:39:43 GMT+0200"); Ligne supprimée: user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559"); Ligne supprimée: user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Ligne supprimée: user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Ligne supprimée: user_pref("CommunityToolbar.notifications.showTrayIcon", false); Ligne supprimée: user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Ligne supprimée: user_pref("CommunityToolbar.notifications.userId", "64473b46-ac14-474e-bbc4-61eb3f8c19b5"); Ligne supprimée: user_pref("CommunityToolbar.undefined", ""); Ligne supprimée: user_pref("browser.search.defaultenginename", "Ask"); Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&Sea... Ligne supprimée: user_pref("browser.search.order.1", "Ask"); Ligne supprimée: user_pref("extensions.Fissa.Uninstall.lastRunTime", "Sun, 21 Nov 2010 19:18:08 GMT"); Ligne supprimée: user_pref("extensions.Fissa.lastRunTime", "Mon, 08 Nov 2010 08:51:07 GMT"); Ligne supprimée: user_pref("extensions.snipit.askTbInstalled", true); Ligne supprimée: user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&g... Ligne supprimée: user_pref("extensions.snipit.history_query", "carto%20explorer=ASKURL=hxxp://www.ask.com/web?q=carto... Ligne supprimée: user_pref("keyword.URL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q="); -- Fichier Fermé -- Clé supprimée: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115 Clé supprimée: HKLM\Software\Classes\Toolbar.CT2565816 Clé supprimée: HKLM\Software\Conduit Clé supprimée: HKCU\Software\Conduit Clé supprimée: HKCU\Software\FissaSearch Clé supprimée: HKCU\Software\Spointer Clé supprimée: HKCU\Software\AppDataLow\Toolbar Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit Clé supprimée: HKCU\Software\AppDataLow\Software\PriceGong Clé supprimée: HKLM\Software\Classes\Installer\Products\5B4758C25396ECF468E04F8E063287FF Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\5B4758C25396ECF468E04F8E063287FF Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9} Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C8574B5-6935-4FCE-860E-F4E8602378FF} Clé supprimée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [5.0 (fr)] **** Plugins\npDivxPlayerPlugin.dll (DivX, Inc) HKLM_MozillaPlugins\@nvidia.com/3DVision (x) Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=9cc2e04000000000000000ffe929afc9&tlver=1.4.19.19&affID=16553/) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Components\browsercomps.dll (Mozilla Foundation) Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension ) Extensions - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}" (?) HKLM_Extensions|{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ -- C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default -- Extensions\cacaoweb@cacaoweb.org (cacaoweb) Extensions\maps@ovi.com (Ovi maps browser plugin) Extensions\toolbar@mc.xul (Ma Galerie Marchande Mastercard) Extensions\{038dc421-b19e-4711-a218-1fd10de9163b} (Add N Edit Cookies) Extensions\{181F4BBC-2453-40D2-B42C-3135E3B07C7B} (Free software Gooofull toolbar) Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox) Extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6} (Mega Manager Integration) Extensions\{75493B06-1504-4976-9A55-B6FE240FF0BF} (Barre de Confiance) Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar) Searchplugins\munlock.xml (?) Prefs.js - browser.download.dir, C:\\Users\\yannick\\Downloads Prefs.js - browser.download.lastDir, C:\\Users\\yannick\\Desktop Prefs.js - browser.search.selectedEngine, Search the web (Babylon) Prefs.js - browser.startup.homepage, about:home Prefs.js - browser.startup.homepage_override.buildID, 20110615151330 Prefs.js - browser.startup.homepage_override.mstone, rv:5.0 ======================================== **** Internet Explorer Version [8.0.7600.16385] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll) HKLM_URLSearchHooks|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll) HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2E3B} - "Google Customized Web Search" (hxxp://www.gooofullsearch.com/google?q={searchTerms}&cx=partner-pub-644651472115...) HKCU_SearchScopes\{10EDAC71-1851-473a-BE8E-5D77C8FE5129} - "Ask.com" (hxxp://www.ask.com/web?o=101450&l=dis&q={searchTerms}) HKCU_SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} - "Private Search" (hxxp://search.hotspotshield.com/g/results.php?c=s&q={searchTerms}) HKCU_Toolbar\WebBrowser|{F6AF0697-CE5D-4718-AC5E-6613B6B3DF09} (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll) HKCU_Toolbar\WebBrowser|{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll) HKLM_Toolbar|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll) HKLM_Toolbar|{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll) HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?) HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?) HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?) HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (x) HKLM_ElevationPolicy\4aed5353-b216-4651-a7dc-a1d5eef1eefd - C:\Program Files\HotSpot_Shield_FR\HotSpot_Shield_FRToolbarHelper.exe (?) HKLM_ElevationPolicy\b1226fbd-2bdd-4632-a5f0-897ea3eb7666 - C:\Program Files\HotSpot_Shield_FR\HotSpot_Shield_FRToolbarHelper.exe (?) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x) HKLM_ElevationPolicy\{11AF66E1-6BDE-4AA0-A061-65188608936B} - C:\Program Files\PDF Enhancer 3.5\PlayerPlug.exe (?) HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?) HKLM_ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} - C:\Program Files\PDF Enhancer 3.5\TbHelper2.exe (?) HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{973F1DA1-9BE8-49C1-A68D-EAA0D9847898} - C:\Program Files\PDF Enhancer 3.5\PropMgrAsync.exe (?) HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR) HKLM_ElevationPolicy\{BB8A9962-452A-4a00-814E-650B96EAA0D2} - C:\ProgramData\webex\atinst.exe (WebEx Communications, Inc) HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?) HKLM_Extensions\{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - "Free software Gooofull toolbar" (C:\Program Files\PDF Enhancer 3.5\favicon.ico) HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?) BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll) BHO\{C4743D3E-20D7-4B52-84F2-5E4E277B2D82} - "BywifiBHO Class" (C:\Program Files\Bywifi\bywifiie.dll) BHO\{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll) BHO\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} - "TBSB07458 Class" (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 72 Fichier(s) C:\Program Files\Ad-Remover\Backup: 18 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 27/06/2011 11:45:58 (17104 Octet(s)) C:\Ad-Report-SCAN[1].txt - 27/06/2011 11:19:42 (20313 Octet(s)) C:\Ad-Report-SCAN[2].txt - 27/06/2011 11:37:11 (18403 Octet(s)) C:\Ad-Report-SCAN[3].txt - 27/06/2011 11:40:08 (18534 Octet(s)) Fin à: 11:53:53, 27/06/2011 ============== E.O.F ============== clean 2 ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 20:53:39 le 27/07/2011, Mode normal Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) yannick@YANNICK-PC (MSI MS-7369) ============== ACTION(S) ============== Dossier supprimé: C:\Users\yannick\AppData\LocalLow\Toolbar4 (!) -- Fichiers temporaires supprimés. -- Fichier ouvert: C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default\Prefs.js -- Ligne supprimée: user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER... Ligne supprimée: user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/897164/892962/FR", "\"0\"")... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", ... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091",... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2504091&octid=... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2504091/CT2504091... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"... Ligne supprimée: user_pref("CommunityToolbar.EngineHiddenByUser", true); Ligne supprimée: user_pref("CommunityToolbar.EngineOwner", ""); Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerGuid", "{ba14329e-9550-4989-b3f2-9732e92d17cc}"); Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "vuze_remote"); Ligne supprimée: user_pref("CommunityToolbar.IsEngineShown", false); Ligne supprimée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Ligne supprimée: user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\yannick\\AppData\\Roaming\\Mozilla\... Ligne supprimée: user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12"); Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2504091"); Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{ba14329e-9550-4989-b3f2-9732e92d17cc}"); Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "vuze_remote"); Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://toolbar.ask.com/toolbarv/askRedir... Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT2504091"); Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2504091"); Ligne supprimée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Apr 03 2011 15:35:52 GMT+02... Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Apr 11 2011 14:54:09 GMT+0200"); Ligne supprimée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Ligne supprimée: user_pref("CommunityToolbar.alert.locale", "en"); Ligne supprimée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 00:12:59 GMT+0200"); Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559"); Ligne supprimée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Ligne supprimée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Ligne supprimée: user_pref("CommunityToolbar.alert.showTrayIcon", false); Ligne supprimée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Ligne supprimée: user_pref("CommunityToolbar.alert.userId", "55d25f6c-d86d-4018-96e7-aec2eadd1ae2"); Ligne supprimée: user_pref("CommunityToolbar.globalUserId", "646b51f2-72b9-4bac-a224-a620000ed690"); Ligne supprimée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Ligne supprimée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2504091"); Ligne supprimée: user_pref("CommunityToolbar.killedEngine", true); Ligne supprimée: user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Jul 25 2011 16:29:1... Ligne supprimée: user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440); Ligne supprimée: user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Jul 27 2011 19:46:48 GMT+020... Ligne supprimée: user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Ligne supprimée: user_pref("CommunityToolbar.notifications.locale", "en"); Ligne supprimée: user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Ligne supprimée: user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Jul 27 2011 19:46:40 GMT+0200"); Ligne supprimée: user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559"); Ligne supprimée: user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Ligne supprimée: user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Ligne supprimée: user_pref("CommunityToolbar.notifications.showTrayIcon", false); Ligne supprimée: user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Ligne supprimée: user_pref("CommunityToolbar.notifications.userId", "64473b46-ac14-474e-bbc4-61eb3f8c19b5"); Ligne supprimée: user_pref("CommunityToolbar.undefined", ""); Ligne supprimée: user_pref("browser.search.defaultenginename", "Ask"); Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&Sea... Ligne supprimée: user_pref("browser.search.order.1", "Ask"); Ligne supprimée: user_pref("extensions.Fissa.Uninstall.lastRunTime", "Sun, 21 Nov 2010 19:18:08 GMT"); Ligne supprimée: user_pref("extensions.Fissa.lastRunTime", "Mon, 08 Nov 2010 08:51:07 GMT"); Ligne supprimée: user_pref("extensions.snipit.askTbInstalled", true); Ligne supprimée: user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&g... Ligne supprimée: user_pref("extensions.snipit.history_query", "carto%20explorer=ASKURL=hxxp://www.ask.com/web?q=carto... Ligne supprimée: user_pref("keyword.URL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q="); -- Fichier Fermé -- Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [4.0 (fr)] **** Plugins\npDivxPlayerPlugin.dll (DivX, Inc) HKLM_MozillaPlugins\@nvidia.com/3DVision (x) Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=9cc2e04000000000000000ffe929afc9&tlver=1.4.19.19&affID=16553/) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Components\browsercomps.dll (Mozilla Foundation) Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension ) Extensions - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}" (?) HKLM_Extensions|{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ -- C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default -- Extensions\cacaoweb@cacaoweb.org (cacaoweb) Extensions\maps@ovi.com (Ovi maps browser plugin) Extensions\toolbar@mc.xul (Ma Galerie Marchande Mastercard) Extensions\{038dc421-b19e-4711-a218-1fd10de9163b} (Add N Edit Cookies) Extensions\{181F4BBC-2453-40D2-B42C-3135E3B07C7B} (Free software Gooofull toolbar) Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox) Extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6} (Mega Manager Integration) Extensions\{75493B06-1504-4976-9A55-B6FE240FF0BF} (Barre de Confiance) Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar) Searchplugins\munlock.xml (?) Prefs.js - browser.download.dir, C:\\Users\\yannick\\Downloads Prefs.js - browser.download.lastDir, C:\\Users\\yannick\\Desktop Prefs.js - browser.search.selectedEngine, Search the web (Babylon) Prefs.js - browser.startup.homepage, hxxp://www.sfr.fr Prefs.js - browser.startup.homepage_override.buildID, 20110318052756 Prefs.js - browser.startup.homepage_override.mstone, rv:2.0 ======================================== **** Internet Explorer Version [8.0.7601.17514] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll) HKLM_URLSearchHooks|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll) HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2E3B} - "Google Customized Web Search" (hxxp://www.gooofullsearch.com/google?q={searchTerms}&cx=partner-pub-644651472115...) HKCU_SearchScopes\{10EDAC71-1851-473a-BE8E-5D77C8FE5129} - "Ask.com" (hxxp://www.ask.com/web?o=101450&l=dis&q={searchTerms}) HKCU_SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} - "Private Search" (hxxp://search.hotspotshield.com/g/results.php?c=s&q={searchTerms}) HKCU_Toolbar\WebBrowser|{F6AF0697-CE5D-4718-AC5E-6613B6B3DF09} (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll) HKCU_Toolbar\WebBrowser|{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll) HKLM_Toolbar|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll) HKLM_Toolbar|{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll) HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?) HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?) HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?) HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (x) HKLM_ElevationPolicy\4aed5353-b216-4651-a7dc-a1d5eef1eefd - C:\Program Files\HotSpot_Shield_FR\HotSpot_Shield_FRToolbarHelper.exe (?) HKLM_ElevationPolicy\b1226fbd-2bdd-4632-a5f0-897ea3eb7666 - C:\Program Files\HotSpot_Shield_FR\HotSpot_Shield_FRToolbarHelper.exe (?) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x) HKLM_ElevationPolicy\{11AF66E1-6BDE-4AA0-A061-65188608936B} - C:\Program Files\PDF Enhancer 3.5\PlayerPlug.exe (?) HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?) HKLM_ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} - C:\Program Files\PDF Enhancer 3.5\TbHelper2.exe (?) HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{973F1DA1-9BE8-49C1-A68D-EAA0D9847898} - C:\Program Files\PDF Enhancer 3.5\PropMgrAsync.exe (?) HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR) HKLM_ElevationPolicy\{BB8A9962-452A-4a00-814E-650B96EAA0D2} - C:\ProgramData\webex\atinst.exe (WebEx Communications, Inc) HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?) HKLM_Extensions\{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - "Free software Gooofull toolbar" (C:\Program Files\PDF Enhancer 3.5\favicon.ico) HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?) BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll) BHO\{C4743D3E-20D7-4B52-84F2-5E4E277B2D82} - "BywifiBHO Class" (C:\Program Files\Bywifi\bywifiie.dll) BHO\{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll) BHO\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} - "TBSB07458 Class" (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 72 Fichier(s) C:\Program Files\Ad-Remover\Backup: 33 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 27/06/2011 11:45:58 (17442 Octet(s)) C:\Ad-Report-CLEAN[2].txt - 27/07/2011 20:53:44 (14902 Octet(s)) C:\Ad-Report-SCAN[1].txt - 27/06/2011 11:19:42 (20313 Octet(s)) C:\Ad-Report-SCAN[2].txt - 27/06/2011 11:37:11 (18403 Octet(s)) C:\Ad-Report-SCAN[3].txt - 27/06/2011 11:40:08 (18534 Octet(s)) C:\Ad-Report-SCAN[4].txt - 27/07/2011 20:39:24 (15199 Octet(s)) Fin à: 21:01:40, 27/07/2011 ============== E.O.F ==============
- le 27 juillet 2011
- 9 réponses
fenetre publicitaire intempestive

mimic8535 a répondu à un(e) sujet de mimic8535 dans Analyses et éradication malwares

voici le resultat de ad remover ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [4]) -> Lancé à 20:39:21 le 27/07/2011, Mode normal Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86) yannick@YANNICK-PC (MSI MS-7369) ============== RECHERCHE ============== Dossier trouvé: C:\Users\yannick\AppData\LocalLow\Toolbar4 -- Fichier ouvert: C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default\Prefs.js -- Ligne trouvée: user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER... Ligne trouvée: user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/897164/892962/FR", "\"0\"")... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", ... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091",... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2504091&octid=... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2504091/CT2504091... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"... Ligne trouvée: user_pref("CommunityToolbar.EngineHiddenByUser", true); Ligne trouvée: user_pref("CommunityToolbar.EngineOwner", ""); Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerGuid", "{ba14329e-9550-4989-b3f2-9732e92d17cc}"); Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "vuze_remote"); Ligne trouvée: user_pref("CommunityToolbar.IsEngineShown", false); Ligne trouvée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Ligne trouvée: user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\yannick\\AppData\\Roaming\\Mozilla\... Ligne trouvée: user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12"); Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2504091"); Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{ba14329e-9550-4989-b3f2-9732e92d17cc}"); Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "vuze_remote"); Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://toolbar.ask.com/toolbarv/askRedir... Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT2504091"); Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT2504091"); Ligne trouvée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Apr 03 2011 15:35:52 GMT+02... Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Apr 11 2011 14:54:09 GMT+0200"); Ligne trouvée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Ligne trouvée: user_pref("CommunityToolbar.alert.locale", "en"); Ligne trouvée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 00:12:59 GMT+0200"); Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559"); Ligne trouvée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Ligne trouvée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Ligne trouvée: user_pref("CommunityToolbar.alert.showTrayIcon", false); Ligne trouvée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Ligne trouvée: user_pref("CommunityToolbar.alert.userId", "55d25f6c-d86d-4018-96e7-aec2eadd1ae2"); Ligne trouvée: user_pref("CommunityToolbar.globalUserId", "646b51f2-72b9-4bac-a224-a620000ed690"); Ligne trouvée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Ligne trouvée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2504091"); Ligne trouvée: user_pref("CommunityToolbar.killedEngine", true); Ligne trouvée: user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Jul 25 2011 16:29:1... Ligne trouvée: user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440); Ligne trouvée: user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Jul 27 2011 19:46:48 GMT+020... Ligne trouvée: user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Ligne trouvée: user_pref("CommunityToolbar.notifications.locale", "en"); Ligne trouvée: user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Ligne trouvée: user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Jul 27 2011 19:46:40 GMT+0200"); Ligne trouvée: user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559"); Ligne trouvée: user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Ligne trouvée: user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Ligne trouvée: user_pref("CommunityToolbar.notifications.showTrayIcon", false); Ligne trouvée: user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Ligne trouvée: user_pref("CommunityToolbar.notifications.userId", "64473b46-ac14-474e-bbc4-61eb3f8c19b5"); Ligne trouvée: user_pref("CommunityToolbar.undefined", ""); Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask"); Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&Sea... Ligne trouvée: user_pref("browser.search.order.1", "Ask"); Ligne trouvée: user_pref("extensions.Fissa.Uninstall.lastRunTime", "Sun, 21 Nov 2010 19:18:08 GMT"); Ligne trouvée: user_pref("extensions.Fissa.lastRunTime", "Mon, 08 Nov 2010 08:51:07 GMT"); Ligne trouvée: user_pref("extensions.snipit.askTbInstalled", true); Ligne trouvée: user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&g... Ligne trouvée: user_pref("extensions.snipit.history_query", "carto%20explorer=ASKURL=hxxp://www.ask.com/web?q=carto... Ligne trouvée: user_pref("keyword.URL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q="); -- Fichier Fermé -- Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [4.0 (fr)] **** Plugins\npDivxPlayerPlugin.dll (DivX, Inc) HKLM_MozillaPlugins\@nvidia.com/3DVision (x) Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=9cc2e04000000000000000ffe929afc9&tlver=1.4.19.19&affID=16553/) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Components\browsercomps.dll (Mozilla Foundation) Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension ) Extensions - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}" (?) HKLM_Extensions|{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ -- C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default -- Extensions\cacaoweb@cacaoweb.org (cacaoweb) Extensions\maps@ovi.com (Ovi maps browser plugin) Extensions\toolbar@mc.xul (Ma Galerie Marchande Mastercard) Extensions\{038dc421-b19e-4711-a218-1fd10de9163b} (Add N Edit Cookies) Extensions\{181F4BBC-2453-40D2-B42C-3135E3B07C7B} (Free software Gooofull toolbar) Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox) Extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6} (Mega Manager Integration) Extensions\{75493B06-1504-4976-9A55-B6FE240FF0BF} (Barre de Confiance) Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar) Searchplugins\munlock.xml (?) Prefs.js - browser.download.dir, C:\\Users\\yannick\\Downloads Prefs.js - browser.download.lastDir, C:\\Users\\yannick\\Desktop Prefs.js - browser.search.defaultenginename, Ask Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms} Prefs.js - browser.search.selectedEngine, Search the web (Babylon) Prefs.js - browser.startup.homepage, hxxp://www.sfr.fr Prefs.js - browser.startup.homepage_override.buildID, 20110318052756 Prefs.js - browser.startup.homepage_override.mstone, rv:2.0 Prefs.js - keyword.URL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q= ======================================== **** Internet Explorer Version [8.0.7601.17514] **** HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll) HKLM_URLSearchHooks|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll) HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2E3B} - "Google Customized Web Search" (hxxp://www.gooofullsearch.com/google?q={searchTerms}&cx=partner-pub-644651472115...) HKCU_SearchScopes\{10EDAC71-1851-473a-BE8E-5D77C8FE5129} - "Ask.com" (hxxp://www.ask.com/web?o=101450&l=dis&q={searchTerms}) HKCU_SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} - "Private Search" (hxxp://search.hotspotshield.com/g/results.php?c=s&q={searchTerms}) HKCU_Toolbar\WebBrowser|{F6AF0697-CE5D-4718-AC5E-6613B6B3DF09} (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll) HKCU_Toolbar\WebBrowser|{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll) HKLM_Toolbar|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll) HKLM_Toolbar|{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll) HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?) HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?) HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?) HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (x) HKLM_ElevationPolicy\4aed5353-b216-4651-a7dc-a1d5eef1eefd - C:\Program Files\HotSpot_Shield_FR\HotSpot_Shield_FRToolbarHelper.exe (?) HKLM_ElevationPolicy\b1226fbd-2bdd-4632-a5f0-897ea3eb7666 - C:\Program Files\HotSpot_Shield_FR\HotSpot_Shield_FRToolbarHelper.exe (?) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x) HKLM_ElevationPolicy\{11AF66E1-6BDE-4AA0-A061-65188608936B} - C:\Program Files\PDF Enhancer 3.5\PlayerPlug.exe (?) HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?) HKLM_ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} - C:\Program Files\PDF Enhancer 3.5\TbHelper2.exe (?) HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{973F1DA1-9BE8-49C1-A68D-EAA0D9847898} - C:\Program Files\PDF Enhancer 3.5\PropMgrAsync.exe (?) HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR) HKLM_ElevationPolicy\{BB8A9962-452A-4a00-814E-650B96EAA0D2} - C:\ProgramData\webex\atinst.exe (WebEx Communications, Inc) HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?) HKLM_Extensions\{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - "Free software Gooofull toolbar" (C:\Program Files\PDF Enhancer 3.5\favicon.ico) HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?) BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll) BHO\{C4743D3E-20D7-4B52-84F2-5E4E277B2D82} - "BywifiBHO Class" (C:\Program Files\Bywifi\bywifiie.dll) BHO\{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll) BHO\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} - "TBSB07458 Class" (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 72 Fichier(s) C:\Program Files\Ad-Remover\Backup: 19 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 27/06/2011 11:45:58 (17442 Octet(s)) C:\Ad-Report-SCAN[1].txt - 27/06/2011 11:19:42 (20313 Octet(s)) C:\Ad-Report-SCAN[2].txt - 27/06/2011 11:37:11 (18403 Octet(s)) C:\Ad-Report-SCAN[3].txt - 27/06/2011 11:40:08 (18534 Octet(s)) C:\Ad-Report-SCAN[4].txt - 27/07/2011 20:39:24 (15060 Octet(s)) Fin à: 20:41:02, 27/07/2011 ============== E.O.F ==============
- le 27 juillet 2011
- 9 réponses
fenetre publicitaire intempestive

mimic8535 a répondu à un(e) sujet de mimic8535 dans Analyses et éradication malwares

merci et voici le rapport Rapport de ZHPDiag v1.27.2424 par Nicolas Coolman, Update du 22/07/2011 Run by yannick at 27/07/2011 18:22:00 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.7601.17514 (Defaut) MFIE: Mozilla Firefox 4.0 v ---\\ System Information Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601) ~ Processor: x86 Family 15 Model 107 Stepping 2, AuthenticAMD ~ Operating System: 32 Bits ~ Boot mode: ~ Normal (Normal boot) Total RAM: 3071 MB (42% free) ~ System Restore: Activé (Enable) System drive C: has 4 GB (6%) free of 62 GB ---\\ Logged in mode ~ Computer Name: YANNICK-PC ~ User Name: yannick ~ All Users Names: yannick, HomeGroupUser$, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 ~ Logged in as Administrator ---\\ Environnement Variables ~ %AppData%=C:\Users\yannick\AppData\Roaming\ ~ %Desktop%=C:\Users\yannick\Desktop\ ~ %Favorites%=C:\Users\yannick\Favorites\ ~ %LocalAppData%=C:\Users\yannick\AppData\Local\ ~ %StartMenu%=C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Start Menu\ ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 4 Go of 62 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 9 Go of 251 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 19 Go of 386 Go) F:\ CD-ROM drive (Not Inserted) G:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ---\\ Recherche particulière de fichiers génériques [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.04/06/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320] [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (....) (.14/07/2009 - 02:14:31.) -- C:\Windows\system32\rundll32.exe [44544] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256] [MD5.2CA020EACDC6DDB2BEA89FEA02C90945] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/06/2011 - 20:10:01.) -- C:\Windows\system32\wininet.dll [981504] [MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.02/07/2011 - 13:17:54.) -- C:\Windows\system32\Winlogon.exe [286720] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584] [MD5.33C3093D09017CFE2E219F2472BFF6EB] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/07/2011 - 13:30:06.) -- C:\Windows\system32\drivers\ntfs.sys [1211264] ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 3/25 ~ Mes musiques (My Musics) : 3/29 ~ Mes Favoris (My Favorites) : 3/42 ~ Mes Documents (My Documents) : 7/466 ~ Mon Bureau (My Desktop) : 10/2002 ~ Menu demarrer (Programs) : 7/62 ---\\ Processus lancés [MD5.F46F1EBC3F9DC2559B24AEEFC3D8206C] - (.Cisco Systems, Inc. - Network Magic Application.) -- C:\Program Files\Pure Networks\Network Magic\nmapp.exe [472112] [MD5.73BFDC88C6EF9715CDF57134A438837A] - (.Cisco Systems, Inc. - Pure Networks Platform Assistant.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe [647216] [MD5.AA47E00B08B3F05CBEC51FFB64F42FA9] - (.Nokia - Nokia M Platform.) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe [1531904] [MD5.764EEB4BCA87921A629BBC52DE421E8E] - (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2054360] [MD5.42E9F86C9DF502C16AA3B6A7505F3D34] - (.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\Program Files\Bywifi\bywifi.exe [2207744] [MD5.A244E67F073377DE0E53D3068932B040] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [142120] [MD5.0AEE5668EB59912F32FF245BFA72465F] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe [421888] [MD5.255E405D801CF01247390F38F92D8042] - (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe [17408] [MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [MD5.FE36976864A30EA91E14D024F8BF7DD8] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\yannick\AppData\Roaming\Dropbox\bin\Dropbox.exe [24176560] [MD5.A82F90AA786032F770AD8CFBB1BE5D17] - (.Lavasoft Limited - Ad-Aware Tray Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [1191216] [MD5.8C1BB9B145B46BFB71B5C3428CF56993] - (...) -- C:\Program Files\Hotspot Shield\bin\openvpntray.exe [107568] [MD5.75B06ACD9D8DC0FE3603294E1899F496] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [47104] [MD5.7AAF26E5CEC48A364FAB61A3505668FB] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [MD5.356A22A5871AC798035E4082C0508F76] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [MD5.1A28CB38299AA0069555B95E5C7BE372] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\yannick\Desktop\ZHPDiag2.exe [2540574] [MD5.9311F4604EA75FC10C3B783BEA71D813] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\Users\yannick\AppData\Local\Temp\is-GIPKQ.tmp\ZHPDiag2.tmp [715776] [MD5.9311F4604EA75FC10C3B783BEA71D813] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\Users\yannick\AppData\Local\Temp\is-0RP9N.tmp\ZHPDiag2.tmp [715776] [MD5.0E8A6A1BC5B08EA29E363EE5E06F7ECB] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [658944] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\yannick\AppData\Roaming\Mozilla\Firefox\Profiles\ql6pwsec.default\prefs.js M3 - MFPP: Plugins - [yannick] -- C:\Users\yannick\AppData\Roaming\Mozilla\Firefox\Profiles\ql6pwsec.default\searchplugins\munlock.xml M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npDivxPlayerPlugin.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin8.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.0.254.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation - NVIDIA 3D Vision plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, Copyright 2006-2009 Veetle Inc<br><a href="http://www..'>http://www..) -- C:\Program Files\Veetle\plugins\npVeetle.dll P2 - FPN: [HKLM] [@veetle.com/veetlePlayerPlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, copyright 2006-2010 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\Player\npvlc.dll M0 - MFSP: prefs.js [yannick - ql6pwsec.default] SFR: Téléphone, Forfait, Offres ADSL, Fibre, Mobile + Internet M2 - MFEP: prefs.js [yannick - ql6pwsec.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.15 (.http://www.cacaoweb.org/.) M2 - MFEP: prefs.js [yannick - ql6pwsec.default\maps@ovi.com] [] Ovi maps browser plugin v2.3.37.6 (.Nokia gate5 GmbH.) M2 - MFEP: prefs.js [yannick - ql6pwsec.default\toolbar@mc.xul] [] Ma Galerie Marchande Mastercard v1.1 (.Plebicom.) M2 - MFEP: prefs.js [yannick - ql6pwsec.default\undrm@readzik] [] readzik v1.0 (.readzik.) M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{038dc421-b19e-4711-a218-1fd10de9163b}] [] Add N Edit Cookies v1.0.0.2 (.Michael Ryabushkin.) M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{181F4BBC-2453-40D2-B42C-3135E3B07C7B}] [] Free software Gooofull toolbar v1.0.12 (.Abingerdale, Ltd..) M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.) M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v7.1.20110512W (.Google Inc..) M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{40a1f5d7-afc2-498f-b264-02668d616ff6}] [] Mega Manager Integration v1.1 (.Megaupload Limited.) M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{75493B06-1504-4976-9A55-B6FE240FF0BF}] [] Barre de Confiance v3.0.1 (.Euro Information, groupe Credit Mutuel-CIC.) M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.3 (.Michel Gutierrez.) M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [] Vuze Remote Community Toolbar v3.5.0.12 (.Conduit Ltd..) ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKUS\S-1-5-21-118793773-1618462023-1890361634-1001\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Bing R1 - HKUS\S-1-5-21-118793773-1618462023-1890361634-1001\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R3 - URLSearchHook: HotSpot Shield FR Toolbar - {f6af0697-ce5d-4718-ac5e-6613b6b3df09} . (.Conduit Ltd. - Conduit Toolbar.) (5, 7, 3, 1) -- C:\Program Files\HotSpot_Shield_FR\tbHot1.dll R3 - URLSearchHook: HotSpot Shield FR Toolbar - {f6af0697-ce5d-4718-ac5e-6613b6b3df09} . (.Conduit Ltd. - Conduit Toolbar.) (5, 7, 3, 1) -- C:\Program Files\HotSpot_Shield_FR\tbHot1.dll R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} . (.SFR - Aide à la navigation SFR.) -- C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: BywifiBHO - {C4743D3E-20D7-4B52-84F2-5E4E277B2D82} . (.bywifi.com - Bywifi: Video Streaming Helper.) -- C:\Program Files\Bywifi\bywifiie.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HotSpot Shield FR Toolbar - {f6af0697-ce5d-4718-ac5e-6613b6b3df09} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\HotSpot_Shield_FR\tbHot1.dll O2 - BHO: TBSB07458 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\PDF Enhancer 3.5\tbcore3.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: HotSpot Shield FR Toolbar - {f6af0697-ce5d-4718-ac5e-6613b6b3df09} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\HotSpot_Shield_FR\tbHot1.dll O3 - Toolbar: Free software Gooofull toolbar - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\PDF Enhancer 3.5\tbcore3.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [nmapp] . (.Cisco Systems, Inc. - Network Magic Application.) -- C:\Program Files\Pure Networks\Network Magic\nmapp.exe O4 - HKLM\..\Run: [nmctxth] . (.Cisco Systems, Inc. - Pure Networks Platform Assistant.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe O4 - HKLM\..\Run: [NokiaMServer] Clé orpheline O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe O4 - HKLM\..\Run: [bywifi] . (.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\Program Files\Bywifi\bywifi.exe O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [NokiaMusic FastStart] Clé orpheline O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O4 - HKLM\..\Run: [NPSStartup] Clé orpheline O4 - HKLM\..\Run: [unlockerAssistant] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe O4 - HKLM\..\Run: [TrojanScanner] . (.Simply Super Software - Trojan Scanner.) -- C:\Program Files\Trojan Remover\Trjscan.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (.not file.) O4 - HKUS\S-1-5-21-118793773-1618462023-1890361634-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-118793773-1618462023-1890361634-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - HKUS\S-1-5-21-118793773-1618462023-1890361634-1001\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (.not file.) O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mise à jour des licences ESET.lnk . (.GuillerSoft.) -- C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk . (.Dropbox, Inc..) -- C:\Users\yannick\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeRapid 0.83u1.lnk . (.Vity.) -- E:\Mes documents\Azureus Downloads\LOGICIELS VUZE\telecharger rapidement\FreeRAPID-0.83U1\FreeRapid-0.83u1\frd.exe ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\yannick\Desktop\9Giga Synchro.lnk . (.Agematis.) -- C:\Program Files\SFR\9Giga Synchro\9Giga_Synchro.exe O4 - Global Startup: C:\Users\yannick\Desktop\AD-R.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe O4 - Global Startup: C:\Users\yannick\Desktop\adsl TV.lnk . (.adsltv.org.) -- C:\Program Files\adslTV\adsltv.exe O4 - Global Startup: C:\Users\yannick\Desktop\AirSnare.lnk . (.Digital Matrix.) -- C:\Program Files\AirSnare\AirSnare.exe O4 - Global Startup: C:\Users\yannick\Desktop\Bywifi accélérateur de vidéo.lnk . (.bywifi.com.) -- C:\Program Files\Bywifi\bywifi.exe O4 - Global Startup: C:\Users\yannick\Desktop\Bywifi convertisseur de vidéo.lnk . (...) -- C:\Program Files\Bywifi\bywifidl.exe O4 - Global Startup: C:\Users\yannick\Desktop\cacaoweb.exe - Raccourci.lnk . (...) -- D:\LOGICIEL\pour enlever la limitation megavideo\cacaoweb.exe O4 - Global Startup: C:\Users\yannick\Desktop\Driver Checker.lnk . (...) -- C:\Program Files\Driver Checker\DriverChecker.exe O4 - Global Startup: C:\Users\yannick\Desktop\Dropbox.lnk . (.Dropbox, Inc..) -- C:\Users\yannick\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: C:\Users\yannick\Desktop\EPSON Scan.lnk . (.SEIKO EPSON CORP..) -- C:\Windows\twain_32\escndv\escndv.exe O4 - Global Startup: C:\Users\yannick\Desktop\ETKA 7.2.lnk . (...) -- C:\Tecar Forum\ETKA 7.2\PROG\Etka7.exe O4 - Global Startup: C:\Users\yannick\Desktop\Finish Downloading Brothersoft Download Manager.lnk . (.Conduit.) -- E:\Downloads\Brothersoftdownloader_for_View_Cookies_Firefox_Add_on.exe O4 - Global Startup: C:\Users\yannick\Desktop\FLV Player.lnk . (...) -- C:\Program Files\FLV Player\FLVplayer.exe O4 - Global Startup: C:\Users\yannick\Desktop\frd.exe - Raccourci.lnk . (.Vity.) -- C:\Users\yannick\Desktop\FreeRapid-0.85u1-b566\FreeRapid-0.85u1-build566\frd.exe O4 - Global Startup: C:\Users\yannick\Desktop\FreeRapid 0.83u1.lnk . (.Vity.) -- E:\Mes documents\Azureus Downloads\LOGICIELS VUZE\telecharger rapidement\FreeRAPID-0.83U1\FreeRapid-0.83u1\frd.exe O4 - Global Startup: C:\Users\yannick\Desktop\IrfanView Thumbnails.lnk . (.Irfan Skiljan.) -- C:\Program Files\IrfanView\i_view32.exe O4 - Global Startup: C:\Users\yannick\Desktop\IrfanView.lnk . (.Irfan Skiljan.) -- C:\Program Files\IrfanView\i_view32.exe O4 - Global Startup: C:\Users\yannick\Desktop\IsoBuster.lnk . (.Smart Projects.) -- C:\Program Files\Smart Projects\IsoBuster\IsoBuster.exe O4 - Global Startup: C:\Users\yannick\Desktop\JDownloader.lnk . (.AppWork UG (haftungsbeschränkt).) -- C:\Program Files\JDownloader\JDownloader.exe O4 - Global Startup: C:\Users\yannick\Desktop\Neuview Professional.lnk . (.QO Developments.) -- C:\Program Files\QO Developments\Neuview Media Player\Neuview Pro.exe O4 - Global Startup: C:\Users\yannick\Desktop\Neuview Standard.lnk . (.QO Developments.) -- C:\Program Files\QO Developments\Neuview Media Player\Neuview Pro.exe O4 - Global Startup: C:\Users\yannick\Desktop\NodLogin10c.lnk . (...) -- C:\Program Files\UlisesSoft\nodlogin.exe (.not file.) O4 - Global Startup: C:\Users\yannick\Desktop\PC Inspector File Recovery.lnk . (...) -- C:\Program Files\Convar\PC Inspector File Recovery\Filerecovery.exe O4 - Global Startup: C:\Users\yannick\Desktop\Peer2Me.lnk . (...) -- C:\Users\yannick\AppData\Roaming\Microsoft\Installer\{C783600B-C726-4481-9BBE-06F560CF8968}\ShortcutApp1_C783600BC72644819BBE06F560CF8968.exe O4 - Global Startup: C:\Users\yannick\Desktop\SIW.lnk . (.Topala Software Solutions.) -- C:\Program Files\SIW\siw.exe O4 - Global Startup: C:\Users\yannick\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe O4 - Global Startup: C:\Users\yannick\Desktop\Super Internet TV.lnk . (.Ahusoft.) -- C:\Program Files\Super Internet TV\Super Internet TV.exe O4 - Global Startup: C:\Users\yannick\Desktop\Virtual DJ Trial.lnk . (.Atomix Productions.) -- C:\Users\yannick\Documents\VirtualDJ\virtualdj_trial.exe O4 - Global Startup: C:\Users\yannick\Desktop\Vision Budget pour Windows.lnk . (.Patrick Bory.) -- C:\Program Files\VBW\vbw.exe O4 - Global Startup: C:\Users\yannick\Desktop\VSO Image Resizer 4.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer 4\Resize.exe O4 - Global Startup: C:\Users\yannick\Desktop\WBFS Manager 3.0.lnk . (...) -- C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe O4 - Global Startup: C:\Users\yannick\Desktop\Wii Game Manager.lnk . (...) -- C:\Program Files\Wii Game Manager\Wii Game Manager.exe O4 - Global Startup: C:\Users\yannick\Desktop\Wild Media Server (UPnP, DLNA, HTTP).lnk . (.Evgeny Lachinov.) -- C:\Program Files\Wild Media Server\wms.exe O4 - Global Startup: C:\Users\yannick\Desktop\WinAVI Video Capture.lnk . (.ZjSoft.) -- C:\Program Files\WinAVI Video Capture\WinCAP.exe O4 - Global Startup: C:\Users\yannick\Desktop\XP TCPIP Repair.lnk . (.WareSoft Software.) -- C:\Program Files\XP TCPIP Repair\netrepair.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\9Giga Synchro.lnk . (.Agematis.) -- C:\Program Files\SFR\9Giga Synchro\9Giga_Synchro.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk . (.Lavasoft Limited.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bywifi accélérateur de vidéo.lnk . (.bywifi.com.) -- C:\Program Files\Bywifi\bywifi.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bywifi convertisseur de vidéo.lnk . (...) -- C:\Program Files\Bywifi\bywifidl.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Driver Checker.lnk . (...) -- C:\Program Files\Driver Checker\DriverChecker.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\EASEUS Partition Master 4.1.1 Professional Edition.lnk . (.EASEUS.) -- C:\Program Files\EASEUS\EASEUS Partition Master 4.1.1 Professional Edition\bin\epm0.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ethereal.lnk . (.The Ethereal developer community, http://ww.) -- C:\Program Files\Ethereal\ethereal.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FreeRapid 0.83u1.lnk . (.Vity.) -- E:\Mes documents\Azureus Downloads\LOGICIELS VUZE\telecharger rapidement\FreeRAPID-0.83U1\FreeRapid-0.83u1\frd.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Image Converter One.lnk . (.ashongsoft.com.) -- C:\Program Files\AshongSoft\ImageConverterOne\imgcp.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IsoBuster.lnk . (.Smart Projects.) -- C:\Program Files\Smart Projects\IsoBuster\IsoBuster.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk . (.Nero AG.) -- C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk . (.Nero AG.) -- C:\Program Files\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nokia Ovi Player.lnk . (.Macrovision Corporation.) -- C:\Windows\Installer\{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}\NewShortcut2_CDF681E133824FFDB6C41A0530C561D O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PDFCreator.lnk . (.pdfforge http://www.pdfforge.org/.) -- C:\Program Files\PDFCreator\PDFCreator.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Pinnacle Instant DVD Recorder.lnk . (.Pinnacle Systems.) -- C:\Program Files\Pinnacle\Instant DVD Recorder\D2dWizard.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk . (...) -- C:\Program Files\Samsung\Kies\Kies.exe (.not file.) O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung New PC Studio.lnk . (.Samsung Electronics Co., Ltd..) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSGuide.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vision Budget pour Windows.lnk . (.Patrick Bory.) -- C:\Program Files\VBW\vbw.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VSO Image Resizer 4.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer 4\Resize.exe O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk . (.Vuze Inc..) -- C:\Program Files\Vuze\Azureus.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Bywifi: Video Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} . (.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\Program Files\Bywifi\bywifi.exe O9 - Extra button: Bywifi: Video Downloader - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO O9 - Extra button: Free software Gooofull toolbar - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} . (...) -- C:\Program Files\PDF Enhancer 3.5\favicon.ico O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (...) -- C:\Program Files\PDF Enhancer 3.5\favicon.ico ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000010\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: NameServer = 85.17.255.198,46.19.33.120 O17 - HKLM\System\CS1\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: NameServer = 85.17.255.198,46.19.33.120 O17 - HKLM\System\CS2\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: NameServer = 85.17.255.198,46.19.33.120 O17 - HKLM\System\CS3\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: NameServer = 85.17.255.198,46.19.33.120 O17 - HKLM\System\CCS\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{E929AFC9-4F03-4B91-9359-1C3C6B32D418}: DhcpNameServer = 10.69.32.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{E929AFC9-4F03-4B91-9359-1C3C6B32D418}: DhcpNameServer = 10.69.32.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{E929AFC9-4F03-4B91-9359-1C3C6B32D418}: DhcpNameServer = 10.69.32.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{E929AFC9-4F03-4B91-9359-1C3C6B32D418}: DhcpNameServer = 10.69.32.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} . (.Cisco Systems, Inc. - Pure Service Provider DLL.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\Windows\system32\FsUsbExService.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Hotspot Shield Service (HotspotShieldService) . (...) - C:\Program Files\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Monitoring Service (HssWd) . (...) - C:\Program Files\Hotspot Shield\bin\hsswd.exe O23 - Service: Lavasoft Ad-Aware Service (Lavasoft Ad-Aware Service) . (.Lavasoft Limited - Ad-Aware Service Application.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Pure Networks Platform Service (nmservice) . (.Cisco Systems, Inc. - Pure Networks Platform Service.) - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 196.7.) - C:\Windows\system32\nvvsvc.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: TeamViewer 4 (TeamViewer4) . (.TeamViewer GmbH - TeamViewer Service.) - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe O23 - Service: TeamViewer 5 (TeamViewer5) . (.TeamViewer GmbH - TeamViewer Service.) - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: SAMSUNG WiseLinkPro Service (WiselinkPro) . (...) - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Ad-Aware Update (Weekly).job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\System32\DRIVERS\ehdrv.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: (PCLEPCI) . (.Pinnacle Systems GmbH - PCLEPCI.) - C:\Windows\system32\drivers\pclepci.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: (Serial) . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) - C:\Windows\System32\DRIVERS\serial.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys ---\\ Logiciels installés (O42) O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: 1.2.0 - (.Pas de propriétaire.) [HKLM] -- Image Converter One_is1 O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip O42 - Logiciel: 9Giga Synchro v2.9.2 - (.SFR.) [HKLM] -- {D9267488-4DC9-4D6B-866D-40E19A23CC04}_is1 O42 - Logiciel: ACD FotoSlate 3.0 - (.ACD Systems Ltd.) [HKLM] -- {3476D911-4FBF-4009-9013-BF82F96564C0} O42 - Logiciel: AV301P - (.OmniVision Technologies, Inc..) [HKLM] -- {DBAA6058-4960-4A46-8E84-4D71F23F3A84} O42 - Logiciel: AVIcodec (remove only) - (.Pas de propriétaire.) [HKLM] -- AVIcodec O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1 O42 - Logiciel: AVS Video Converter 6 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Video Converter 6_is1 O42 - Logiciel: AVS4YOU Software Navigator 1.3 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1 O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- Ad-Aware O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- {DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader 9.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A92000000001} O42 - Logiciel: AirSnare - (.Pas de propriétaire.) [HKLM] -- AirSnare O42 - Logiciel: Android SDK Tools - (.Google Inc..) [HKLM] -- Android SDK Tools O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1} O42 - Logiciel: Aqua Real - (.Pas de propriétaire.) [HKLM] -- {1E66C7FF-F827-4AEF-A998-932EA824998B} O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: AutoCAD Mechanical 2011 - (.Autodesk.) [HKLM] -- AutoCAD Mechanical 2011 O42 - Logiciel: AutoCAD Mechanical 2011 - (.Autodesk.) [HKLM] -- {5783F2D7-9005-040C-0002-0060B0CE6BBA} O42 - Logiciel: AutoCAD Mechanical 2011 Version 2 - (.Autodesk.) [HKLM] -- AutoCAD Mechanical 2011 Version 2 O42 - Logiciel: Autodesk Design Review 2011 - (.Autodesk, Inc..) [HKLM] -- Autodesk Design Review 2011 O42 - Logiciel: Autodesk Inventor View 2011 - (.Autodesk.) [HKLM] -- {76D6189D-1532-0400-0000-DFC2EE337EAC} O42 - Logiciel: Autodesk Inventor View 2011 Français - (.Autodesk.) [HKLM] -- Autodesk Inventor View 2011 O42 - Logiciel: Autodesk Material Library 2011 - (.Autodesk.) [HKLM] -- {9DEABCB6-B759-4D52-92F8-51B34A2B4D40} O42 - Logiciel: Autodesk Material Library 2011 Base Image library - (.Autodesk.) [HKLM] -- {CD1E078C-A6B9-47DA-B035-6365C85C7832} O42 - Logiciel: Autodesk Vault 2011 (Client) French Language Pack - (.Autodesk, Inc..) [HKLM] -- {41EEF558-3585-4028-8DF2-B182A0CE2D69} O42 - Logiciel: Autodesk Vault 2011 (Client) - (.Autodesk, Inc..) [HKLM] -- Autodesk Vault 2011 (Client) O42 - Logiciel: Autodesk Vault 2011 (Client) - (.Autodesk, Inc..) [HKLM] -- {41EEF558-3585-4020-8DF2-B182A0CE2D69} O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {8A253629-0511-4854-8B4E-46E57E66005C} O42 - Logiciel: Bywifi 2.0.1 - (.bywifi.com.) [HKLM] -- Bywifi O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Classic Silver Drivers - (.Hercules.) [HKLM] -- {8678BD65-D66E-48BB-8531-91D0EF8998A1} O42 - Logiciel: CyberGestion - (.Pas de propriétaire.) [HKLM] -- {C964A549-C74A-11D3-B88A-00A0C9379093} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DLL Borland pour Vision Budget pour Windows - (.Pas de propriétaire.) [HKLM] -- VBWDLL_is1 O42 - Logiciel: DVD de bonus Studio 10 - (.Pas de propriétaire.) [HKLM] -- {6A012D9C-2E2E-405A-B87C-E909F5297C3F} O42 - Logiciel: DWG TrueView 2011 - (.Autodesk.) [HKLM] -- DWG TrueView 2011 O42 - Logiciel: Disk Checker - (.Pas de propriétaire.) [HKLM] -- Disk Checker O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2} O42 - Logiciel: DivX Player - (.DivX, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9} O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters O42 - Logiciel: DivX Plus Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29} O42 - Logiciel: Driver Checker v2.7.4 - (.driverchecker.com, Inc..) [HKLM] -- Driver Checker_is1 O42 - Logiciel: Driver Detective - (.PC Drivers HeadQuarters.) [HKLM] -- InstallShield_{7395D650-AE5D-4D68-B8FE-D3FA6B51467F} O42 - Logiciel: Driver Detective - (.PC Drivers HeadQuarters.) [HKLM] -- {7395D650-AE5D-4D68-B8FE-D3FA6B51467F} O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox O42 - Logiciel: EASEUS Partition Master 4.1.1 Professional - (.EASEUS.) [HKLM] -- EASEUS Partition Master Professional Edition_is1 O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner O42 - Logiciel: ESET Antivirus License Finder (MiNODLogin) - (.GuillerSoft.) [HKLM] -- MiNODLogin O42 - Logiciel: ETKA 7.2 Final - (.Pas de propriétaire.) [HKLM] -- ETKA 7.2 Final O42 - Logiciel: Ethereal 0.99.0 - (.The Ethereal developer community, http://www.ethereal.com.) [HKLM] -- Ethereal O42 - Logiciel: FARO LS 1.1.406.58 - (.FARO Scanner Production.) [HKLM] -- {951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C} O42 - Logiciel: FLV Player - (.Frédéric Saunier.) [HKLM] -- FLVplayer O42 - Logiciel: Free software Gooofull toolbar - (.Abingerdale, Ltd..) [HKLM] -- TBSB07458.TBSB07458Toolbar O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710} O42 - Logiciel: Google Earth Pro - (.Google.) [HKLM] -- {9578C0CD-8108-4379-9026-4601F59859A0} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Graines de Génie Cm2 - (.Mindscape.) [HKLM] -- {5C2E07B8-3043-4CA5-9D2A-04BB4414AAA5} O42 - Logiciel: HP USB Disk Storage Format Tool - (.Pas de propriétaire.) [HKLM] -- {0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51} O42 - Logiciel: Hercules Webcam Deluxe - (.Hercules.) [HKLM] -- {E6F043EB-FEF5-4C34-95AF-99B3EB68F7D9} O42 - Logiciel: Hercules Webcam Station Evolution SE - (.Hercules.) [HKLM] -- {C3C44248-B8F7-4B20-A5C7-994870B60F55} O42 - Logiciel: HotSpot_Shield_FR Toolbar - (.Pas de propriétaire.) [HKLM] -- HotSpot_Shield_FR Toolbar O42 - Logiciel: Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2461678 O42 - Logiciel: Hotspot Shield 1.49 - (.AnchorFree.) [HKLM] -- HotspotShield O42 - Logiciel: ImgBurn - (.LIGHTNING UK!.) [HKLM] -- ImgBurn O42 - Logiciel: IrfanView (remove only) - (.Irfan Skiljan.) [HKLM] -- IrfanView O42 - Logiciel: IsoBuster 1.0 - (.Smart Projects.) [HKLM] -- IsoBuster_is1 O42 - Logiciel: J2SE Runtime Environment 5.0 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150010} O42 - Logiciel: JDownloader - (.AppWork UG (haftungsbeschränkt).) [HKLM] -- JDownloader O42 - Logiciel: Java DB 10.6.2.1 - (.Oracle.) [HKLM] -- {73EC658D-A1C6-40CA-8E86-E05821BAACE7} O42 - Logiciel: Java 6 Update 26 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216026FF} O42 - Logiciel: Java SE Development Kit 6 Update 26 - (.Oracle.) [HKLM] -- {32A3A4F4-B792-11D6-A78A-00B0D0160260} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: K!TV - (.Pas de propriétaire.) [HKLM] -- K!TV O42 - Logiciel: K-Lite Codec Pack 5.5.3 (Full) BETA - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: L&H TTS3000 Français - (.Pas de propriétaire.) [HKLM] -- LHTTSFRF O42 - Logiciel: Le Club des TrouveTout CE2, La Cité Perdue - (.Pas de propriétaire.) [HKLM] -- Le Club des TrouveTout CE2, La Cité Perdue O42 - Logiciel: MFCDLL Shared Library - Retail Version - (.Unknown.) [HKLM] -- {51D569E2-8A28-11D2-B962-006097C4DE24} O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSXML 3.0 - (.Microsoft Corporation.) [HKLM] -- {930E3A4D-70B7-4D0D-AF8D-0B351A9B55BE} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Macromedia Flash Player 8 - (.Macromedia.) [HKLM] -- ShockwaveFlash O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft ® C Runtime Library - (.Unknown.) [HKLM] -- {51D569E0-8A28-11D2-B962-006097C4DE24} O42 - Logiciel: Microsoft ® C++ Runtime Library - (.Unknown.) [HKLM] -- {51D569E3-8A28-11D2-B962-006097C4DE24} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E} O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702} O42 - Logiciel: Microsoft .NET Framework 4 Extended FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {043F86B7-EE12-3399-B2CA-D0B603D87963} O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM] -- Money2005b O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Microsoft WSE 3.0 Runtime - (.Microsoft Corp..) [HKLM] -- {E3E71D07-CD27-46CB-8448-16D4FB29AA13} O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Extended FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended FRA Language Pack O42 - Logiciel: Module linguistique d'Autodesk Inventor View 2011 - Français - (.Autodesk.) [HKLM] -- {76D6189D-1532-0400-0001-DFC2EE337EAC} O42 - Logiciel: Mozilla Firefox 4.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0 (x86 fr) O42 - Logiciel: MyFreeCodec - (.Pas de propriétaire.) [HKCU] -- MyFreeCodec O42 - Logiciel: NOD123 Serial Receivers 1.1.0 - (.ZProDuCTioN.) [HKLM] -- NOD123 Serial Receivers_is1 O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo O42 - Logiciel: Nero 8 - (.Nero AG.) [HKLM] -- {B944FA21-81AF-4A77-8328-CE4F4CC51036} O42 - Logiciel: Network Magic - (.Cisco Systems, Inc..) [HKLM] -- Network MagicUninstall O42 - Logiciel: Neuview Standard and Professional 6.06 - (.QO Developments.) [HKLM] -- Neuview Pro_is1 O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0} O42 - Logiciel: Nokia Ovi Player - (.Nokia Ovi Player.) [HKLM] -- {50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF} O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- Nokia Ovi Suite O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- {B6164ADA-55DA-4FA9-B78B-A7EB741742A1} O42 - Logiciel: Nokia Ovi Suite Software Updater - (.Nokia Corporation.) [HKLM] -- {564B16F4-6B5B-47B0-9AB6-FF2E943947F7} O42 - Logiciel: Nokia Software Updater - (.Nokia Corporation.) [HKLM] -- {9F59C3AE-81B0-4EF6-9762-D674BB079705} O42 - Logiciel: Nokia_Multimedia_Common_Components_2_5 - (.Nokia.) [HKLM] -- {70B31335-50EE-4834-8431-27412CDE62BD} O42 - Logiciel: Ovi Desktop Sync Engine - (.Nokia.) [HKLM] -- {F1C3541D-5B93-4131-B440-692FBA3DD250} O42 - Logiciel: OviMPlatform - (.Nokia.) [HKLM] -- {8D100E0C-1A5A-43AD-93EF-76F94AE61C30} O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {DCBC91E4-B72B-4E0A-97C9-D4EF389A132A} O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: PS3 Media Server - (.Pas de propriétaire.) [HKLM] -- PS3 Media Server O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693 O42 - Logiciel: Peer2Me - (.Peer2Me.) [HKLM] -- {C783600B-C726-4481-9BBE-06F560CF8968} O42 - Logiciel: Pilote vidéo Pinnacle - (.Pinnacle Systems.) [HKLM] -- {6DE721A5-5E89-4D74-994C-652BB3C0672E} O42 - Logiciel: Pinnacle Instant DVD Recorder - (.Pinnacle Systems.) [HKLM] -- {C1212AE3-DBB9-4365-8473-F8ABC7B06BBB} O42 - Logiciel: Pinnacle Systems USB-2 Device Drivers - (.Pinnacle Systems.) [HKLM] -- {9870C7AE-7C6A-478D-9A75-35827382220F} O42 - Logiciel: PlayFLV - (.Pas de propriétaire.) [HKLM] -- PlayFLV O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C} O42 - Logiciel: RDesc 2.27 - (.Bllua.) [HKLM] -- {8DD0F820-3656-4AB3-A7F4-005CAA2D0897}_is1 O42 - Logiciel: Realtek Ethernet Controller Driver For Windows 7 - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} O42 - Logiciel: Réseau France Bayo 0013-Q0 - (.Bayo.) [HKLM] -- Réseau France Bayo_is1 O42 - Logiciel: Réseau France BdAlti - (.Bayo.) [HKLM] -- Réseau France BdAlti O42 - Logiciel: Réseau France BdNyme - (.Bayo.) [HKLM] -- Réseau France BdNyme O42 - Logiciel: SAMSUNG PC Share Manager - (.SAMSUNG.) [HKLM] -- InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139} O42 - Logiciel: SAMSUNG PC Share Manager - (.SAMSUNG.) [HKLM] -- {2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139} O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} O42 - Logiciel: SD Formatter - (.SDA.) [HKLM] -- {3F9FB449-93DB-4C47-BB5B-7334C4D1736E} O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit O42 - Logiciel: SFR - Media Center - (.SFR.) [HKLM] -- SFR_Media Center O42 - Logiciel: SIW version 2010.03.10 - (.Topala Software Solutions.) [HKLM] -- {AB67580-257C-45FF-B8F4-C8C30682091A}_is1 O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A} O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD0DE453-0804-4495-9C91-33D0F9AA5463} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2416472) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472 O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD907315-705A-4475-A1A0-2A1245803E4D} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A0173254-F442-4D04-9154-43FA157B83D0} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {B6CF2967-C81E-40C0-9815-C05774FEF120} O42 - Logiciel: Skype™ 5.3 - (.Skype Technologies S.A..) [HKLM] -- {5335DADB-34BA-4AE8-A519-648D78498846} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: Super Internet TV v8.0 (Premium Edition) - (.Ahusoft.) [HKLM] -- Super Internet TV (Premium Edition)_is1 O42 - Logiciel: TeamViewer 4 - (.TeamViewer GmbH.) [HKLM] -- TeamViewer 4 O42 - Logiciel: TeamViewer 5 - (.TeamViewer GmbH.) [HKLM] -- TeamViewer 5 O42 - Logiciel: Trojan Remover 6.8.2 - (.Simply Super Software.) [HKLM] -- Trojan Remover_is1 O42 - Logiciel: TuneUp Companion 1.7.1 - (.TuneUp Media, Inc..) [HKLM] -- TuneUpMedia O42 - Logiciel: Unlocker 1.9.1 - (.Cedrick Collomb.) [HKLM] -- Unlocker O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228 O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1365864D-4C58-489D-9982-844D75691CCC} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2553975) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{59D8F1FE-7B08-4F0E-840C-D1BF93D22A6C} O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421} O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM] -- {3921A67A-5AB1-4E48-9444-C71814CF3027} O42 - Logiciel: VLC media player 0.9.8a - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: VSO Image Resizer 4.0.0.54 - (.VSO-Software.) [HKLM] -- {8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1 O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM] -- Veetle TV O42 - Logiciel: Virtual DJ - Atomix Productions - (.Pas de propriétaire.) [HKLM] -- Virtual DJ - Atomix Productions O42 - Logiciel: Vision Budget pour Windows - (.PBORY.) [HKLM] -- VBW_is1 O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27} O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM] -- 8461-7759-5462-8226 O42 - Logiciel: WBFS Manager 3.0 - (.AlexDP.) [HKLM] -- WBFS Manager 3.0 O42 - Logiciel: WebEx Support Manager for Internet Explorer - (.WebEx Communications Inc..) [HKLM] -- {C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7} O42 - Logiciel: Wii Game Manager 1.5.0.1 - (.Pas de propriétaire.) [HKCU] -- Wii Game Manager 1.5.0.1 O42 - Logiciel: Wii Media Center X 0.92 - (.Red Kawa Inc..) [HKLM] -- Wii Media Center X O42 - Logiciel: Wild Media Server (UPnP, DLNA, HTTP) - (.Evgeny Lachinov.) [HKLM] -- WMS O42 - Logiciel: WinAVI Video Capture 2.0 - (.ZJ Computing, Inc..) [HKLM] -- WinAVI Video Capture_is1 O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst O42 - Logiciel: Windows Genuine Advantage Validation v1.9.40.0 Cracked V5 - (.Wocarson.) [HKLM] -- {501FD5F3-7F17-46A1-958F-B7F125DE59F1} O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066} O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C} O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429} O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917} O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38} O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70} O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1} O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4} O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F} O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF} O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194} O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} O42 - Logiciel: Windows Movie Maker 2.6 - (.Microsoft Corporation.) [HKLM] -- {B3DAF54F-DB25-4586-9EF1-96D24BB14088} O42 - Logiciel: WorldUnlock Codes Calculator - (.Pas de propriétaire.) [HKLM] -- WorldUnlock Codes Calculator O42 - Logiciel: XP TCP/IP Repair - (.WareSoft Software.) [HKLM] -- XP TCP/IP Repair_is1 O42 - Logiciel: Yakoo Manager - (.Yakoo Inc.) [HKLM] -- {4C897421-74CF-4111-9222-A9713A040A5C} O42 - Logiciel: adsl TV - (.Pas de propriétaire.) [HKLM] -- adsl TV O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {5ECB3A3C-980B-4D12-9724-25DCB07A1F47} O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} O42 - Logiciel: proDAD Heroglyph 2.5 - (.Pas de propriétaire.) [HKLM] -- proDAD-Heroglyph-2.5 ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\ACD Systems] [HKCU\Software\ACE Compression Software] [HKCU\Software\AVS4YOU] [HKCU\Software\Ad-Remover] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\Ahusoft] [HKCU\Software\AirSnare] [HKCU\Software\AppDataLow\Software\Autodesk] [HKCU\Software\AppDataLow\Software\Conduit] [HKCU\Software\AppDataLow\Software\HotSpot_Shield_FR] [HKCU\Software\AppDataLow\Software\MarkAny] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Monitored] [HKCU\Software\AppDataLow\Software\settings] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Ashongsoft] [HKCU\Software\Autodesk] [HKCU\Software\Azureus] [HKCU\Software\BVRP Software] [HKCU\Software\Bayo] [HKCU\Software\Binary Noise] [HKCU\Software\Bywifi] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\ComodoGroup] [HKCU\Software\Convar] [HKCU\Software\CoreVorbis] [HKCU\Software\Cygnus Solutions] [HKCU\Software\Cygwin] [HKCU\Software\Digital River] [HKCU\Software\DivXNetworks] [HKCU\Software\DivX] [HKCU\Software\Driver Checker] [HKCU\Software\EASEUS] [HKCU\Software\EPSON] [HKCU\Software\ESET] [HKCU\Software\Earth Resource Mapping] [HKCU\Software\EasyBits] [HKCU\Software\Far] [HKCU\Software\Freeware] [HKCU\Software\GNU] [HKCU\Software\GSpot Appliance Corp] [HKCU\Software\Gabest] [HKCU\Software\Ghisler] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\Headlight] [HKCU\Software\Hercules] [HKCU\Software\HotspotShield] [HKCU\Software\IM Providers] [HKCU\Software\ImgBurn] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\Lavasoft] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\MONOGRAM] [HKCU\Software\Macromedia] [HKCU\Software\Magix] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MediaInfo] [HKCU\Software\Mindscape] [HKCU\Software\Mirabilis] [HKCU\Software\Mobileleader] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Myfree Codec] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\Neuf] [HKCU\Software\Nokia] [HKCU\Software\Nseries] [HKCU\Software\ODBC] [HKCU\Software\PBORY] [HKCU\Software\PDFCreator] [HKCU\Software\PS3 Media Server] [HKCU\Software\Peer2Me] [HKCU\Software\Photodex] [HKCU\Software\Pinnacle Systems] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Protexis] [HKCU\Software\Pure Networks] [HKCU\Software\QO Developments] [HKCU\Software\RIT] [HKCU\Software\SFR] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Samsung] [HKCU\Software\Siemens] [HKCU\Software\Simply Super Software] [HKCU\Software\SkypeApps] [HKCU\Software\Skype] [HKCU\Software\Smart Projects] [HKCU\Software\SoftVTU] [HKCU\Software\Softonic] [HKCU\Software\Software] [HKCU\Software\Sysinternals] [HKCU\Software\TeamViewer] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VOB] [HKCU\Software\VSO] [HKCU\Software\Veetle] [HKCU\Software\VictimeFUD] [HKCU\Software\VirtualDJ] [HKCU\Software\VirtualDub.org] [HKCU\Software\WBFSGUI] [HKCU\Software\WIISCRUBBER] [HKCU\Software\WMS] [HKCU\Software\Warelex] [HKCU\Software\WideStream] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Xara] [HKCU\Software\Xobni] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\ZjSoft] [HKCU\Software\cacaoweb] [HKCU\Software\eMule] [HKCU\Software\ej-technologies] [HKCU\Software\madFlac] [HKCU\Software\mozilla.org] [HKCU\Software\new] [HKCU\Software\owned] [HKCU\Software\unpacker] [HKLM\Software\ACD Systems] [HKLM\Software\ATI Technologies] [HKLM\Software\AVS4YOU] [HKLM\Software\Acorn] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\Aladdin Knowledge Systems] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Audible] [HKLM\Software\Autodesk] [HKLM\Software\Azureus] [HKLM\Software\BVRP Software] [HKLM\Software\Bayo] [HKLM\Software\Boris FX, Inc.] [HKLM\Software\Borland] [HKLM\Software\Caphyon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Cygnus Solutions] [HKLM\Software\Cygwin] [HKLM\Software\DVC150] [HKLM\Software\DivXNetworks] [HKLM\Software\DivX] [HKLM\Software\EPSON] [HKLM\Software\ESET] [HKLM\Software\Euro Information] [HKLM\Software\Formosoft] [HKLM\Software\GEAR Software] [HKLM\Software\GNU] [HKLM\Software\Gabest] [HKLM\Software\Ghisler] [HKLM\Software\Google] [HKLM\Software\HPQ] [HKLM\Software\HaaliMkx] [HKLM\Software\Hercules Technologies] [HKLM\Software\Hercules] [HKLM\Software\Hewlett-Packard Company] [HKLM\Software\HotSpot_Shield_FR] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\Kaydara] [HKLM\Software\Khronos] [HKLM\Software\L&H] [HKLM\Software\Lavasoft] [HKLM\Software\Licenses] [HKLM\Software\MCCI] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Magix] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MarkAny] [HKLM\Software\MimarSinan] [HKLM\Software\Mindscape] [HKLM\Software\Mirabilis] [HKLM\Software\MovieBox USB] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\Nero] [HKLM\Software\Neuf] [HKLM\Software\Nokia Mobile Phones] [HKLM\Software\Nokia] [HKLM\Software\ODBC] [HKLM\Software\OMSI] [HKLM\Software\OVTUsbCamera] [HKLM\Software\OmniVision] [HKLM\Software\PBORY] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\PCSuite] [HKLM\Software\PDFCreator] [HKLM\Software\PegasusImaging] [HKLM\Software\Pinnacle Systems] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Protexis] [HKLM\Software\Pure Networks] [HKLM\Software\RDesc] [HKLM\Software\RS Software Lab] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Samsung] [HKLM\Software\Simply Super Software] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\Sun Microsystems] [HKLM\Software\Swearware] [HKLM\Software\Symantec] [HKLM\Software\TeamViewer] [HKLM\Software\Tekool] [HKLM\Software\The Learning Company] [HKLM\Software\Thraex Software] [HKLM\Software\Topala Software Solutions] [HKLM\Software\TrendMicro] [HKLM\Software\UlisesSoft] [HKLM\Software\VSO] [HKLM\Software\Veetle] [HKLM\Software\VideoLAN] [HKLM\Software\VirtualDJ] [HKLM\Software\Voice] [HKLM\Software\Volatile] [HKLM\Software\WebEx] [HKLM\Software\WinPcap] [HKLM\Software\WinRAR] [HKLM\Software\Wocarson] [HKLM\Software\Wow6432Node] [HKLM\Software\Xara] [HKLM\Software\ej-technologies] [HKLM\Software\mozilla.org] [HKLM\Software\proDAD] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 22/11/2010 - 12:23:16 - [3079667] ----D- C:\Program Files\7-Zip O43 - CFD: 28/02/2010 - 18:58:54 - [3928922] ----D- C:\Program Files\ACD Systems O43 - CFD: 27/06/2011 - 11:19:22 - [124639998] ----D- C:\Program Files\Ad-Remover O43 - CFD: 28/02/2010 - 18:59:02 - [241672417] ----D- C:\Program Files\Adobe O43 - CFD: 28/02/2010 - 18:59:56 - [197632603] ----D- C:\Program Files\AdorageI-GfxDatas O43 - CFD: 28/02/2010 - 18:59:56 - [2623436] ----D- C:\Program Files\AdorageI-SAL O43 - CFD: 28/02/2010 - 19:00:02 - [83015707] ----D- C:\Program Files\adslTV O43 - CFD: 05/05/2011 - 22:17:02 - [16127782] ----D- C:\Program Files\AirSnare O43 - CFD: 20/07/2011 - 22:48:14 - [1942157421] ----D- C:\Program Files\Android O43 - CFD: 01/04/2010 - 22:18:50 - [2306366] ----D- C:\Program Files\Apple Software Update O43 - CFD: 20/09/2010 - 14:13:04 - [2267423] ----D- C:\Program Files\AshongSoft O43 - CFD: 05/04/2011 - 21:39:12 - [2903234801] ----D- C:\Program Files\Autodesk O43 - CFD: 28/02/2010 - 19:00:02 - [613826] ----D- C:\Program Files\AVIcodec O43 - CFD: 31/12/2010 - 13:39:46 - [1279052] ----D- C:\Program Files\AviSynth 2.5 O43 - CFD: 02/04/2010 - 12:41:24 - [62870771] ----D- C:\Program Files\AVS4YOU O43 - CFD: 16/02/2011 - 15:59:14 - [297372000] ----D- C:\Program Files\Bayo O43 - CFD: 16/05/2010 - 18:05:10 - [600090] ----D- C:\Program Files\Bonjour O43 - CFD: 26/03/2010 - 20:51:50 - [354581] ----D- C:\Program Files\Boris FX, Inc O43 - CFD: 28/02/2010 - 19:00:02 - [400280] ----D- C:\Program Files\BVRP Software O43 - CFD: 05/05/2010 - 13:11:06 - [21039875] ----D- C:\Program Files\Bywifi O43 - CFD: 31/12/2010 - 15:21:54 - [3514104] ----D- C:\Program Files\CCleaner O43 - CFD: 20/07/2011 - 21:49:58 - [1695810659] ----D- C:\Program Files\Common Files O43 - CFD: 27/03/2010 - 01:11:32 - [0] ----D- C:\Program Files\COMODO O43 - CFD: 15/03/2011 - 11:25:54 - [7202991] ----D- C:\Program Files\Convar O43 - CFD: 11/01/2011 - 21:42:58 - [4582004] ----D- C:\Program Files\CyberMUT O43 - CFD: 28/02/2010 - 19:00:16 - [800824] ----D- C:\Program Files\DIFX O43 - CFD: 10/06/2011 - 14:20:48 - [1546094] ----D- C:\Program Files\Disk Checker O43 - CFD: 21/11/2010 - 21:17:24 - [30748184] ----D- C:\Program Files\DivX O43 - CFD: 23/03/2010 - 18:04:48 - [16] ----D- C:\Program Files\DMV O43 - CFD: 23/04/2010 - 10:36:18 - [69824090] ----D- C:\Program Files\Driver Checker O43 - CFD: 02/07/2011 - 12:55:24 - [83226644] ----D- C:\Program Files\DVD Maker O43 - CFD: 21/10/2010 - 09:24:06 - [69540284] ----D- C:\Program Files\EASEUS O43 - CFD: 01/05/2010 - 14:35:54 - [10906334] ----D- C:\Program Files\eMule O43 - CFD: 07/06/2010 - 14:25:02 - [5596027] ----D- C:\Program Files\EPSON O43 - CFD: 28/06/2011 - 09:58:46 - [53693203] ----D- C:\Program Files\ESET O43 - CFD: 05/05/2011 - 22:18:30 - [54778177] ----D- C:\Program Files\Ethereal O43 - CFD: 28/02/2010 - 19:00:16 - [10020691] ----D- C:\Program Files\ffdshow O43 - CFD: 28/02/2010 - 19:26:30 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 28/02/2010 - 19:00:16 - [865238] ----D- C:\Program Files\FLV Player O43 - CFD: 23/03/2010 - 18:07:36 - [4574753] ----D- C:\Program Files\Formosoft O43 - CFD: 18/04/2011 - 17:41:12 - [965933315] ----D- C:\Program Files\GdgFRCM2 O43 - CFD: 02/01/2011 - 14:32:02 - [65163996] ----D- C:\Program Files\Google O43 - CFD: 28/02/2010 - 20:24:34 - [72788197] ----D- C:\Program Files\Hercules O43 - CFD: 15/08/2010 - 23:42:58 - [9681892] ----D- C:\Program Files\Hotspot Shield O43 - CFD: 26/09/2010 - 18:43:00 - [5458785] ----D- C:\Program Files\HotSpot_Shield_FR O43 - CFD: 28/02/2010 - 19:00:18 - [2409916] ----D- C:\Program Files\ImgBurn O43 - CFD: 27/07/2011 - 17:59:26 - [96834815] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 02/07/2011 - 12:55:24 - [5898945] ----D- C:\Program Files\Internet Explorer O43 - CFD: 16/05/2010 - 18:09:46 - [1582707] ----D- C:\Program Files\iPod O43 - CFD: 18/05/2011 - 11:35:58 - [1677566] ----D- C:\Program Files\IrfanView O43 - CFD: 11/09/2010 - 09:08:02 - [127383063] ----D- C:\Program Files\iTunes O43 - CFD: 20/07/2011 - 22:45:44 - [349202815] ----D- C:\Program Files\Java O43 - CFD: 28/02/2010 - 19:00:36 - [51605484] ----D- C:\Program Files\JDownloader O43 - CFD: 28/02/2010 - 19:00:36 - [306461897] ----D- C:\Program Files\K!TV O43 - CFD: 28/02/2010 - 19:00:38 - [47509935] ----D- C:\Program Files\K-Lite Codec Pack O43 - CFD: 20/07/2011 - 10:57:58 - [99191513] ----D- C:\Program Files\Lavasoft O43 - CFD: 30/12/2010 - 20:05:14 - [33859208] ----D- C:\Program Files\MAGIX O43 - CFD: 02/03/2010 - 00:13:56 - [4187112] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 19/07/2010 - 18:05:48 - [2530872] ----D- C:\Program Files\MarkAny O43 - CFD: 14/07/2009 - 11:01:22 - [147813426] ----D- C:\Program Files\Microsoft Games O43 - CFD: 16/02/2011 - 15:31:16 - [73541575] ----D- C:\Program Files\Microsoft Money 2005 O43 - CFD: 02/07/2011 - 12:40:50 - [585436399] ----D- C:\Program Files\Microsoft Office O43 - CFD: 16/06/2011 - 13:31:32 - [38411899] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 28/02/2010 - 19:01:06 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 08/03/2010 - 23:58:22 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 08/03/2010 - 23:55:30 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 09/03/2010 - 11:37:46 - [3726168] ----D- C:\Program Files\Microsoft Works O43 - CFD: 05/04/2011 - 21:34:22 - [979309] ----D- C:\Program Files\Microsoft WSE O43 - CFD: 25/06/2010 - 17:59:22 - [8175999] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 29/03/2010 - 19:25:46 - [3346036] ----D- C:\Program Files\Mindscape O43 - CFD: 06/07/2009 - 14:52:32 - [0] ----D- C:\Program Files\Mobiola Web Camera 2 for S60 3rd Edition O43 - CFD: 10/03/2010 - 13:06:34 - [9338826] ----D- C:\Program Files\Movie Maker 2.6 O43 - CFD: 27/06/2011 - 12:04:42 - [174937570] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 08/03/2010 - 23:58:32 - [26521] ----D- C:\Program Files\MSBuild O43 - CFD: 01/03/2010 - 10:50:42 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 21/07/2010 - 15:41:04 - [10980822] ----D- C:\Program Files\MyFree Codec O43 - CFD: 16/02/2011 - 16:01:28 - [658223] ----D- C:\Program Files\Navirad O43 - CFD: 16/02/2011 - 16:01:22 - [658223] ----D- C:\Program Files\Navirad_UserTool O43 - CFD: 27/11/2010 - 19:28:34 - [425851276] ----D- C:\Program Files\Nero O43 - CFD: 16/02/2011 - 16:01:08 - [78202794] ----D- C:\Program Files\Nokia O43 - CFD: 02/03/2010 - 20:28:32 - [64035497] ----D- C:\Program Files\NVIDIA Corporation O43 - CFD: 23/07/2011 - 10:04:54 - [0] ----D- C:\Program Files\PC Connectivity Solution O43 - CFD: 25/04/2010 - 19:27:02 - [5196198] ----D- C:\Program Files\PC Drivers HeadQuarters O43 - CFD: 21/07/2011 - 21:20:02 - [0] ----D- C:\Program Files\PdaNet 4.12 O43 - CFD: 21/07/2011 - 21:20:30 - [3148090] ----D- C:\Program Files\PdaNet for Android O43 - CFD: 05/05/2011 - 05:12:24 - [16144860] ----D- C:\Program Files\PDF Enhancer 3.5 O43 - CFD: 28/09/2010 - 11:15:52 - [10863970] ----D- C:\Program Files\PDFCreator O43 - CFD: 28/02/2010 - 19:01:20 - [710051] ----D- C:\Program Files\Peer2Me O43 - CFD: 03/05/2010 - 10:02:22 - [5739669472] ----D- C:\Program Files\Pinnacle O43 - CFD: 28/02/2010 - 19:02:12 - [450452] ----D- C:\Program Files\PlayFLV O43 - CFD: 26/03/2010 - 16:36:16 - [72323617] ----D- C:\Program Files\proDAD O43 - CFD: 05/04/2011 - 22:45:08 - [92230903] ----D- C:\Program Files\PS3 Media Server O43 - CFD: 28/02/2010 - 19:02:22 - [48746834] ----D- C:\Program Files\Pure Networks O43 - CFD: 12/03/2010 - 11:35:50 - [21664725] ----D- C:\Program Files\QO Developments O43 - CFD: 25/04/2011 - 10:29:56 - [76482299] ----D- C:\Program Files\QuickTime O43 - CFD: 23/04/2010 - 11:58:44 - [10414706] ----D- C:\Program Files\Realtek O43 - CFD: 28/02/2010 - 19:02:24 - [7674692] ----D- C:\Program Files\Red Kawa O43 - CFD: 14/07/2009 - 06:52:32 - [39159041] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 27/07/2011 - 18:12:14 - [368592215] ----D- C:\Program Files\Samsung O43 - CFD: 28/02/2011 - 17:41:56 - [1167360] ----D- C:\Program Files\SDA O43 - CFD: 20/05/2011 - 10:28:48 - [33648329] ----D- C:\Program Files\SFR O43 - CFD: 26/03/2010 - 23:50:00 - [2626530] ----D- C:\Program Files\SIW O43 - CFD: 15/05/2011 - 19:10:12 - [26785407] R---D- C:\Program Files\Skype O43 - CFD: 13/11/2010 - 11:18:16 - [3378419] ----D- C:\Program Files\Smart Projects O43 - CFD: 30/12/2010 - 20:10:18 - [0] ----D- C:\Program Files\Softonic_France O43 - CFD: 17/06/2011 - 15:03:02 - [54881929] ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD: 20/07/2011 - 22:46:26 - [28627757] ----D- C:\Program Files\Sun O43 - CFD: 12/04/2010 - 14:09:06 - [39862607] ----D- C:\Program Files\Super Internet TV O43 - CFD: 28/02/2010 - 19:02:26 - [12951624] ----D- C:\Program Files\TeamViewer O43 - CFD: 10/04/2011 - 17:07:32 - [804318] ----D- C:\Program Files\trend micro O43 - CFD: 11/06/2011 - 09:01:22 - [9727596] ----D- C:\Program Files\Trojan Remover O43 - CFD: 11/09/2010 - 09:08:02 - [32594454] ----D- C:\Program Files\TuneUpMedia O43 - CFD: 20/07/2011 - 11:22:50 - [0] ----D- C:\Program Files\UlisesSoft O43 - CFD: 14/07/2009 - 06:53:24 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 03/06/2011 - 19:42:14 - [231967] ----D- C:\Program Files\Unlocker O43 - CFD: 06/06/2011 - 23:10:04 - [5249722] ----D- C:\Program Files\VBW O43 - CFD: 05/04/2011 - 11:21:06 - [10428379] ----D- C:\Program Files\Veetle O43 - CFD: 31/05/2010 - 18:03:14 - [17595405] ----D- C:\Program Files\VirtualDJ O43 - CFD: 29/08/2010 - 20:39:24 - [30585697] ----D- C:\Program Files\VSO O43 - CFD: 05/04/2011 - 10:35:14 - [68324857] ----D- C:\Program Files\Vuze O43 - CFD: 28/02/2010 - 19:02:28 - [3613615] ----D- C:\Program Files\WBFS O43 - CFD: 03/01/2011 - 15:35:26 - [20133465] ----D- C:\Program Files\Wii Game Manager O43 - CFD: 31/12/2010 - 12:43:26 - [41682274] R---D- C:\Program Files\Wild Media Server O43 - CFD: 28/02/2010 - 19:02:28 - [3042638] ----D- C:\Program Files\WinAVI Video Capture O43 - CFD: 02/07/2011 - 12:55:20 - [3050496] ----D- C:\Program Files\Windows Defender O43 - CFD: 02/07/2011 - 12:55:24 - [7013496] ----D- C:\Program Files\Windows Journal O43 - CFD: 17/05/2011 - 23:00:54 - [146141816] ----D- C:\Program Files\Windows Live O43 - CFD: 02/07/2011 - 12:55:24 - [6181376] ----D- C:\Program Files\Windows Mail O43 - CFD: 02/07/2011 - 12:55:24 - [6604034] ----D- C:\Program Files\Windows Media Player O43 - CFD: 28/02/2010 - 19:26:30 - [12197556] ----D- C:\Program Files\Windows NT O43 - CFD: 02/07/2011 - 12:55:22 - [4417800] ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 02/07/2011 - 12:55:24 - [189952] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 02/07/2011 - 12:55:24 - [6697786] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 05/05/2011 - 22:19:34 - [237572] ----D- C:\Program Files\WinPcap O43 - CFD: 28/02/2010 - 19:02:32 - [3525785] ----D- C:\Program Files\WinRAR O43 - CFD: 21/02/2011 - 13:06:44 - [735641] ----D- C:\Program Files\WorldUnlock Codes Calculator O43 - CFD: 27/03/2010 - 00:13:12 - [952027] ----D- C:\Program Files\XP TCPIP Repair O43 - CFD: 16/05/2011 - 11:35:14 - [4404809] ----D- C:\Program Files\Yakoo Manager O43 - CFD: 27/07/2011 - 18:22:16 - [3933486] ----D- C:\Program Files\ZHPDiag O43 - CFD: 18/08/2010 - 11:48:30 - [1044974] ----D- C:\Program Files\ZProDuCTioN O43 - CFD: 28/02/2010 - 19:00:04 - [7030206] ----D- C:\Program Files\Common Files\ACD Systems O43 - CFD: 28/02/2010 - 19:00:04 - [6280934] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 16/05/2010 - 18:09:46 - [111126976] ----D- C:\Program Files\Common Files\Apple O43 - CFD: 05/04/2011 - 21:36:58 - [553804516] ----D- C:\Program Files\Common Files\Autodesk Shared O43 - CFD: 02/04/2010 - 12:40:40 - [66720720] ----D- C:\Program Files\Common Files\AVSMedia O43 - CFD: 08/03/2010 - 23:58:22 - [92976] ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD: 12/03/2010 - 22:17:16 - [8058588] ----D- C:\Program Files\Common Files\DivX Shared O43 - CFD: 06/10/2010 - 13:49:04 - [7771989] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 27/06/2011 - 10:56:42 - [27202495] ----D- C:\Program Files\Common Files\Java O43 - CFD: 20/07/2011 - 21:49:58 - [114688] ----D- C:\Program Files\Common Files\JFTech O43 - CFD: 05/04/2011 - 21:28:50 - [1045491] ----D- C:\Program Files\Common Files\Macrovision Shared O43 - CFD: 16/04/2010 - 19:04:50 - [889967] ----D- C:\Program Files\Common Files\MAGIX Services O43 - CFD: 26/03/2010 - 15:19:10 - [7715099] ----D- C:\Program Files\Common Files\MAGIX Shared O43 - CFD: 17/05/2011 - 22:55:58 - [259960376] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 27/11/2010 - 19:30:04 - [135082248] ----D- C:\Program Files\Common Files\Nero O43 - CFD: 28/02/2010 - 19:00:12 - [90350906] ----D- C:\Program Files\Common Files\Nokia O43 - CFD: 03/05/2010 - 10:24:44 - [3385947] ----D- C:\Program Files\Common Files\Pinnacle O43 - CFD: 28/02/2010 - 19:00:12 - [39662567] ----D- C:\Program Files\Common Files\Pure Networks Shared O43 - CFD: 12/03/2010 - 22:17:44 - [3926944] ----D- C:\Program Files\Common Files\PX Storage Engine O43 - CFD: 23/07/2011 - 09:54:36 - [318389] ----D- C:\Program Files\Common Files\Samsung O43 - CFD: 14/07/2009 - 04:37:06 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 15/05/2011 - 19:09:54 - [2254216] ----D- C:\Program Files\Common Files\Skype O43 - CFD: 14/07/2009 - 04:37:06 - [41103783] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 18/04/2010 - 18:36:26 - [0] ----D- C:\Program Files\Common Files\Symantec Shared O43 - CFD: 09/03/2010 - 11:36:18 - [44307943] ----D- C:\Program Files\Common Files\System O43 - CFD: 28/02/2010 - 19:00:14 - [275764473] ----D- C:\Program Files\Common Files\Windows Live O43 - CFD: 17/04/2010 - 02:59:12 - [1835520] ----D- C:\Program Files\Common Files\xara O43 - CFD: 28/02/2010 - 19:02:32 - [26342] ----D- C:\ProgramData\ACD Systems O43 - CFD: 28/02/2010 - 19:02:32 - [78970619] ----D- C:\ProgramData\Adobe O43 - CFD: 19/07/2010 - 17:09:44 - [28] ----D- C:\ProgramData\animationEngine O43 - CFD: 19/03/2010 - 16:59:38 - [83518976] ----D- C:\ProgramData\Apple O43 - CFD: 19/03/2010 - 17:23:58 - [84844261] ----D- C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 05/04/2011 - 21:42:04 - [4001761] ----D- C:\ProgramData\Autodesk O43 - CFD: 02/04/2010 - 11:30:12 - [0] ----D- C:\ProgramData\AVS4YOU O43 - CFD: 28/02/2010 - 19:02:32 - [20] ----D- C:\ProgramData\Azureus O43 - CFD: 28/02/2010 - 19:26:30 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 21/10/2010 - 10:44:04 - [219782] ----D- C:\ProgramData\DivX O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 01/05/2010 - 14:36:12 - [0] ----D- C:\ProgramData\eMule O43 - CFD: 28/02/2010 - 19:02:32 - [166466] ----D- C:\ProgramData\EPSON O43 - CFD: 28/02/2010 - 19:02:32 - [236034218] ----D- C:\ProgramData\ESET O43 - CFD: 28/02/2010 - 19:26:30 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 05/04/2011 - 22:05:02 - [51205] ----D- C:\ProgramData\FLEXnet O43 - CFD: 05/07/2010 - 20:36:12 - [539844] ----D- C:\ProgramData\Google O43 - CFD: 28/02/2010 - 19:02:34 - [3166] ----D- C:\ProgramData\Installations O43 - CFD: 20/07/2011 - 11:07:40 - [407961646] ----D- C:\ProgramData\Lavasoft O43 - CFD: 30/12/2010 - 20:04:46 - [5895042] ----D- C:\ProgramData\MAGIX O43 - CFD: 02/03/2010 - 00:11:32 - [8810490] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 28/02/2010 - 19:26:30 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 17/05/2011 - 22:56:42 - [1963479431] -S--D- C:\ProgramData\Microsoft O43 - CFD: 14/07/2011 - 01:20:32 - [64194] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 28/02/2010 - 19:26:30 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 27/11/2010 - 19:28:34 - [5129316] ----D- C:\ProgramData\Nero O43 - CFD: 28/02/2010 - 19:02:46 - [137032916] ----D- C:\ProgramData\Nokia O43 - CFD: 28/02/2010 - 19:02:46 - [42852352] ----D- C:\ProgramData\NokiaMusic O43 - CFD: 18/04/2010 - 18:53:46 - [155] ----D- C:\ProgramData\Norton O43 - CFD: 16/04/2010 - 15:55:36 - [180901] ----D- C:\ProgramData\NortonInstaller O43 - CFD: 02/03/2010 - 20:29:40 - [2243565] ----D- C:\ProgramData\NVIDIA O43 - CFD: 28/02/2010 - 19:02:46 - [465501744] ----D- C:\ProgramData\OviInstallerCache O43 - CFD: 25/04/2010 - 19:27:02 - [7350] ----D- C:\ProgramData\PC Drivers HeadQuarters O43 - CFD: 28/02/2010 - 19:02:48 - [241395] ----D- C:\ProgramData\PC Suite O43 - CFD: 03/05/2010 - 10:23:10 - [177106345] ----D- C:\ProgramData\Pinnacle O43 - CFD: 28/02/2010 - 19:02:50 - [26436647] ----D- C:\ProgramData\Pinnacle Studio O43 - CFD: 03/05/2010 - 10:23:40 - [76736] ----D- C:\ProgramData\Pinnacle Studio Ultimate O43 - CFD: 28/02/2010 - 19:02:50 - [245202017] ----D- C:\ProgramData\Pure Networks O43 - CFD: 28/02/2010 - 19:02:50 - [10299] ----D- C:\ProgramData\QuickTime O43 - CFD: 23/07/2011 - 10:06:02 - [3673455] ----D- C:\ProgramData\Samsung O43 - CFD: 20/05/2011 - 10:28:54 - [24] ----D- C:\ProgramData\SFR O43 - CFD: 11/06/2011 - 09:01:16 - [7513077] ----D- C:\ProgramData\Simply Super Software O43 - CFD: 15/05/2011 - 19:09:50 - [68820617] ----D- C:\ProgramData\Skype O43 - CFD: 20/06/2011 - 10:39:26 - [9920498] ----D- C:\ProgramData\Skype Extras O43 - CFD: 19/07/2011 - 22:47:36 - [100995376] ----D- C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 27/10/2010 - 13:59:26 - [294] ----D- C:\ProgramData\Sun O43 - CFD: 18/04/2010 - 18:53:44 - [155] ----D- C:\ProgramData\Symantec O43 - CFD: 27/06/2011 - 11:04:28 - [0] ---AD- C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 11/09/2010 - 09:08:02 - [104855] ----D- C:\ProgramData\TuneUpMedia O43 - CFD: 28/02/2010 - 19:02:54 - [26483325] ----D- C:\ProgramData\webex O43 - CFD: 31/12/2010 - 12:47:36 - [63736] ----D- C:\ProgramData\Wild Media Server O43 - CFD: 05/05/2011 - 23:15:24 - [140764] ----D- C:\ProgramData\WindSolutions O43 - CFD: 20/07/2011 - 10:58:18 - [27050867] --H-D- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620} O43 - CFD: 01/04/2010 - 22:23:46 - [541235] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} O43 - CFD: 19/03/2010 - 17:24:36 - [5062] ----D- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD} O43 - CFD: 28/02/2010 - 19:10:36 - [45230567] ----D- C:\Users\yannick\AppData\Roaming\ACD Systems O43 - CFD: 28/02/2010 - 19:10:36 - [7249010] ----D- C:\Users\yannick\AppData\Roaming\Adobe O43 - CFD: 19/03/2010 - 17:47:38 - [177772] ----D- C:\Users\yannick\AppData\Roaming\Apple Computer O43 - CFD: 05/04/2011 - 22:14:10 - [9396832] ----D- C:\Users\yannick\AppData\Roaming\Autodesk O43 - CFD: 02/04/2010 - 13:05:28 - [69359] ----D- C:\Users\yannick\AppData\Roaming\AVS4YOU O43 - CFD: 19/07/2011 - 22:47:32 - [39645224] ----D- C:\Users\yannick\AppData\Roaming\Azureus O43 - CFD: 21/10/2010 - 10:23:02 - [16440] ----D- C:\Users\yannick\AppData\Roaming\DivX O43 - CFD: 02/03/2010 - 19:25:08 - [23918] ----D- C:\Users\yannick\AppData\Roaming\Download Manager O43 - CFD: 27/07/2011 - 18:04:06 - [30167669] ----D- C:\Users\yannick\AppData\Roaming\Dropbox O43 - CFD: 30/06/2011 - 10:15:08 - [199] ----D- C:\Users\yannick\AppData\Roaming\dvdcss O43 - CFD: 05/06/2011 - 21:54:28 - [478434] ----D- C:\Users\yannick\AppData\Roaming\EPSON O43 - CFD: 05/05/2011 - 22:19:24 - [2064] ----D- C:\Users\yannick\AppData\Roaming\Ethereal O43 - CFD: 09/05/2011 - 14:10:08 - [2113] ----D- C:\Users\yannick\AppData\Roaming\GetRightToGo O43 - CFD: 05/07/2010 - 20:38:10 - [34529] ----D- C:\Users\yannick\AppData\Roaming\Google O43 - CFD: 28/02/2010 - 19:42:06 - [0] ----D- C:\Users\yannick\AppData\Roaming\Identities O43 - CFD: 28/02/2010 - 19:10:40 - [1557327] ----D- C:\Users\yannick\AppData\Roaming\ImgBurn O43 - CFD: 28/02/2010 - 19:10:40 - [0] ----D- C:\Users\yannick\AppData\Roaming\InstallShield O43 - CFD: 18/05/2011 - 11:35:58 - [837] ----D- C:\Users\yannick\AppData\Roaming\IrfanView O43 - CFD: 28/02/2010 - 19:10:40 - [8932] ----D- C:\Users\yannick\AppData\Roaming\Macromedia O43 - CFD: 17/04/2010 - 02:59:36 - [17441] ----D- C:\Users\yannick\AppData\Roaming\MAGIX O43 - CFD: 02/03/2010 - 00:11:54 - [14723827] ----D- C:\Users\yannick\AppData\Roaming\Malwarebytes O43 - CFD: 23/03/2010 - 18:06:46 - [4271019] ----D- C:\Users\yannick\AppData\Roaming\MaxTV Technologies O43 - CFD: 14/07/2009 - 11:00:34 - [0] ----D- C:\Users\yannick\AppData\Roaming\Media Center Programs O43 - CFD: 03/06/2011 - 20:28:28 - [0] ----D- C:\Users\yannick\AppData\Roaming\Media Player Classic O43 - CFD: 18/01/2011 - 14:22:14 - [85810961] -S--D- C:\Users\yannick\AppData\Roaming\Microsoft O43 - CFD: 05/05/2011 - 05:01:34 - [0] ----D- C:\Users\yannick\AppData\Roaming\Microsoft-Win O43 - CFD: 03/10/2010 - 15:07:10 - [123737813] ----D- C:\Users\yannick\AppData\Roaming\Mozilla O43 - CFD: 27/11/2010 - 19:36:12 - [89418] ----D- C:\Users\yannick\AppData\Roaming\Nero O43 - CFD: 28/02/2010 - 19:10:56 - [70340889] ----D- C:\Users\yannick\AppData\Roaming\Nokia O43 - CFD: 28/02/2010 - 19:10:56 - [28306] ----D- C:\Users\yannick\AppData\Roaming\Nokia Ovi Suite O43 - CFD: 28/02/2010 - 19:10:56 - [10569977] ----D- C:\Users\yannick\AppData\Roaming\PC Suite O43 - CFD: 28/09/2010 - 11:02:16 - [3136] ----D- C:\Users\yannick\AppData\Roaming\PlayerPlug O43 - CFD: 01/04/2011 - 20:55:24 - [2116432] ----D- C:\Users\yannick\AppData\Roaming\PMS O43 - CFD: 22/04/2010 - 23:24:40 - [43971] ----D- C:\Users\yannick\AppData\Roaming\Pouchin TV Mod O43 - CFD: 26/03/2010 - 20:54:50 - [0] ----D- C:\Users\yannick\AppData\Roaming\proDAD O43 - CFD: 28/09/2010 - 11:02:16 - [15821] ----D- C:\Users\yannick\AppData\Roaming\PropMgrAsync O43 - CFD: 23/07/2011 - 10:05:38 - [16563444] ----D- C:\Users\yannick\AppData\Roaming\Samsung O43 - CFD: 11/06/2011 - 09:01:16 - [0] ----D- C:\Users\yannick\AppData\Roaming\Simply Super Software O43 - CFD: 20/06/2011 - 18:28:06 - [4906787] ----D- C:\Users\yannick\AppData\Roaming\Skype O43 - CFD: 20/06/2011 - 16:09:26 - [21600] ----D- C:\Users\yannick\AppData\Roaming\skypePM O43 - CFD: 28/02/2010 - 19:10:58 - [800] ----D- C:\Users\yannick\AppData\Roaming\TeamViewer O43 - CFD: 05/05/2011 - 23:03:50 - [626] ----D- C:\Users\yannick\AppData\Roaming\TuneUpMedia O43 - CFD: 12/03/2010 - 23:24:34 - [1530648] ----D- C:\Users\yannick\AppData\Roaming\VitySoft O43 - CFD: 28/06/2010 - 16:59:40 - [443535] ----D- C:\Users\yannick\AppData\Roaming\vlc O43 - CFD: 29/10/2010 - 15:58:48 - [8768] ----D- C:\Users\yannick\AppData\Roaming\VSO O43 - CFD: 07/11/2010 - 18:20:02 - [594] ----D- C:\Users\yannick\AppData\Roaming\widestream O43 - CFD: 22/06/2010 - 22:31:40 - [0] ----D- C:\Users\yannick\AppData\Roaming\windows32 O43 - CFD: 05/05/2011 - 23:15:58 - [1570732] ----D- C:\Users\yannick\AppData\Roaming\WindSolutions O43 - CFD: 23/10/2009 - 17:20:12 - [0] ----D- C:\Users\yannick\AppData\Roaming\WinRAR O43 - CFD: 28/02/2010 - 19:10:24 - [0] ----D- C:\Users\yannick\AppData\Local\ACDSee O43 - CFD: 28/02/2010 - 19:10:24 - [48053805] ----D- C:\Users\yannick\AppData\Local\Adobe O43 - CFD: 27/11/2010 - 19:37:00 - [1307770] ----D- C:\Users\yannick\AppData\Local\Ahead O43 - CFD: 19/03/2010 - 17:00:44 - [0] ----D- C:\Users\yannick\AppData\Local\Apple O43 - CFD: 19/03/2010 - 18:27:58 - [4487269] ----D- C:\Users\yannick\AppData\Local\Apple Computer O43 - CFD: 28/02/2010 - 18:57:24 - [0] -SH-D- C:\Users\yannick\AppData\Local\Application Data O43 - CFD: 05/04/2011 - 21:42:22 - [7851007] ----D- C:\Users\yannick\AppData\Local\Autodesk O43 - CFD: 20/07/2011 - 21:42:32 - [62336] ----D- C:\Users\yannick\AppData\Local\Diagnostics O43 - CFD: 23/07/2011 - 10:04:04 - [447357553] ----D- C:\Users\yannick\AppData\Local\Downloaded Installations O43 - CFD: 13/03/2011 - 14:02:48 - [0] ----D- C:\Users\yannick\AppData\Local\ElevatedDiagnostics O43 - CFD: 01/05/2010 - 14:45:32 - [69195] ----D- C:\Users\yannick\AppData\Local\eMule O43 - CFD: 28/02/2010 - 19:10:24 - [588661729] ----D- C:\Users\yannick\AppData\Local\ESET O43 - CFD: 07/07/2011 - 22:57:28 - [33322] ----D- C:\Users\yannick\AppData\Local\Google O43 - CFD: 28/02/2010 - 18:57:24 - [0] -SH-D- C:\Users\yannick\AppData\Local\Historique O43 - CFD: 28/02/2010 - 19:10:24 - [2930] ----D- C:\Users\yannick\AppData\Local\IsolatedStorage O43 - CFD: 23/03/2010 - 18:08:02 - [1146314] ----D- C:\Users\yannick\AppData\Local\MaxTV Technologies O43 - CFD: 17/05/2011 - 23:15:56 - [9575174665] ----D- C:\Users\yannick\AppData\Local\Microsoft O43 - CFD: 31/03/2010 - 11:47:46 - [1025834] ----D- C:\Users\yannick\AppData\Local\Microsoft Games O43 - CFD: 19/01/2011 - 17:34:50 - [446548] ----D- C:\Users\yannick\AppData\Local\Microsoft Help O43 - CFD: 28/02/2010 - 19:10:30 - [174806993] ----D- C:\Users\yannick\AppData\Local\Mozilla O43 - CFD: 28/02/2010 - 19:10:32 - [14856] ----D- C:\Users\yannick\AppData\Local\Neuf O43 - CFD: 16/07/2010 - 15:33:56 - [32737809] ----D- C:\Users\yannick\AppData\Local\Nokia O43 - CFD: 28/02/2010 - 19:10:34 - [269] ----D- C:\Users\yannick\AppData\Local\NokiaAccount O43 - CFD: 25/04/2010 - 19:27:42 - [4229] ----D- C:\Users\yannick\AppData\Local\PC_Drivers_Headquarters O43 - CFD: 03/05/2010 - 10:23:58 - [6843] ----D- C:\Users\yannick\AppData\Local\Pinnacle O43 - CFD: 23/07/2011 - 10:06:36 - [6737] ----D- C:\Users\yannick\AppData\Local\Samsung O43 - CFD: 20/05/2011 - 10:28:52 - [1943616] ----D- C:\Users\yannick\AppData\Local\SFR O43 - CFD: 20/07/2011 - 10:59:40 - [0] ----D- C:\Users\yannick\AppData\Local\Sunbelt Software O43 - CFD: 12/04/2010 - 14:17:42 - [9080] ----D- C:\Users\yannick\AppData\Local\Super Internet TV O43 - CFD: 27/07/2011 - 18:21:32 - [402947630] ----D- C:\Users\yannick\AppData\Local\temp O43 - CFD: 28/02/2010 - 18:57:24 - [0] -SH-D- C:\Users\yannick\AppData\Local\Temporary Internet Files O43 - CFD: 09/06/2011 - 13:22:18 - [317264204] ----D- C:\Users\yannick\AppData\Local\VirtualStore O43 - CFD: 28/02/2010 - 19:10:34 - [2913] ----D- C:\Users\yannick\AppData\Local\WBFSManager O43 - CFD: 30/12/2010 - 21:24:58 - [417423] ----D- C:\Users\yannick\AppData\Local\widestream6 Air O43 - CFD: 31/12/2010 - 12:43:36 - [13537159] ----D- C:\Users\yannick\AppData\Local\Wild Media Server O43 - CFD: 30/05/2011 - 18:13:22 - [69632] ----D- C:\Users\yannick\AppData\Local\Windows Live O43 - CFD: 24/11/2009 - 17:23:12 - [0] ----D- C:\Users\yannick\AppData\Local\WMTools Downloaded Files O43 - CFD: 12/03/2010 - 10:44:36 - [0] ----D- C:\Users\yannick\AppData\Local\Xara O43 - CFD: 21/06/2011 - 10:17:24 - [0] ----D- C:\Users\yannick\AppData\Local\{076BDDBA-A5FC-4348-B450-6A94EDCA9C57} O43 - CFD: 27/06/2011 - 09:30:40 - [0] ----D- C:\Users\yannick\AppData\Local\{0874C27A-628F-4173-83EC-B2491DBCCB1A} O43 - CFD: 17/07/2011 - 22:30:38 - [0] ----D- C:\Users\yannick\AppData\Local\{0CAB23EA-43AE-4FA0-BA90-9B3D00CF9E26} O43 - CFD: 26/05/2011 - 12:55:08 - [0] ----D- C:\Users\yannick\AppData\Local\{11BEA477-2D1D-422F-8F61-728289464D50} O43 - CFD: 16/07/2011 - 10:28:48 - [0] ----D- C:\Users\yannick\AppData\Local\{1288685F-6E95-4A3D-80BC-0BBC1F535CC0} O43 - CFD: 20/05/2011 - 22:00:04 - [0] ----D- C:\Users\yannick\AppData\Local\{1346A08F-C00F-4779-888C-E225A1E2A7EE} O43 - CFD: 25/05/2011 - 13:12:56 - [0] ----D- C:\Users\yannick\AppData\Local\{1648AC1F-9344-4A76-8AC7-DEF282869CC5} O43 - CFD: 20/06/2011 - 10:02:34 - [0] ----D- C:\Users\yannick\AppData\Local\{1655E6A9-2342-41C9-9F36-6ED6F476386C} O43 - CFD: 29/06/2011 - 10:43:38 - [0] ----D- C:\Users\yannick\AppData\Local\{17E8B8A9-C54A-4787-A996-251BFD6C2FEC} O43 - CFD: 29/05/2011 - 12:38:22 - [0] ----D- C:\Users\yannick\AppData\Local\{1B1025F4-17D2-4771-B063-291FB66E367E} O43 - CFD: 23/07/2011 - 08:36:44 - [0] ----D- C:\Users\yannick\AppData\Local\{1B6D6E12-646A-420B-B915-2429423C96C0} O43 - CFD: 22/05/2011 - 10:01:28 - [0] ----D- C:\Users\yannick\AppData\Local\{1C536457-0A97-400C-BDC7-B15EAB2FEC9D} O43 - CFD: 24/06/2011 - 10:28:08 - [0] ----D- C:\Users\yannick\AppData\Local\{1CE94DEA-D382-4F44-8894-3F089DDE3DFC} O43 - CFD: 28/06/2011 - 21:36:24 - [0] ----D- C:\Users\yannick\AppData\Local\{2342D751-A405-4BD2-A85B-0347C0855B10} O43 - CFD: 18/07/2011 - 23:58:06 - [0] ----D- C:\Users\yannick\AppData\Local\{2DE8CEB3-FAEE-4741-B32B-E8C695A60C98} O43 - CFD: 20/06/2011 - 22:03:02 - [0] ----D- C:\Users\yannick\AppData\Local\{2E7C8D1E-697A-4CD5-91B1-0B0525B18FD7} O43 - CFD: 07/07/2011 - 14:10:04 - [0] ----D- C:\Users\yannick\AppData\Local\{3049CA21-BAAA-489D-8894-4B2FDBACCDC8} O43 - CFD: 14/07/2011 - 22:25:28 - [0] ----D- C:\Users\yannick\AppData\Local\{31AA3E65-86E4-4206-9CCD-85BAB42882EF} O43 - CFD: 28/02/2010 - 19:10:34 - [11212800] ----D- C:\Users\yannick\AppData\Local\{3248F0A6-6813-11D6-A77B-00B0D0150010} O43 - CFD: 03/06/2011 - 14:06:48 - [0] ----D- C:\Users\yannick\AppData\Local\{33F5090D-AD67-4342-9E87-D2709B988D99} O43 - CFD: 15/06/2011 - 11:40:20 - [0] ----D- C:\Users\yannick\AppData\Local\{34E3C1FC-8453-4C99-8E73-E69DC83AA8B2} O43 - CFD: 24/05/2011 - 02:06:58 - [0] ----D- C:\Users\yannick\AppData\Local\{36F024B2-03BF-458F-AB77-2F3FE116EF77} O43 - CFD: 06/06/2011 - 21:33:30 - [0] ----D- C:\Users\yannick\AppData\Local\{3B384612-A936-437E-8BC2-C54C7F63CD6D} O43 - CFD: 13/06/2011 - 11:46:48 - [0] ----D- C:\Users\yannick\AppData\Local\{46B198F6-064E-4849-934A-E3A6951E4FAB} O43 - CFD: 13/07/2011 - 10:23:42 - [0] ----D- C:\Users\yannick\AppData\Local\{4960A997-601F-4E8F-97B4-E909C1715F46} O43 - CFD: 16/07/2011 - 22:29:24 - [0] ----D- C:\Users\yannick\AppData\Local\{4B2DA125-901C-40D6-A3D8-73BCC5633F0D} O43 - CFD: 08/07/2011 - 12:31:18 - [0] ----D- C:\Users\yannick\AppData\Local\{4D21E2E9-D5E7-4E28-B422-CA98474B4312} O43 - CFD: 30/05/2011 - 23:29:44 - [0] ----D- C:\Users\yannick\AppData\Local\{500B569C-22AD-4DE5-A6ED-23168AD8194E} O43 - CFD: 20/07/2011 - 10:15:18 - [0] ----D- C:\Users\yannick\AppData\Local\{5272B766-03C7-47AB-9FB9-30B00845920A} O43 - CFD: 26/06/2011 - 13:42:28 - [0] ----D- C:\Users\yannick\AppData\Local\{5447FB88-ECDD-453A-B36B-BB37B290F7A4} O43 - CFD: 05/07/2011 - 13:04:00 - [0] ----D- C:\Users\yannick\AppData\Local\{593DCC86-173A-46A0-BEBB-644C18512244} O43 - CFD: 12/07/2011 - 22:11:26 - [0] ----D- C:\Users\yannick\AppData\Local\{64801F3C-970A-433C-9C7C-2567B4FB4D45} O43 - CFD: 28/05/2011 - 13:46:36 - [0] ----D- C:\Users\yannick\AppData\Local\{6567887C-3CC8-4354-9C95-59CA56906BA7} O43 - CFD: 29/06/2011 - 22:44:18 - [0] ----D- C:\Users\yannick\AppData\Local\{6912AD40-AD22-46DA-BD2E-5373C728E8FF} O43 - CFD: 03/07/2011 - 19:16:42 - [0] ----D- C:\Users\yannick\AppData\Local\{69630994-035B-488A-AADE-32612BA044E4} O43 - CFD: 31/05/2011 - 12:29:42 - [0] ----D- C:\Users\yannick\AppData\Local\{6C5B10A6-7FC1-46B0-AC93-946A4BA4EAA3} O43 - CFD: 23/06/2011 - 14:47:10 - [0] ----D- C:\Users\yannick\AppData\Local\{6D06FE0E-10AF-4D35-8729-17BC55893ECF} O43 - CFD: 22/07/2011 - 14:39:54 - [0] ----D- C:\Users\yannick\AppData\Local\{70682F62-2646-4BF8-83C9-759ACD0B8573} O43 - CFD: 11/07/2011 - 21:33:34 - [0] ----D- C:\Users\yannick\AppData\Local\{70F180DF-49BD-432C-A0C1-5AF572B20590} O43 - CFD: 14/07/2011 - 10:24:50 - [0] ----D- C:\Users\yannick\AppData\Local\{75AF769A-7D68-4627-81B2-19ECFEF278A0} O43 - CFD: 10/07/2011 - 19:49:54 - [0] ----D- C:\Users\yannick\AppData\Local\{79533932-FC6A-4FD1-8D19-F04E2D85162D} O43 - CFD: 28/06/2011 - 09:35:48 - [0] ----D- C:\Users\yannick\AppData\Local\{7A0783AB-0EF4-440F-93CA-BA55B5DB19D8} O43 - CFD: 10/06/2011 - 17:11:16 - [0] ----D- C:\Users\yannick\AppData\Local\{8741DEA4-DF9D-4346-B7FE-343DBD0EFDF4} O43 - CFD: 26/07/2011 - 01:16:48 - [0] ----D- C:\Users\yannick\AppData\Local\{87D60F1F-21AF-49C9-A26C-78F89F7757B3} O43 - CFD: 02/06/2011 - 22:25:54 - [0] ----D- C:\Users\yannick\AppData\Local\{8AA15472-7E30-4C2C-96BD-96B9CDEE4A69} O43 - CFD: 21/07/2011 - 10:25:40 - [0] ----D- C:\Users\yannick\AppData\Local\{8F69D220-E733-4BCB-B6BD-6CF103921842} O43 - CFD: 09/06/2011 - 15:28:46 - [0] ----D- C:\Users\yannick\AppData\Local\{900A8DA6-F9AE-4B54-B2D2-87C471656B41} O43 - CFD: 30/05/2011 - 11:29:20 - [0] ----D- C:\Users\yannick\AppData\Local\{91EB5AC8-375D-44F7-A44A-D152D383AFBF} O43 - CFD: 26/07/2011 - 13:17:24 - [0] ----D- C:\Users\yannick\AppData\Local\{9596A200-4883-4BE1-9094-7271FD821001} O43 - CFD: 27/05/2011 - 18:56:54 - [0] ----D- C:\Users\yannick\AppData\Local\{95B83BA0-4682-4B44-8C38-B8E340D338B0} O43 - CFD: 11/06/2011 - 08:48:26 - [0] ----D- C:\Users\yannick\AppData\Local\{96F1829E-4676-4607-B610-45764290BF68} O43 - CFD: 24/07/2011 - 19:02:20 - [0] ----D- C:\Users\yannick\AppData\Local\{99FD7871-1A34-48AD-8619-7F18BE463E6A} O43 - CFD: 25/06/2011 - 21:39:20 - [0] ----D- C:\Users\yannick\AppData\Local\{9D5F9AD6-1D09-4042-AC15-76020A094EEA} O43 - CFD: 30/06/2011 - 11:17:10 - [0] ----D- C:\Users\yannick\AppData\Local\{A1C1FF5E-35D8-4B4B-B6AC-1026FCB8A647} O43 - CFD: 13/07/2011 - 22:24:06 - [0] ----D- C:\Users\yannick\AppData\Local\{A661BCF8-207E-4E84-A83D-6D67BFEC030D} O43 - CFD: 22/06/2011 - 09:31:20 - [0] ----D- C:\Users\yannick\AppData\Local\{B186A29B-511C-4A3A-8C5C-6893FCC923B2} O43 - CFD: 20/05/2011 - 09:59:14 - [0] ----D- C:\Users\yannick\AppData\Local\{B259097B-E027-4E80-996B-04C687BF175E} O43 - CFD: 01/07/2011 - 09:37:56 - [0] ----D- C:\Users\yannick\AppData\Local\{B68C7A0E-5753-467D-BA92-6DB2F8F6BC7E} O43 - CFD: 15/07/2011 - 22:28:12 - [0] ----D- C:\Users\yannick\AppData\Local\{B7BD7E50-98BC-469F-91CB-7E01CC313015} O43 - CFD: 17/06/2011 - 12:58:14 - [0] ----D- C:\Users\yannick\AppData\Local\{BE67B8C2-A708-4E65-8072-6311A36B4DA0} O43 - CFD: 06/07/2011 - 12:49:40 - [0] ----D- C:\Users\yannick\AppData\Local\{C3F7478E-D935-4474-8CB0-50404FEC5144} O43 - CFD: 27/06/2011 - 21:31:16 - [0] ----D- C:\Users\yannick\AppData\Local\{C8E8989C-23AB-40FA-B227-636D7C8D0518} O43 - CFD: 02/06/2011 - 10:25:18 - [0] ----D- C:\Users\yannick\AppData\Local\{C9AE8A31-8A7F-46F6-B2B7-C8C82142D571} O43 - CFD: 04/06/2011 - 22:34:14 - [0] ----D- C:\Users\yannick\AppData\Local\{CC1A55BA-997E-4460-87E4-C9D697477B41} O43 - CFD: 18/07/2011 - 11:57:30 - [0] ----D- C:\Users\yannick\AppData\Local\{D1A26C95-8BBE-444B-9A79-EFE9DF263A84} O43 - CFD: 19/06/2011 - 10:50:12 - [0] ----D- C:\Users\yannick\AppData\Local\{D4954405-FB9B-4EB8-AF82-664B3250BFBA} O43 - CFD: 17/07/2011 - 10:30:00 - [0] ----D- C:\Users\yannick\AppData\Local\{DDEFE43F-DDE4-4724-B2C0-ECACDA5A3520} O43 - CFD: 18/06/2011 - 22:49:38 - [0] ----D- C:\Users\yannick\AppData\Local\{E2171454-C220-4D77-8643-59A8CDF6CC56} O43 - CFD: 24/05/2011 - 14:07:34 - [0] ----D- C:\Users\yannick\AppData\Local\{E476FE44-2E74-42A1-924C-6BEABA55183A} O43 - CFD: 02/07/2011 - 11:49:36 - [0] ----D- C:\Users\yannick\AppData\Local\{E58ABC42-4A8A-4B59-9CEF-53907E38E859} O43 - CFD: 04/07/2011 - 15:42:02 - [0] ----D- C:\Users\yannick\AppData\Local\{EB4B080B-DB85-4232-85F8-8B2E15E714EE} O43 - CFD: 23/06/2011 - 02:46:34 - [0] ----D- C:\Users\yannick\AppData\Local\{ED79CF77-4010-4F39-8BD5-FA9B5492EA57} O43 - CFD: 16/06/2011 - 12:58:20 - [0] ----D- C:\Users\yannick\AppData\Local\{F4768F20-67A9-4B10-ADCA-4A8E0143C5BB} O43 - CFD: 19/07/2011 - 11:58:42 - [0] ----D- C:\Users\yannick\AppData\Local\{F664E406-F9DC-4988-A0AC-FEF69EF6EADC} O43 - CFD: 27/07/2011 - 13:01:36 - [0] ----D- C:\Users\yannick\AppData\Local\{F7525F0B-E062-4CDB-9EC2-E47F3DE42CFC} O43 - CFD: 01/06/2011 - 22:24:40 - [0] ----D- C:\Users\yannick\AppData\Local\{F8DB479A-BAD9-4BD2-AFCD-78EC389C67B1} O43 - CFD: 14/06/2011 - 12:56:48 - [0] ----D- C:\Users\yannick\AppData\Local\{FDE7BBD3-662A-4489-A4D9-1C595D87426C} ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.4AEE74018FF8D54E720D3168E9193092] - 27/07/2011 - 17:05:59 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1483323] O44 - LFC:[MD5.17E3A6F4A93B730B2EC5F9E0C2342809] - 27/07/2011 - 17:03:10 ---A- . (...) -- C:\Windows\System32\http_ss.log [46550999] O44 - LFC:[MD5.BDB2BFA28145B8123E1C14B126A3C4AF] - 27/07/2011 - 17:03:05 ---A- . (...) -- C:\Windows\setupact.log [62880] O44 - LFC:[MD5.D743A549768F83E4D2AA8D53FD8275A8] - 27/07/2011 - 17:03:01 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.20C44454EB3A7BA5CF71BEF4E6BFDD48] - 27/07/2011 - 17:02:56 ---A- . (...) -- C:\aaw7boot.log [3775] O44 - LFC:[MD5.8A4AC45DD9CDCCFEE517C25EB5233C8B] - 27/07/2011 - 17:01:20 ---A- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [27296] O44 - LFC:[MD5.8A4AC45DD9CDCCFEE517C25EB5233C8B] - 27/07/2011 - 17:01:19 ---A- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [27296] O44 - LFC:[MD5.571E0DD2C7FB16C94F1830472D9F1956] - 25/07/2011 - 16:13:09 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1694330] O44 - LFC:[MD5.2E8C4E2B21FBBC51DE7C31DD774E3346] - 25/07/2011 - 16:13:09 ---A- . (...) -- C:\Windows\System32\perfc009.dat [125316] O44 - LFC:[MD5.B69BD6ABEA2D881F116E1F820A3ED64A] - 25/07/2011 - 16:13:09 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [153054] O44 - LFC:[MD5.5D2CFD6D28810A5220609CEAB0DDB985] - 25/07/2011 - 16:13:09 ---A- . (...) -- C:\Windows\System32\perfh009.dat [663380] O44 - LFC:[MD5.00458ABD2BA4B82B3AC54885D133693B] - 25/07/2011 - 16:13:09 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [756350] O44 - LFC:[MD5.CB17A47D090938A02DACB066D6D5A124] - 24/07/2011 - 18:09:33 ---A- . (...) -- C:\Windows\System32\rp_rules.dat [44] O44 - LFC:[MD5.8A3D5B46FF8C9CED46304F1EBB5F9AFE] - 24/07/2011 - 18:09:33 ---A- . (...) -- C:\Windows\System32\rp_stats.dat [64] O44 - LFC:[MD5.37655385D1CF8560A52027B8008FAE0E] - 23/07/2011 - 09:06:11 ---A- . (.Devguru Co., Ltd. - Device Error Recovery SDK(x86).) -- C:\Windows\System32\dgderapi.dll [821824] O44 - LFC:[MD5.1667A0F0E7161176DB6AB4ECACF4E307] - 23/07/2011 - 08:54:33 ---A- . (...) -- C:\aqua_bitmap.cpp [2006] O44 - LFC:[MD5.0505DA5D357F18A5D42FC5DEDE6BC9A0] - 20/07/2011 - 10:07:37 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\System32\drivers\SBREDrv.sys [101720] O44 - LFC:[MD5.71ABEFEDA90E159FD56937943EE745DB] - 20/07/2011 - 10:07:34 ---A- . (...) -- C:\Windows\System32\lsdelete.exe [16432] O44 - LFC:[MD5.336ABE8721CBC3110F1C6426DA633417] - 20/07/2011 - 10:07:23 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\Windows\System32\drivers\Lbd.sys [64512] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 20/07/2011 - 09:13:52 ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.518318A103C888001054EFA1236E5033] - 02/07/2011 - 11:18:44 ---A- . (.Microsoft Corporation - Bibliothèque d'assistance au déploiement de.) -- C:\Windows\System32\dfshim.dll [1130824] O44 - LFC:[MD5.A04C06A2142226D79DDA75920A496243] - 02/07/2011 - 11:18:32 ---A- . (.Pas de propriétaire - RemoteFX Helper.) -- C:\Windows\System32\RDVGHelper.exe [80896] O44 - LFC:[MD5.C9FB8C3D650EF8BD76865EC20A19A5BC] - 02/07/2011 - 11:17:54 ---A- . (.Microsoft - Filtre du convertisseur RDP (redirecteur).) -- C:\Windows\System32\DShowRdpFilter.dll [252928] O44 - LFC:[MD5.39B9273CA01364E115B464416CFB729B] - 02/07/2011 - 11:17:13 ---A- . (.Microsoft - robocopy.) -- C:\Windows\System32\Robocopy.exe [98816] O44 - LFC:[MD5.737AFC772243C75E6AD17A7A8E8E23F9] - 02/07/2011 - 11:16:49 ---A- . (.Windows ® Codename Longhorn DDK provider - Services de gestion des polices.) -- C:\Windows\System32\fms.dll [93696] O44 - LFC:[MD5.163A95975E1D8819E653AA3E961371CA] - 02/07/2011 - 11:16:43 ---A- . (.Twain Working Group - Gestionnaire de sources Twain_32 (Image Acq.) -- C:\Windows\twain_32.dll [51200] O44 - LFC:[MD5.EB6C16CE0163AD282E95FCE5EE9BA518] - 02/07/2011 - 11:16:23 ---A- . (.Pas de propriétaire - Application PrintBrm.) -- C:\Windows\System32\PrintBrmUi.exe [66048] O44 - LFC:[MD5.1DE21EC4A2232FF4F5298ADCAE7B3690] - 02/07/2011 - 11:16:19 ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll [82944] O44 - LFC:[MD5.03783D0840B2C54D7665248425C74417] - 20/11/2010 - 06:23:54 ---A- . (...) -- C:\Windows\System32\dosx.exe [53600] O44 - LFC:[MD5.C5DEA5B95AF9AA981C88CAB94A58213E] - 20/11/2010 - 04:52:32 ---A- . (...) -- C:\Windows\System32\locale.nls [419880] O44 - LFC:[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - 10/11/2010 - 02:45:49 ---A- . (...) -- C:\Windows\System32\ScavengeSpace.xml [10429] O44 - LFC:[MD5.B8CBB46B42570D373C9933FBDF25EBCE] - 05/11/2010 - 03:20:53 ---A- . (...) -- C:\Windows\System32\systemsf.ebd [146852] O44 - LFC:[MD5.C236A8735A48B165A2A7724357DBE332] - 05/11/2010 - 03:20:45 ---A- . (...) -- C:\Windows\System32\RacRules.xml [105559] ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "D:\LOGICIEL\pour cracker windows 7\Windows 7 Loader\Windows 7 Loader Update.exe" [Enabled] .(.Cool Beans Software - Cool NFO Creator.) -- D:\LOGICIEL\pour cracker windows 7\Windows 7 Loader\Windows 7 Loader Update.exe O47 - AAKE:Key Export SP - "C:\Users\yannick\AppData\Roaming\NK9FX1BEU0.exe" [Enabled] .(...) -- C:\Users\yannick\AppData\Roaming\NK9FX1BEU0.exe (.not file.) ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\procexp90.Sys . (...) -- C:\Windows\System32\Drivers\procexp90.Sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\procexp90.Sys . (...) -- C:\Windows\System32\Drivers\procexp90.Sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm O52 - TDSD: \Drivers32\"msacm.avis"="ff_acm.acm" . (.Pas de propriétaire - ffdshow Audio Decoder.) -- C:\Windows\System32\ff_acm.acm O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\lameACM.acm O52 - TDSD: \Drivers32\"vidc.ffds"="ff_vfw.dll" . (...) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \Drivers32\"vidc.fvfw"="ff_vfw.dll" . (...) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (...) -- C:\Windows\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"VIDC.YV12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm O52 - TDSD: \drivers.desc\"ff_acm.acm"="ffdshow ACM codec" . (.Pas de propriétaire - ffdshow Audio Decoder.) -- C:\Windows\System32\ff_acm.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.98.2" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec 1.2.2" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.1 Codec" . (...) -- (.not file.) ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\ACD FotoSlate OLR [Key] . (.BVRP Software - BVRPOlr.) -- C:\PROGRA~1\BVRPSO~1\ACDFOT~1\BVRPOlr.exe O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O53 - SMSR:HKLM\...\startupreg\bywifi [Key] . (.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\Program Files\Bywifi\bywifi.exe O53 - SMSR:HKLM\...\startupreg\EPSON Stylus DX3800 Series [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIACE.exe O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O53 - SMSR:HKLM\...\startupreg\Malwarebytes Anti-Malware (reboot) [Key] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe O53 - SMSR:HKLM\...\startupreg\NokiaOviSuite2 [Key] . (.Nokia - Nokia Ovi Suite 2.) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (...) -- C:\Program Files\Java\jre6\bin\jusched.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\USBToolTip [Key] . (.Pinnacle Systems GmbH - Pinnacle USB Tip - for Multi Media eXtensio.) -- C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe O53 - SMSR:HKLM\...\startupreg\WebEx Document Loader [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIACE.exe O53 - SMSR:HKLM\...\startupreg\YVIBBBHA8C [Key] . (...) -- C:\Users\yannick\AppData\Local\Temp\Qng.exe (.not file.) ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutorun"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.336ABE8721CBC3110F1C6426DA633417] - 20/07/2011 - 10:07:23 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\Windows\system32\drivers\Lbd.sys [64512] O58 - SDL:[MD5.0505DA5D357F18A5D42FC5DEDE6BC9A0] - 20/07/2011 - 10:07:37 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys [101720] O58 - SDL:[MD5.1026D4A3B106A136C5219CAA5A9CA9C3] - 25/11/2009 - 20:25:42 ---A- . (...) -- C:\Windows\system32\AA26A8B559.sys [56] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.B07663A810E861EEBFD0EAC7E82CA62D] - 23/07/2011 - 10:03:52 ---A- . (...) -- C:\Windows\system32\FsUsbExDisk.Sys [36640] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.06F2333A167198C2A0D2ED56D02AC112] - 25/11/2009 - 20:25:42 ---A- . (...) -- C:\Windows\system32\KGyGaAvL.sys [10022] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: RSIT - (.random/random.) ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.cmd> <cmdfile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.com> <ComFile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <exefile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: prefs.js [yannick - ql6pwsec.default] user_pref("CT2504091.SearchEngine", "Search||http://search.conduit.com/Results.aspx? O69 - SBI: prefs.js [yannick - ql6pwsec.default] user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx? O69 - SBI: prefs.js [yannick - ql6pwsec.default] user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091 O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-1111-472f-A0FF-E1416B8B2E3B} - (Google Customized Web Search) - Gooofullsearch.com O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {10EDAC71-1851-473a-BE8E-5D77C8FE5129} - (Ask.com) - Ask.com Web Search O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} - (Private Search) - http://search.hotspotshield.com ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.8CB1DDC3EAC6B60213C75B21DAE06FF5] [sPRF][07/06/2011] (.Musiccity Co.Ltd. - AOD Sourcer Filter.) -- C:\Users\yannick\AppData\Local\Temp\muzaf1.dll [135168] [MD5.4F9BD5F58F631920BBAAEB9D9960286D] [sPRF][07/06/2011] (.Musiccity Co.Ltd. - MUZAoDAppCtrl Module.) -- C:\Users\yannick\AppData\Local\Temp\muzapp.dll [491520] [MD5.A12FB1A9FC4433CD64C77A7250821A02] [sPRF][07/06/2011] (.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Users\yannick\AppData\Local\Temp\muzapp.exe [172032] [MD5.0A2003F4CFD58C350C7B2E2D9807D12D] [sPRF][07/06/2011] (. © MusicCity - P3WMTSplitter Filter.) -- C:\Users\yannick\AppData\Local\Temp\muzwmts.dll [200704] [MD5.DA7644D5E2E13B4F5BF93D5DE5D8EA6A] [sPRF][27/06/2011] (.C_XX - Ad-Remover.) -- C:\Users\yannick\Desktop\AD-R.exe [1327512] [MD5.D4C4EBC2A6E96B5D395331DAB93083EB] [sPRF][27/06/2011] (.Swearware - ComboFix NSIS Installer.) -- C:\Users\yannick\Desktop\ComboFix.exe [4127961] [MD5.8D3DD9C3AF4494574C6526DA291A7F4D] [sPRF][06/06/2011] (.Patrick Bory - Installation de Vision Budget pour Windows.) -- C:\Users\yannick\Desktop\instvbw.exe [1204880] [MD5.579B7C2E186A25B26C3A0B428C8F2375] [sPRF][30/12/2010] (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Users\yannick\Desktop\jre-6u23-windows-i586-iftw.exe [884000] [MD5.00E1569041E09A8200D55F624EE5771C] [sPRF][26/03/2010] (.SFR - Kit de connexion.) -- C:\Users\yannick\Desktop\kit.exe [10493008] [MD5.58EAABDA5445BE6BC4EB257907A59F26] [sPRF][30/03/2007] (.Microsoft Corporation - Windows Movie Maker.) -- C:\Users\yannick\Desktop\MOVIEMK.exe [3274752] [MD5.CD31545772CDB4E84902F25D3363C58D] [sPRF][02/06/2010] (.Macrovision Corporation - Setup.exe.) -- C:\Users\yannick\Desktop\Navirad bis_USB_win7.exe [3176304] [MD5.25FEE8335627797A78FEF284DDF5422C] [sPRF][02/06/2010] (.Eifrig Media Hamburg - Navirad Setup.) -- C:\Users\yannick\Desktop\Navirad_Setup.exe [1024066] [MD5.CD31545772CDB4E84902F25D3363C58D] [sPRF][01/06/2010] (.Macrovision Corporation - Setup.exe.) -- C:\Users\yannick\Desktop\Navirad_USB_win7.exe [3176304] [MD5.484370DD96824E7E3CCB8D781E912D0E] [sPRF][08/07/2010] (...) -- C:\Users\yannick\Desktop\SoftonicDownloader50473.exe [262968] [MD5.ED324284FA119EF0F240AC9E2262D666] [sPRF][12/04/2010] (.Microsoft Corporation - Windows Media Component Setup Application.) -- C:\Users\yannick\Desktop\wmpfirefoxplugin.exe [318904] [MD5.0A3A4ADAF220B1E88EABC73A865A0AD9] [sPRF][01/02/2011] (...) -- C:\Users\yannick\Desktop\xvid_setup1.2.2-win32.exe [167609] [MD5.1A28CB38299AA0069555B95E5C7BE372] [sPRF][27/07/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\yannick\Desktop\ZHPDiag2.exe [2540574] [MD5.77D31FB654A53DBFB151C7A8E11E3A02] [sPRF][17/07/2009] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1962160] [MD5.58AE9C7AF536B70B68099448A29657DA] [sPRF][10/02/2010] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropENU.dll [113888] [MD5.40F1C0C36B6413E57E1FECA4E12159CC] [sPRF][16/02/2010] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropFRA.dll [116040] ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "{9F08B9DA-9F38-4D78-8063-28269DF93869}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "UDP Query User{9D815D98-D61D-41F9-8C03-30A75EC90AEC}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe O87 - FAEL: "TCP Query User{4AC16332-70D1-4F5A-8551-29F8F94CA5AD}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe O87 - FAEL: "UDP Query User{BE20CE4A-E92E-4D5C-B886-ABBEFACB1C7A}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" | In - Private - P17 - TRUE | .(.Nokia - Nokia Ovi Suite 2.) -- C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe O87 - FAEL: "TCP Query User{BDD17544-A9D3-4D2A-9C96-A7D01C72AC4E}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" | In - Private - P6 - TRUE | .(.Nokia - Nokia Ovi Suite 2.) -- C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe O87 - FAEL: "UDP Query User{F6DB8655-1594-423C-8D33-FA890F9F40FF}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" | In - Private - P17 - TRUE | .(.Nokia Corporation.) -- C:\program files\nokia\nokia software updater\nsu_ui_client.exe O87 - FAEL: "TCP Query User{036DDB87-76B2-4FC8-B107-9AD41A5009BA}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" | In - Private - P6 - TRUE | .(.Nokia Corporation.) -- C:\program files\nokia\nokia software updater\nsu_ui_client.exe O87 - FAEL: "UDP Query User{4983C42A-2843-4B78-A5B5-4794470555BC}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" | In - Private - P17 - TRUE | .(.Nokia Corporation.) -- C:\program files\common files\nokia\service layer\a\nsl_hos O87 - FAEL: "TCP Query User{0D3C588B-8BBA-465C-8368-0C91CCF8DC28}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" | In - Private - P6 - TRUE | .(.Nokia Corporation.) -- C:\program files\common files\nokia\service layer\a\nsl_host O87 - FAEL: "{A753A88E-600C-4EFC-9FB5-F3AA3C6B39E3}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\umi.exe (.not file.) O87 - FAEL: "{38C0F335-2C28-415C-A7AE-22215FF5CCE6}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\umi.exe (.not file.) O87 - FAEL: "{9B397528-6605-4723-9182-7370071FFD70}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe (.not file.) O87 - FAEL: "{8D3A8F9E-D9EC-47CF-9C90-1EAD4A2ABBF6}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe (.not file.) O87 - FAEL: "{D088BA9A-625A-4F45-B80F-A0AD6A25522E}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe (.not file.) O87 - FAEL: "{9A5A02EF-E3ED-47D0-B932-7532062EF2F8}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe (.not file.) O87 - FAEL: "{D56921BA-C76F-4E9D-9F8C-43BC1825BA18}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\RM.exe (.not file.) O87 - FAEL: "{B808528A-4A1A-422B-BD61-7013962ABECC}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\RM.exe (.not file.) O87 - FAEL: "{E6B2053D-A486-47D2-BAEC-CDD2A73500F0}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer.) -- C:\Program Files\TeamViewer\Version5\TeamViewer.exe O87 - FAEL: "{6770737F-1E3A-4CC5-8D4D-4CB2A6590230}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer.) -- C:\Program Files\TeamViewer\Version5\TeamViewer.exe O87 - FAEL: "{2304A075-9F74-4BE7-9F4B-7D0477D02809}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - Application de pilotage à distance TeamViewer.) -- C:\Program Files\TeamViewer\Version4\TeamViewer.exe O87 - FAEL: "{657086E6-BDD3-42CA-9962-1B405524DA05}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - Application de pilotage à distance TeamViewer.) -- C:\Program Files\TeamViewer\Version4\TeamViewer.exe O87 - FAEL: "UDP Query User{211C9AE4-1609-4182-A463-F5CB28E70B8C}C:\program files\vuze\azureus.exe" | In - Public - P17 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\program files\vuze\azureus.exe O87 - FAEL: "TCP Query User{1F9313E6-862A-4570-A457-F8E7D5CEABF4}C:\program files\vuze\azureus.exe" | In - Public - P6 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\program files\vuze\azureus.exe O87 - FAEL: "UDP Query User{C9A9EF80-820F-41BD-AA26-6EC41E5B63B3}C:\program files\sfr\media center\httpd\httpd.exe" | In - Public - P17 - TRUE | .(.Apache Software Foundation.) -- C:\program files\sfr\media center\httpd\httpd.exe O87 - FAEL: "TCP Query User{3E40344C-F00C-4DB5-A419-68F093382927}C:\program files\sfr\media center\httpd\httpd.exe" | In - Public - P6 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) -- C:\program files\sfr\media center\httpd\httpd.exe O87 - FAEL: "{267166B5-9CF7-4E6F-B42F-817AB6A1B0F6}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O87 - FAEL: "UDP Query User{C397F40B-217C-4907-9AF3-7AB3EC7FC5AF}C:\program files\mobiola web camera for s60\webcam.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\mobiola web camera for s60\webcam.exe (.not file.) O87 - FAEL: "TCP Query User{4E2AEFA0-47E6-4F53-A769-6DD6B869F272}C:\program files\mobiola web camera for s60\webcam.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\mobiola web camera for s60\webcam.exe (.not file.) O87 - FAEL: "{7E328406-3651-405A-83B6-96E3FAE59226}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\DMV\MaxTV4\core\maxtv_xul.exe (.not file.) O87 - FAEL: "{2F883647-0DB6-4B9A-8A31-24EA95F924E7}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\DMV\MaxTV4\core\maxtv_xul.exe (.not file.) O87 - FAEL: "{29F87B34-DD16-41E8-8A0C-D518B99EFB81}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\DMV\MaxTV4\maxtv.exe (.not file.) O87 - FAEL: "{C22ABC1A-F0F3-42AA-8512-42226D1E2D3F}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\DMV\MaxTV4\maxtv.exe (.not file.) O87 - FAEL: "{9B3677A8-A808-46B8-86DC-1DC5119120F6}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\DMV\MaxTV4\recorder.exe (.not file.) O87 - FAEL: "{F9E5E562-39A1-4121-AB6D-2F6A4412EBDC}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\DMV\MaxTV4\recorder.exe (.not file.) O87 - FAEL: "{D949F856-7340-4FFF-9C8E-3C7800AE6A2B}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe (.not file.) O87 - FAEL: "{BD6A9D48-09F1-4F7F-91FE-5DA99206A50F}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe (.not file.) O87 - FAEL: "{1DCCC494-2CE3-4290-A87B-E5FD8DEBAC6A}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe (.not file.) O87 - FAEL: "{8A2FD7A6-93B0-4D39-9878-EAAC6AB58CB8}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe (.not file.) O87 - FAEL: "{B1DC00D8-46A0-48D1-98B5-86B34C3FAE7D}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe (.not file.) O87 - FAEL: "{3CBCBED0-81FF-4DFF-83EF-DE132348E831}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe (.not file.) O87 - FAEL: "TCP Query User{DB52F910-C4A2-4FE9-8926-EF044B958A72}C:\program files\super internet tv\super internet tv.exe" | In - Private - P6 - TRUE | .(.Ahusoft - Super Internet TV.) -- C:\program files\super internet tv\super internet tv.exe O87 - FAEL: "UDP Query User{C7F314A7-EE0B-4C13-99D8-D3A2ED2D553B}C:\program files\super internet tv\super internet tv.exe" | In - Private - P17 - TRUE | .(.Ahusoft - Super Internet TV.) -- C:\program files\super internet tv\super internet tv.exe O87 - FAEL: "TCP Query User{D83A6CC1-4FE8-4C76-8B26-90B7AB79A417}C:\program files\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe O87 - FAEL: "UDP Query User{DA533DC3-A449-4770-9C1E-B5B71ACBB650}C:\program files\emule\emule.exe" | In - Private - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe O87 - FAEL: "{9EDC60AF-FF91-4DD9-8A24-ED33969BED03}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe (.not file.) O87 - FAEL: "{F6A3F1A1-4831-4E04-95EB-2F1F9CB677CC}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe (.not file.) O87 - FAEL: "{77E203D6-6D3C-4A08-90DC-C59D5A41E79E}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe (.not file.) O87 - FAEL: "{69C1F98C-E6C7-4225-B2D2-251BCAA3B386}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe (.not file.) O87 - FAEL: "{1662B988-B7A3-4CDF-BA8B-E05598A5DC7A}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe (.not file.) O87 - FAEL: "{63DF7210-7A15-4DA2-BFF3-FEBD093C158C}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe (.not file.) O87 - FAEL: "TCP Query User{DF7CD45A-81B7-401D-AE18-B10E569AFBD5}C:\program files\bywifi\bywifi.exe" | In - Private - P6 - TRUE | .(.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\program files\bywifi\bywifi.exe O87 - FAEL: "UDP Query User{64373D43-CFB6-4133-B07A-B779AF1E28A5}C:\program files\bywifi\bywifi.exe" | In - Private - P17 - TRUE | .(.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\program files\bywifi\bywifi.exe O87 - FAEL: "TCP Query User{9F7399BD-6DAF-4B5E-B965-29E935A483F9}C:\program files\bywifi\bywifi.exe" | In - Public - P6 - TRUE | .(.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\program files\bywifi\bywifi.exe O87 - FAEL: "UDP Query User{78AAA148-FA66-4DC3-B76C-D5776D388B28}C:\program files\bywifi\bywifi.exe" | In - Public - P17 - TRUE | .(.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\program files\bywifi\bywifi.exe O87 - FAEL: "{27696ABB-52D7-4E21-85C8-21518E60FF85}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{ADBEFAD8-82D2-45FE-B62E-6C4E73F14DEA}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{181D15E7-9D97-48A1-B058-6BFB769ED0CC}" | In - Private - P6 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe O87 - FAEL: "{DBF4E9FE-2729-49D8-AF62-F11810BAD9F2}" | In - Private - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe O87 - FAEL: "TCP Query User{AB4AC2EE-FB66-44A2-BE65-09546A3EDCF9}E:\mes documents\hack pc\prorat 1.9 special edition\prorat special edition\proconnective.exe" |In - Private - P6 - TRUE | .(...) -- E:\mes documents\hack pc\prorat 1.9 special edition\prora O87 - FAEL: "UDP Query User{F93E10A7-2AC0-40C1-917C-DC5DA924D844}E:\mes documents\hack pc\prorat 1.9 special edition\prorat special edition\proconnective.exe" |In - Private - P17 - TRUE | .(...) -- E:\mes documents\hack pc\prorat 1.9 special edition\pror O87 - FAEL: "TCP Query User{B44994A1-BC13-452B-B780-4D9971B1A04F}C:\windows\services.exe" |In - Private - P6 - TRUE | .(...) -- C:\windows\services.exe (.not file.) O87 - FAEL: "UDP Query User{8EAD86AF-2694-4779-916A-0717142039CA}C:\windows\services.exe" |In - Private - P17 - TRUE | .(...) -- C:\windows\services.exe (.not file.) O87 - FAEL: "TCP Query User{0287BE9B-D117-4706-8851-EABA3FB41EE6}C:\windows\services.exe" |In - Public - P6 - TRUE | .(...) -- C:\windows\services.exe (.not file.) O87 - FAEL: "UDP Query User{4B0B1E01-E3D4-4D1A-BBD1-53AB627CE39E}C:\windows\services.exe" |In - Public - P17 - TRUE | .(...) -- C:\windows\services.exe (.not file.) O87 - FAEL: "{2D7EBFEF-80AF-44C8-AB9A-E833AE629107}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe O87 - FAEL: "{856E5553-7B2F-4763-B549-9DD46BF9DD51}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe O87 - FAEL: "{A9126C21-F683-46D4-9668-2BCBA941019B}" | In - Private - P6 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) -- C:\Program Files\SFR\Media Center\httpd\httpd.exe O87 - FAEL: "{6C2F8AFA-CAE1-4EF3-BDFF-EDB63F428EA8}" | In - Private - P17 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) -- C:\Program Files\SFR\Media Center\httpd\httpd.exe O87 - FAEL: "{E2767A58-DA8B-4542-80ED-E4FC7EC547FA}" | In - Private - P6 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe O87 - FAEL: "{DD070704-9740-4C2B-A47A-EA2AB1EF1875}" | In - Private - P17 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe O87 - FAEL: "TCP Query User{A90D0532-D4B3-41CB-8C6E-B21EBB39E204}C:\program files\wild media server\wms.exe" | In - Private - P6 - TRUE | .(.Evgeny Lachinov - Wild Media Server (UPnP, DLNA, HTTP).) -- C:\program files\wild media server\wms.exe O87 - FAEL: "UDP Query User{A8999E0E-2999-464F-BA6B-F87C2A96C758}C:\program files\wild media server\wms.exe" | In - Private - P17 - TRUE | .(.Evgeny Lachinov - Wild Media Server (UPnP, DLNA, HTTP).) -- C:\program files\wild media server\wms.exe O87 - FAEL: "{A85FAEE1-5880-4BA1-87B8-F2177025F400}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O87 - FAEL: "TCP Query User{1E161BD3-7BF2-456E-94C5-19BCAD2E7BA6}C:\program files\mozilla firefox\plugin-container.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation.) -- C:\program files\mozilla firefox\plugin-container.exe O87 - FAEL: "UDP Query User{C4F01001-80A9-4BC0-BBA5-86869469C4E6}C:\program files\mozilla firefox\plugin-container.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation.) -- C:\program files\mozilla firefox\plugin-container.exe O87 - FAEL: "{3892C127-475A-4189-908F-2B478E464BE8}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe O87 - FAEL: "{292A0942-9868-492F-A78C-CA47EB3B02F2}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe O87 - FAEL: "{11701C3B-E97A-412F-95C1-30590667191A}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe O87 - FAEL: "{4E910990-8E08-4D1E-8E67-EFAB92CE5B0A}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe O87 - FAEL: "{27C2BABC-FFFE-4357-9048-4D607E27908A}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe O87 - FAEL: "{C7B06AC0-56FE-4C65-AC76-17D076FAF9EF}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe O87 - FAEL: "{4FF38E03-A613-4042-B7F1-BC1291256527}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe O87 - FAEL: "{A0CC2B51-1FC5-4ED4-A8F0-FE5D8CD4F030}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe O87 - FAEL: "TCP Query User{8A5BFF56-DD7D-4EA1-B297-F6A96F00B7AD}C:\program files\mozilla firefox\firefox.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "UDP Query User{E4B40D53-CDC0-495C-85B4-BD42A7EF2ECB}C:\program files\mozilla firefox\firefox.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "{AA8F8986-81D3-429F-96A5-08FD1D9E64A1}" | In - Private - P6 - TRUE | .(.PeeringPortal - KTF MUSIC AoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe O87 - FAEL: "{4F914CB4-9D3F-42C6-BCEB-6B3A72537A57}" | In - Private - P17 - TRUE | .(.PeeringPortal - KTF MUSIC AoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe O87 - FAEL: "{13B51E55-41A0-4735-8A4B-E12C783B29E1}" | In - Private - P6 - TRUE | .(.PeeringPortal - KTF MUSIC VoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe O87 - FAEL: "{E55F0074-83AE-4330-8F2B-66FE2C1C1D28}" | In - Private - P17 - TRUE | .(.PeeringPortal - KTF MUSIC VoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe O87 - FAEL: "{CC170858-FE12-402A-81A2-0B6605F2FA49}" | In - Private - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\yannick\AppData\Roaming\Dropbox\bin\Dropbox.exe O87 - FAEL: "{E5065E38-8FE1-45E3-B251-BA890512130A}" | In - Private - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\yannick\AppData\Roaming\Dropbox\bin\Dropbox.exe O87 - FAEL: "TCP Query User{EEF5D8C9-895E-4A41-B25E-5E5D89318B09}C:\users\yannick\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\yannick\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) O87 - FAEL: "UDP Query User{EF1FF1D7-0F2A-49AB-99D3-3DADCB15E329}C:\users\yannick\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\yannick\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) O87 - FAEL: "TCP Query User{C453C824-A102-4751-B91E-79ECCA78700C}C:\users\yannick\appdata\roaming\dropbox\bin\dropbox.exe" | In - Public - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\users\yannick\appdata\roaming\dropbox\bin\dropbox.exe O87 - FAEL: "UDP Query User{734CEC0B-0184-48B7-8C60-E88E3923979E}C:\users\yannick\appdata\roaming\dropbox\bin\dropbox.exe" | In - Public - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\users\yannick\appdata\roaming\dropbox\bin\dropbox.exe O87 - FAEL: "TCP Query User{CE18D581-B4EF-46A4-856E-72F23FCCA2D5}C:\glassfish3\jdk\bin\java.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\glassfish3\jdk\bin\java.exe O87 - FAEL: "UDP Query User{7B756B0A-1A00-4E79-8746-971066A1E37F}C:\glassfish3\jdk\bin\java.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\glassfish3\jdk\bin\java.exe O87 - FAEL: "{13D18AD6-D713-46CF-B8B2-C4199812E23D}" | In - Public - P6 - TRUE | .(.Cisco Systems, Inc. - Pure Networks Platform Service.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O87 - FAEL: "{F92C10FD-8407-4959-9E31-447FBE2CB80C}" | In - Public - P17 - TRUE | .(.Cisco Systems, Inc. - Pure Networks Platform Service.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe ---\\ Scan Additionnel (O88) Database Version : 8545 - (22/07/2011) Clés trouvées (Keys found) : 28 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 8 Fichiers trouvés (Files found) : 0 [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>Toolbar.Ask [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>Toolbar.Ask [HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent [HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] =>Adware.Hotbar [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] =>Toolbar.AskTBar [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] =>Toolbar.AskTBar [HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4daac69c-cba7-45e2-9bc8-1044483d3352}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4daac69c-cba7-45e2-9bc8-1044483d3352}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{723328FF-22D0-497f-9EB5-1AC919582DE1}] =>Adware.SPointer [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.Softomate [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.Softomate [HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.Softomate [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.Softomate [HKLM\Software\Classes\Installer\Features\5B4758C25396ECF468E04F8E063287FF] =>PUP.OfferBox [HKCU\Software\cacaoweb] =>PUP.CacaoWeb [HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\HotSpot_Shield_FR] =>Toolbar.Conduit [HKLM\Software\HotSpot_Shield_FR] =>Toolbar.Conduit [HKCU\Software\HotspotShield] =>Toolbar.Conduit [HKLM\Software\HotspotShield] =>Toolbar.Conduit [HKCU\Software\WideStream] =>Adware.SPointer [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\YVIBBBHA8C] =>Trojan.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HotSpot_Shield_FR Toolbar] =>Toolbar.Conduit C:\Program Files\Hotspot Shield =>Toolbar.Conduit C:\Program Files\Softonic_France =>Toolbar.Conduit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield =>Toolbar.Conduit C:\Users\yannick\AppData\Roaming\Widestream =>Adware.SPointer C:\Users\yannick\AppData\Local\widestream6 Air =>Adware.SPointer C:\Users\yannick\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon C:\Users\yannick\AppData\LocalLow\Toolbar4 =>Toolbar.Conduit ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 16/05/2010 144672 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 16/05/2010 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SS - | Demand 23/10/2009 20680 | (EhttpSrv) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe SR - | Auto 23/10/2009 735960 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe SS - | Demand 05/04/2011 1045256 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SR - | Auto 19/07/2010 233472 | (FsUsbExService) . (.Teruten.) - C:\Windows\system32\FsUsbExService.exe SS - | Auto 05/07/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 05/07/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 05/07/2010 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 18/04/2010 247808 | (HotspotShieldService) . (...) - C:\Program Files\Hotspot Shield\bin\openvpnas.exe SS - | Demand 18/04/2010 57640 | (HssTrayService) . (...) - C:\Program Files\Hotspot Shield\bin\HssTrayService.exe SR - | Auto 18/04/2010 322608 | (HssWd) . (...) - C:\Program Files\Hotspot Shield\bin\hsswd.exe SR - | Demand 16/05/2010 545576 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Demand 30/12/1899 0 | (KiesAllShare) . (...) - C:\Program Files\Samsung\Kies\WiselinkPro\WiselinkPro.exe SR - | Auto 20/07/2011 2151640 | (Lavasoft Ad-Aware Service) . (.Lavasoft Limited.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe SR - | Auto 27/11/2010 853288 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe SS - | Demand 27/11/2010 382248 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe SR - | Auto 22/02/2010 647216 | (nmservice) . (.Cisco Systems, Inc..) - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe SR - | Auto 02/03/2010 129640 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SS - | Demand 31/12/2010 217088 | (PS3 Media Server) . (...) - C:\Program Files\PS3 Media Server\win32\service\wrapper.exe SS - | Demand 05/05/2011 117264 | Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files\WinPcap\rpcapd.exe SR - | Auto 17/06/2011 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe SS - | Demand 16/07/2010 652800 | (ServiceLayer) . (.Nokia.) - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe SR - | Auto 22/02/2010 185640 | (TeamViewer4) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe SR - | Auto 22/02/2010 172328 | (TeamViewer5) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe SR - | Auto 21/04/2011 3007488 | (WiselinkPro) . (...) - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by yannick at 27/07/2011 18:24:53 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys 1 ntkrnlpa!IofCallDriver[0x83C8D52F] -> \Device\Harddisk0\DR0[0x8716A778] 3 CLASSPNP[0x8C3A159E] -> ntkrnlpa!IofCallDriver[0x83C8D52F] -> [0x86C7E888] 5 ACPI[0x8BE3B3D4] -> ntkrnlpa!IofCallDriver[0x83C8D52F] -> \Device\Ide\IdeDeviceP2T0L0-3[0x863A2030] kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by yannick at 27/07/2011 18:24:55 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin End of the scan (1831 lines in 02mn 54s)(0)
- le 27 juillet 2011
- 9 réponses
fenetre publicitaire intempestive

mimic8535 a posté un sujet dans Analyses et éradication malwares

bonjour j'ai un malware qui resiste et qui me met une fenetre de pub a chaque clic sur un lien et impossible de l'enlever meme avec malware bytes je pense qu'il va falloir passer a la vitesse superieur et hijackthis merci si vous pouvez me donner la procedure
- le 27 juillet 2011
- 9 réponses
"resolu" rapport hijackthids et malware bytes

mimic8535 a répondu à un(e) sujet de mimic8535 dans Analyses et éradication malwares

bonjour Falkara je suis pret si tu desire que l'on finisse de securiser mon pc voici un dernier rapport pour voir Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:17:07, on 15/04/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe C:\Program Files\Cobian Backup 9\cbInterface.exe C:\Program Files\Windows Live\Family Safety\fsui.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\WebcamMax\wcmmon.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Users\DERRIEN\Desktop\Skype.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\SFR\Media Center\MediaCenter.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE C:\Program Files\SFR\Media Center\httpd\httpd.exe C:\Program Files\SFR\Media Center\httpd\httpd.exe C:\Windows\System32\mobsync.exe C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Cobian Backup 9 interface] "C:\Program Files\Cobian Backup 9\cbInterface.exe" -service O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [Malwarebytes Piracy] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /piracy O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [skype] "C:\Users\DERRIEN\Desktop\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU) O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe O23 - Service: Cobian Backup 9 service (CobianBackupAmanita) - Luis Cobian - C:\Program Files\Cobian Backup 9\cbService.exe O23 - Service: Service Google Update (gupdate1c9af92ffc09182) (gupdate1c9af92ffc09182) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe -- End of file - 7932 bytes excuse moi "Falkra"
- le 15 avril 2009
- 27 réponses
"resolu" rapport hijackthids et malware bytes

mimic8535 a répondu à un(e) sujet de mimic8535 dans Analyses et éradication malwares

donc a demain merci beaucoup pour le travail
- le 14 avril 2009
- 27 réponses
"resolu" rapport hijackthids et malware bytes

mimic8535 a répondu à un(e) sujet de mimic8535 dans Analyses et éradication malwares

je n(ai que 15 mn donc a voir
- le 14 avril 2009
- 27 réponses
"resolu" rapport hijackthids et malware bytes

mimic8535 a répondu à un(e) sujet de mimic8535 dans Analyses et éradication malwares

ok il y en a pour longtemps car je bosse de nuit a 7h00
- le 14 avril 2009
- 27 réponses
"resolu" rapport hijackthids et malware bytes

mimic8535 a répondu à un(e) sujet de mimic8535 dans Analyses et éradication malwares

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:13:25, on 14/04/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\conime.exe C:\Windows\system32\notepad.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Windows\Explorer.exe C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\NOTEPAD.EXE C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\SearchFilterHost.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Cobian Backup 9 interface] "C:\Program Files\Cobian Backup 9\cbInterface.exe" -service O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [Malwarebytes Piracy] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /piracy O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [skype] "C:\Users\DERRIEN\Desktop\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU) O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe O23 - Service: Cobian Backup 9 service (CobianBackupAmanita) - Luis Cobian - C:\Program Files\Cobian Backup 9\cbService.exe O23 - Service: Service Google Update (gupdate1c9af92ffc09182) (gupdate1c9af92ffc09182) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe -- End of file - 7281 bytes
- le 14 avril 2009
- 27 réponses
"resolu" rapport hijackthids et malware bytes

mimic8535 a répondu à un(e) sujet de mimic8535 dans Analyses et éradication malwares

Malwarebytes' Anti-Malware 1.36 Version de la base de données: 1982 Windows 6.0.6001 Service Pack 1 14/04/2009 18:07:38 mbam-log-2009-04-14 (18-07-38).txt Type de recherche: Examen rapide Eléments examinés: 61543 Temps écoulé: 2 minute(s), 0 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) cela avait il un rapport avec ma deconnexion internet mais pas de skype
- le 14 avril 2009
- 27 réponses
"resolu" rapport hijackthids et malware bytes

mimic8535 a répondu à un(e) sujet de mimic8535 dans Analyses et éradication malwares

oui ok et mise a jour ok merci qu'est ce que c'etait ce gaopdx et donc tous mes crack sont supprimés et comment te remercier du temps passé?
- le 14 avril 2009
- 27 réponses
"resolu" rapport hijackthids et malware bytes

mimic8535 a répondu à un(e) sujet de mimic8535 dans Analyses et éradication malwares

voici le rapport combofix ComboFix 09-04-14.09 - DERRIEN 14/04/2009 17:37.2 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3071.1978 [GMT 2:00] Lancé depuis: c:\users\DERRIEN\Desktop\pouet.exe Commutateurs utilisés :: c:\users\DERRIEN\Desktop\CFscript.txt AV: Antivirus BitDefender *On-access scanning disabled* (Updated) * Un nouveau point de restauration a été créé FILE :: c:\users\DERRIEN\AppData\Local\wuiykqa.bat c:\users\DERRIEN\AppData\Roaming\Azureus\torrents\Windows.Vista.Crack-VanVan.Ultimate.All.Versions.EASY.ACTIVATION.X86.zip.torrent c:\users\DERRIEN\AppData\Roaming\Microsoft\Windows\Recent\crack serial.lnk c:\users\DERRIEN\AppData\Roaming\Microsoft\Windows\Recent\crack windows genuine.lnk c:\users\DERRIEN\AppData\Roaming\Microsoft\Windows\Recent\WebcamMax.v5.0.3.8.MultiLanguage.Crack-tRUE.lnk c:\users\DERRIEN\AppData\Roaming\Microsoft\Windows\Recent\Windows.Vista.Crack-VanVan.Ultimate.All.Versions.EASY.ACTIVATION.X86.lnk c:\users\DERRIEN\AppData\Roaming\Microsoft\Windows\Recent\Windows.Vista.Crack-VanVan.Ultimate.All.Versions.EASY.ACTIVATION.X86.zip.lnk . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\DERRIEN\AppData\Local\wuiykqa.bat c:\users\DERRIEN\AppData\Roaming\Azureus\torrents\Windows.Vista.Crack-VanVan.Ultimate.All.Versions.EASY.ACTIVATION.X86.zip.torrent c:\users\DERRIEN\AppData\Roaming\Microsoft\Windows\Recent\crack serial.lnk c:\users\DERRIEN\AppData\Roaming\Microsoft\Windows\Recent\crack windows genuine.lnk c:\users\DERRIEN\AppData\Roaming\Microsoft\Windows\Recent\WebcamMax.v5.0.3.8.MultiLanguage.Crack-tRUE.lnk c:\users\DERRIEN\AppData\Roaming\Microsoft\Windows\Recent\Windows.Vista.Crack-VanVan.Ultimate.All.Versions.EASY.ACTIVATION.X86.lnk c:\users\DERRIEN\AppData\Roaming\Microsoft\Windows\Recent\Windows.Vista.Crack-VanVan.Ultimate.All.Versions.EASY.ACTIVATION.X86.zip.lnk c:\users\DERRIEN\Favoris\Cracks c:\users\DERRIEN\Favoris\Cracks\[ Archive du Cracking Français ].url c:\users\DERRIEN\Favoris\Cracks\ASTALAVISTA.BOX.SK.url c:\users\DERRIEN\Favoris\Cracks\crack 2005\Vous cherchez crack serial vous n'avez ka demander à .....url c:\users\DERRIEN\Favoris\Cracks\CRACK 2008\http--www.keygen.ms-cracked_warez_search.phps=studio+scrap&deep_crack=on.url c:\users\DERRIEN\Favoris\Cracks\CRACK In France par SUPER GEGE.url c:\users\DERRIEN\Favoris\Cracks\crack news\? JEUX GRATUITS sur Jeuxgratis - Rechercher crack NO CD Dora.url c:\users\DERRIEN\Favoris\Cracks\crack news\Cerials.NET - Browsing Serials and Cracks letter w, page 36..url c:\users\DERRIEN\Favoris\Cracks\crack news\Crackspider.net! Search cracks, serial numbers, keygens and patches for appz and games.url c:\users\DERRIEN\Favoris\Cracks\crack news\Free serials, cracks, code of games and hacking serial.url c:\users\DERRIEN\Favoris\Cracks\crack wifi\Aircrack-ng, aireplay-ng, airodump-ng, Tutorial crack cle wep.url c:\users\DERRIEN\Favoris\Cracks\crack wifi\aircrack presentation.url c:\users\DERRIEN\Favoris\Cracks\crack wifi\AIRCRACK, TUTORIEL sur le wifi avec aircrack,download aircrack-ptw, airodump, aireplay, (suite aircrack-ng).url c:\users\DERRIEN\Favoris\Cracks\Cracks , Serials, Updates, Serials 2000 , Download , free, serial , update , serials 2000 , serials 2000 updates, update serial c:\users\DERRIEN\Favoris\Cracks\CRACKS.AM - Page A1.url c:\users\DERRIEN\Favoris\Cracks\CRACKS.AM - Page S.url c:\users\DERRIEN\Favoris\Cracks\cRaCkZ uNLiMiTeD.url c:\users\DERRIEN\Favoris\Cracks\Deamon Crack - Redirect by ulimit.com.url c:\users\DERRIEN\Favoris\Cracks\Horas Crack A-D.url c:\users\DERRIEN\Favoris\Cracks\http--perso.wanadoo.fr-eric.fabregue-ASTUCEdemarrage.htm.url c:\users\DERRIEN\Favoris\Cracks\http--toptools.serwis.pl-d.htm.url c:\users\DERRIEN\Favoris\Cracks\http--www.warezdrive.com-apps.html.url c:\users\DERRIEN\Favoris\Cracks\ilokos, l'ami des joueurs.url c:\users\DERRIEN\Favoris\Cracks\La Cité de ZABULON®.url c:\users\DERRIEN\Favoris\Cracks\LINKS.REFERAT.COM tvtool 5.5.3.url c:\users\DERRIEN\Favoris\Cracks\MILSOFT - Crack.url c:\users\DERRIEN\Favoris\Cracks\MOTEUR DE RECHERCHE CRACK\crack showshifter 2 - HitOO.com trouve tout !.url c:\users\DERRIEN\Favoris\Cracks\MOTEUR DE RECHERCHE CRACK\SHOWSHIFTER CRACK SERIAL [ x-cracks.com ].url c:\users\DERRIEN\Favoris\Cracks\Pentel Software.url c:\users\DERRIEN\Favoris\Cracks\Russia on the Net.url c:\users\DERRIEN\Favoris\Cracks\Soft and Program MacroMedia Director 8 (21.8 MB) Macromedia Director v8.5 MacroMedia Director Shockwave Studio 8.5 Macromedia.u c:\users\DERRIEN\Favoris\Cracks\top crack\. . . -) Download-Seite - neu mit SerialZ -) . . ..url c:\users\DERRIEN\Favoris\Cracks\top crack\DEFENDER CRACK.url c:\users\DERRIEN\Favoris\Cracks\top crack\Forum de recherche de cracks et logiciels - INFORMANIA.url c:\users\DERRIEN\Favoris\Cracks\top crack\http--www.dvd-area.com-.url c:\users\DERRIEN\Favoris\Cracks\top crack\L'ultime coin des fauchés.url c:\users\DERRIEN\Favoris\Cracks\top crack\Lexique.url c:\users\DERRIEN\Favoris\Cracks\top crack\MultiHack.url c:\users\DERRIEN\Favoris\Cracks\top crack\Orkiller.com - Gravure, cracks de jeux, logiciels -.url c:\users\DERRIEN\Favoris\Cracks\top crack\Serials & keys.url c:\users\DERRIEN\Favoris\Cracks\top crack\Trinsic Serials cracks serial crack gamez appz apps games warez.url c:\users\DERRIEN\Favoris\Cracks\top crack\Welcome To New Trends ---------------- t1.url c:\users\DERRIEN\Favoris\Cracks\top crack\www.ebazar.fr.fm - Redirect by ulimit.com.url c:\users\DERRIEN\Favoris\Cracks\top crack\www.kunst-der-hacker.de-indexccracki.htm.url c:\users\DERRIEN\Favoris\Cracks\Télécharger des logiciels en Français - Redirect by ulimit.com.url c:\users\DERRIEN\Favoris\Cracks\www.lescouzeres.fr.st - Redirect by ulimit.com.url c:\users\DERRIEN\Favoris\Cracks\www.phonetel.com02.com.url c:\users\DERRIEN\Favoris\forum crack c:\users\DERRIEN\Favoris\forum crack\Deamon Crack - Redirect by ulimit.com.url c:\users\DERRIEN\Favoris\forum crack\Site de clé et crack en français - Site of crack and key.url c:\users\DERRIEN\Favoris\Nouveau dossier crack c:\users\DERRIEN\Favoris\Nouveau dossier crack\MOOKOOF.url c:\users\DERRIEN\Favoris\Nouveau dossier crack\Mulderland 3 Ze land of Mulderground - Redirect by ulimit.com.url c:\users\DERRIEN\Favoris\Nouveau dossier crack\Teamatic.net - Téléchargements - Service Pack 1 pour Windows XP (SP1 winXP).url c:\users\DERRIEN\Favoris\Nouveau dossier crack\TELECHARGEZ PC.url c:\users\DERRIEN\Favoris\Nouveau dossier crack\TopTealc #1.url c:\users\DERRIEN\Favorites\Cracks c:\users\DERRIEN\Favorites\Cracks\[ Archive du Cracking Français ].url c:\users\DERRIEN\Favorites\Cracks\ASTALAVISTA.BOX.SK.url c:\users\DERRIEN\Favorites\Cracks\crack 2005\Vous cherchez crack serial vous n'avez ka demander à .....url c:\users\DERRIEN\Favorites\Cracks\CRACK 2008\http--www.keygen.ms-cracked_warez_search.phps=studio+scrap&deep_crack=on.url c:\users\DERRIEN\Favorites\Cracks\CRACK In France par SUPER GEGE.url c:\users\DERRIEN\Favorites\Cracks\crack news\? JEUX GRATUITS sur Jeuxgratis - Rechercher crack NO CD Dora.url c:\users\DERRIEN\Favorites\Cracks\crack news\Cerials.NET - Browsing Serials and Cracks letter w, page 36..url c:\users\DERRIEN\Favorites\Cracks\crack news\Crackspider.net! Search cracks, serial numbers, keygens and patches for appz and games.url c:\users\DERRIEN\Favorites\Cracks\crack news\Free serials, cracks, code of games and hacking serial.url c:\users\DERRIEN\Favorites\Cracks\crack wifi\Aircrack-ng, aireplay-ng, airodump-ng, Tutorial crack cle wep.url c:\users\DERRIEN\Favorites\Cracks\crack wifi\aircrack presentation.url c:\users\DERRIEN\Favorites\Cracks\crack wifi\AIRCRACK, TUTORIEL sur le wifi avec aircrack,download aircrack-ptw, airodump, aireplay, (suite aircrack-ng).url c:\users\DERRIEN\Favorites\Cracks\Cracks , Serials, Updates, Serials 2000 , Download , free, serial , update , serials 2000 , serials 2000 updates, update serial c:\users\DERRIEN\Favorites\Cracks\CRACKS.AM - Page A1.url c:\users\DERRIEN\Favorites\Cracks\CRACKS.AM - Page S.url c:\users\DERRIEN\Favorites\Cracks\cRaCkZ uNLiMiTeD.url c:\users\DERRIEN\Favorites\Cracks\Deamon Crack - Redirect by ulimit.com.url c:\users\DERRIEN\Favorites\Cracks\Horas Crack A-D.url c:\users\DERRIEN\Favorites\Cracks\http--perso.wanadoo.fr-eric.fabregue-ASTUCEdemarrage.htm.url c:\users\DERRIEN\Favorites\Cracks\http--toptools.serwis.pl-d.htm.url c:\users\DERRIEN\Favorites\Cracks\http--www.warezdrive.com-apps.html.url c:\users\DERRIEN\Favorites\Cracks\ilokos, l'ami des joueurs.url c:\users\DERRIEN\Favorites\Cracks\La Cité de ZABULON®.url c:\users\DERRIEN\Favorites\Cracks\LINKS.REFERAT.COM tvtool 5.5.3.url c:\users\DERRIEN\Favorites\Cracks\MILSOFT - Crack.url c:\users\DERRIEN\Favorites\Cracks\MOTEUR DE RECHERCHE CRACK\crack showshifter 2 - HitOO.com trouve tout !.url c:\users\DERRIEN\Favorites\Cracks\MOTEUR DE RECHERCHE CRACK\SHOWSHIFTER CRACK SERIAL [ x-cracks.com ].url c:\users\DERRIEN\Favorites\Cracks\Pentel Software.url c:\users\DERRIEN\Favorites\Cracks\Russia on the Net.url c:\users\DERRIEN\Favorites\Cracks\Soft and Program MacroMedia Director 8 (21.8 MB) Macromedia Director v8.5 MacroMedia Director Shockwave Studio 8.5 Macromedia.u c:\users\DERRIEN\Favorites\Cracks\top crack\. . . -) Download-Seite - neu mit SerialZ -) . . ..url c:\users\DERRIEN\Favorites\Cracks\top crack\DEFENDER CRACK.url c:\users\DERRIEN\Favorites\Cracks\top crack\Forum de recherche de cracks et logiciels - INFORMANIA.url c:\users\DERRIEN\Favorites\Cracks\top crack\http--www.dvd-area.com-.url c:\users\DERRIEN\Favorites\Cracks\top crack\L'ultime coin des fauchés.url c:\users\DERRIEN\Favorites\Cracks\top crack\Lexique.url c:\users\DERRIEN\Favorites\Cracks\top crack\MultiHack.url c:\users\DERRIEN\Favorites\Cracks\top crack\Orkiller.com - Gravure, cracks de jeux, logiciels -.url c:\users\DERRIEN\Favorites\Cracks\top crack\Serials & keys.url c:\users\DERRIEN\Favorites\Cracks\top crack\Trinsic Serials cracks serial crack gamez appz apps games warez.url c:\users\DERRIEN\Favorites\Cracks\top crack\Welcome To New Trends ---------------- t1.url c:\users\DERRIEN\Favorites\Cracks\top crack\www.ebazar.fr.fm - Redirect by ulimit.com.url c:\users\DERRIEN\Favorites\Cracks\top crack\www.kunst-der-hacker.de-indexccracki.htm.url c:\users\DERRIEN\Favorites\Cracks\Télécharger des logiciels en Français - Redirect by ulimit.com.url c:\users\DERRIEN\Favorites\Cracks\www.lescouzeres.fr.st - Redirect by ulimit.com.url c:\users\DERRIEN\Favorites\Cracks\www.phonetel.com02.com.url c:\users\DERRIEN\Favorites\forum crack c:\users\DERRIEN\Favorites\forum crack\Deamon Crack - Redirect by ulimit.com.url c:\users\DERRIEN\Favorites\forum crack\Site de clé et crack en français - Site of crack and key.url c:\users\DERRIEN\Favorites\Nouveau dossier crack c:\users\DERRIEN\Favorites\Nouveau dossier crack\MOOKOOF.url c:\users\DERRIEN\Favorites\Nouveau dossier crack\Mulderland 3 Ze land of Mulderground - Redirect by ulimit.com.url c:\users\DERRIEN\Favorites\Nouveau dossier crack\Teamatic.net - Téléchargements - Service Pack 1 pour Windows XP (SP1 winXP).url c:\users\DERRIEN\Favorites\Nouveau dossier crack\TELECHARGEZ PC.url c:\users\DERRIEN\Favorites\Nouveau dossier crack\TopTealc #1.url c:\windows\system32\drivers\gaopdxboqyjqceocunxxtmnfvlpmmnxerdsbvi.sys c:\windows\system32\drivers\gaopdxdkcqpvnxemvjcibdmeqvffiwdxyexsdx.sys c:\windows\system32\gaopdxcounter c:\windows\system32\gaopdxgbsxpqotcbbfrtwyuqxjtpxiinvnjodp.dll c:\windows\system32\gaopdxvswsrcikfngqsqyifbnvdfbplvqutxcr.dll . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_gaopdxserv.sys ((((((((((((((((((((((((((((( Fichiers créés du 2009-03-14 au 2009-04-14 )))))))))))))))))))))))))))))))))))) . 2009-04-14 13:55 . 2009-04-14 14:19 -------- d-----w C:\ToolBar SD 2009-04-14 13:06 . 2009-04-14 13:06 -------- d-----w c:\users\All Users\WindowsSearch 2009-04-14 13:06 . 2009-04-14 13:06 -------- d-----w c:\programdata\WindowsSearch 2009-04-12 19:09 . 2009-04-12 19:20 -------- d-----w c:\users\DERRIEN\AppData\Roaming\dvdcss 2009-04-08 16:33 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-04-08 16:33 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-04-08 12:16 . 2009-04-08 12:16 23 ----a-w c:\windows\system32\dbabbbaa1_d.ocx 2009-04-07 08:45 . 2009-04-07 11:04 -------- d-----w c:\users\DERRIEN\AppData\Roaming\gtk-2.0 2009-04-07 08:44 . 2009-04-07 08:44 -------- d-----w c:\users\DERRIEN\.thumbnails 2009-04-07 08:40 . 2009-04-07 11:42 -------- d-----w c:\users\DERRIEN\.gimp-2.6 2009-04-07 08:40 . 2009-04-07 08:40 -------- d-----w c:\users\DERRIEN\.gegl-0.0 2009-04-06 17:10 . 1998-10-07 11:08 327168 ----a-w c:\windows\IsUn040c.exe 2009-04-01 08:43 . 2009-04-01 08:43 -------- d-----w c:\users\All Users\Webcammax 2009-04-01 08:43 . 2009-04-01 08:43 -------- d-----w c:\programdata\Webcammax 2009-04-01 08:42 . 2009-04-01 08:43 -------- d-----w c:\users\DERRIEN\AppData\Roaming\Webcammax 2009-03-29 17:22 . 2009-03-29 17:22 -------- d-----w c:\users\DERRIEN\AppData\Roaming\Malwarebytes 2009-03-29 17:22 . 2009-03-29 17:22 -------- d-----w c:\users\All Users\Malwarebytes 2009-03-29 17:22 . 2009-03-29 17:22 -------- d-----w c:\programdata\Malwarebytes 2009-03-28 10:49 . 2009-04-14 11:21 -------- d-----w c:\users\All Users\Google Updater 2009-03-28 10:49 . 2009-04-14 11:21 -------- d-----w c:\programdata\Google Updater 2009-03-27 21:49 . 2009-03-27 21:49 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2009-03-24 17:19 . 2009-04-09 20:39 266 ----a-w c:\windows\system32\BDUpdateV1.xml 2009-03-23 21:57 . 2009-03-23 21:59 -------- d-----w c:\users\DERRIEN\AppData\Roaming\ArcSoft 2009-03-23 21:56 . 2006-11-10 14:05 18688 ----a-w c:\windows\system32\drivers\afc.sys 2009-03-23 21:54 . 2004-05-04 10:53 1645320 ----a-w c:\windows\system32\gdiplus.dll 2009-03-23 21:54 . 2005-06-21 09:29 245408 ----a-w c:\windows\system32\unicows.dll 2009-03-23 21:54 . 1995-08-01 03:44 212480 ----a-w c:\windows\PCDLIB32.DLL 2009-03-22 17:59 . 2009-03-09 03:19 410984 ----a-w c:\windows\system32\deploytk.dll 2009-03-22 17:27 . 2009-01-08 17:00 16640 ----a-w c:\windows\system32\drivers\DsAudioDevice_282.sys 2009-03-21 14:09 . 2009-04-14 14:26 -------- d-----w c:\users\DERRIEN\Tracing 2009-03-21 13:24 . 2009-02-06 17:08 55280 ----a-w c:\windows\system32\drivers\fssfltr.sys 2009-03-21 13:09 . 2009-03-21 13:24 -------- dc----w c:\windows\system32\DRVSTORE 2009-03-21 13:08 . 2006-11-29 12:06 3426072 ----a-w c:\windows\system32\d3dx9_32.dll 2009-03-19 16:19 . 2009-03-19 16:20 -------- d-----w c:\users\DERRIEN\AppData\Roaming\ImgBurn 2009-03-16 20:25 . 2009-03-16 20:25 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-14 15:35 . 2006-11-02 13:02 32768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat 2009-04-14 15:35 . 2006-11-02 13:02 16384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat 2009-04-14 15:35 . 2006-11-02 13:02 16384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat 2009-04-14 15:35 . 2009-04-14 15:35 2048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat 2009-04-14 15:35 . 2009-04-14 15:35 2048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat 2009-04-14 15:34 . 2009-03-04 14:46 81984 ----a-w c:\windows\System32\bdod.bin 2009-04-14 14:57 . 2006-11-02 15:48 669652 ----a-w c:\windows\System32\perfh00C.dat 2009-04-14 14:57 . 2006-11-02 15:48 123690 ----a-w c:\windows\System32\perfc00C.dat 2009-04-14 14:28 . 2009-03-09 08:22 -------- d-----w c:\users\DERRIEN\AppData\Roaming\Skype 2009-04-14 14:25 . 2009-04-14 14:24 3498 ----a-w C:\cleannavi.txt 2009-04-14 14:25 . 2009-04-14 13:51 -------- d-----w c:\program files\Navilog1 2009-04-14 14:19 . 2009-04-14 13:57 14047 ----a-w C:\TB.txt 2009-04-14 14:01 . 2009-03-09 08:23 -------- d-----w c:\users\DERRIEN\AppData\Roaming\skypePM 2009-04-14 13:55 . 2009-04-14 13:54 3387 ----a-w C:\fixnavi.txt 2009-04-14 12:15 . 2009-04-08 16:33 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-04-13 17:54 . 2009-03-09 09:15 -------- d-----w c:\users\DERRIEN\AppData\Roaming\Azureus 2009-04-12 19:31 . 2009-03-04 11:48 680 ----a-w c:\users\DERRIEN\AppData\Local\d3d9caps.dat 2009-04-10 09:02 . 2009-04-10 09:02 -------- d-----w c:\program files\Microsoft Office Outlook Connector 2009-04-08 12:27 . 2009-04-08 12:16 -------- d-----w c:\program files\RegSupreme Pro 2009-04-07 08:39 . 2009-04-07 08:39 -------- d-----w c:\program files\GIMP-2.0 2009-04-06 17:13 . 2009-03-04 14:26 -------- d-----w c:\program files\Common Files\Adobe 2009-04-01 20:38 . 2006-11-02 10:25 51200 ----a-w c:\windows\Inf\infpub.dat 2009-04-01 20:38 . 2006-11-02 10:25 86016 ----a-w c:\windows\Inf\infstrng.dat 2009-04-01 20:32 . 2006-11-02 10:25 86016 ----a-w c:\windows\Inf\infstor.dat 2009-04-01 20:30 . 2009-04-01 08:41 -------- d-----w c:\program files\WebcamMax 2009-03-30 08:16 . 2009-03-22 17:59 -------- d-----w c:\program files\Java 2009-03-28 10:50 . 2009-03-08 15:19 -------- d-----w c:\program files\Google 2009-03-25 17:56 . 2009-03-25 17:56 -------- d-----w c:\program files\Download Direct 2009-03-23 21:56 . 2009-03-23 21:56 -------- d-----w c:\program files\Common Files\ArcSoft 2009-03-23 21:54 . 2009-03-23 21:54 -------- d-----w c:\program files\Hercules 2009-03-23 21:54 . 2009-03-04 11:55 -------- d--h--w c:\program files\InstallShield Installation Information 2009-03-23 21:53 . 2009-03-04 11:55 -------- d-----w c:\program files\Common Files\InstallShield 2009-03-22 17:49 . 2009-03-22 17:49 -------- d-----w c:\program files\Free Audio Pack 2009-03-22 17:27 . 2009-03-22 17:27 -------- d-----w c:\program files\Daniusoft 2009-03-22 13:14 . 2009-03-21 13:25 -------- d-----w c:\program files\Microsoft Silverlight 2009-03-21 15:50 . 2009-03-08 15:09 -------- d-----w c:\programdata\Microsoft Help 2009-03-21 13:25 . 2009-03-21 13:06 -------- d-----w c:\program files\Microsoft 2009-03-21 13:24 . 2009-03-21 13:05 -------- d-----w c:\program files\Windows Live 2009-03-21 13:24 . 2009-03-21 13:24 -------- d-----w c:\program files\Microsoft Sync Framework 2009-03-21 13:21 . 2009-03-21 13:21 -------- d-----w c:\program files\Windows Live SkyDrive 2009-03-21 13:07 . 2009-03-21 13:07 -------- d-----w c:\program files\Microsoft SQL Server Compact Edition 2009-03-21 13:02 . 2009-03-21 13:02 -------- d-----w c:\program files\Common Files\Windows Live 2009-03-19 16:01 . 2009-03-19 16:01 -------- d-----w c:\program files\ImgBurn 2009-03-19 15:08 . 2009-03-04 14:04 -------- d-----w c:\users\DERRIEN\AppData\Roaming\Ahead 2009-03-15 18:56 . 2009-03-15 18:56 -------- d-----w c:\program files\Santa Cruz Networks 2009-03-12 21:13 . 2009-03-12 21:13 -------- d-----w c:\program files\Universal Share Downloader 2009-03-12 09:46 . 2009-03-12 09:45 -------- d-----w c:\users\DERRIEN\AppData\Roaming\vlc 2009-03-12 09:44 . 2009-03-12 09:44 -------- d-----w c:\program files\VideoLAN 2009-03-11 21:39 . 2009-03-11 21:39 -------- d-----w c:\program files\LCDTest 2009-03-11 19:23 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail 2009-03-09 09:15 . 2009-03-09 09:15 -------- d-----w c:\programdata\Azureus 2009-03-09 09:11 . 2009-03-09 09:11 -------- d-----w c:\program files\Vuze 2009-03-09 09:11 . 2009-03-09 09:11 -------- d-----w c:\program files\Common Files\i4j_jres 2009-03-09 08:54 . 2009-03-08 20:34 -------- d-----w c:\program files\EPSON 2009-03-09 08:30 . 2009-03-09 08:30 -------- d-----w c:\programdata\Cobian 2009-03-09 08:30 . 2009-03-09 08:29 -------- d-----w c:\program files\Cobian Backup 9 2009-03-09 08:23 . 2009-03-09 08:23 56 ---ha-w c:\users\All Users\ezsidmv.dat 2009-03-09 08:23 . 2009-03-09 08:23 56 ---ha-w c:\programdata\ezsidmv.dat 2009-03-09 08:21 . 2009-03-09 08:21 -------- d-----r c:\program files\Skype 2009-03-09 08:21 . 2009-03-09 08:21 -------- d-----w c:\program files\Common Files\Skype 2009-03-09 08:21 . 2009-03-09 08:21 -------- d-----w c:\programdata\Skype 2009-03-08 21:28 . 2009-03-08 21:22 -------- d-----w c:\program files\Common Files\Logitech 2009-03-08 21:26 . 2009-03-08 21:26 -------- d-----w c:\users\DERRIEN\AppData\Roaming\Logitech 2009-03-08 21:25 . 2009-03-08 21:25 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf 2009-03-08 21:25 . 2009-03-08 21:25 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf 2009-03-08 21:22 . 2009-03-08 21:22 -------- d-----w c:\programdata\Logitech 2009-03-08 21:22 . 2009-03-08 21:22 -------- d-----w c:\program files\Logitech 2009-03-08 17:29 . 2009-03-08 16:58 -------- d-----w c:\program files\K!TV 2009-03-08 16:47 . 2009-03-08 13:28 -------- d-----w c:\program files\SFR 2009-03-08 15:45 . 2009-03-04 11:48 99864 ----a-w c:\users\DERRIEN\AppData\Local\GDIPFONTCACHEV1.DAT 2009-03-08 15:12 . 2009-03-08 15:12 -------- d-----w c:\program files\Microsoft Works 2009-03-08 15:12 . 2006-11-02 12:37 -------- d-----w c:\program files\MSBuild 2009-03-08 15:11 . 2009-03-08 15:11 -------- d-----w c:\program files\Microsoft.NET 2009-03-08 15:09 . 2009-03-08 15:09 -------- d-----w c:\program files\Microsoft Visual Studio 8 2009-03-08 14:56 . 2009-03-08 14:56 132 ----a-w C:\httpdwl.dat 2009-03-04 14:47 . 2009-03-04 14:47 -------- d-----w c:\program files\MSXML 4.0 2009-03-04 14:41 . 2009-03-04 14:38 -------- d-----w c:\programdata\BitDefender 2009-03-04 14:38 . 2009-03-04 14:24 -------- d-----w c:\programdata\NOS 2009-03-04 14:38 . 2009-03-04 14:24 -------- d-----w c:\program files\NOS 2009-03-04 14:38 . 2009-03-04 14:38 -------- d-----w c:\users\DERRIEN\AppData\Roaming\BitDefender 2009-03-04 14:38 . 2009-03-04 14:37 -------- d-----w c:\program files\Common Files\BitDefender 2009-03-04 14:38 . 2009-03-04 14:38 -------- d-----w c:\program files\BitDefender 2009-03-04 14:23 . 2009-03-04 14:23 -------- d-----w c:\users\DERRIEN\AppData\Roaming\Media Player Classic 2009-03-04 14:23 . 2009-03-04 14:23 -------- d-----w c:\program files\K-Lite Codec Pack 2009-03-04 14:02 . 2009-03-04 14:02 -------- d-----w c:\programdata\Ahead 2009-03-04 14:02 . 2009-03-04 14:00 -------- d-----w c:\program files\Common Files\Ahead 2009-03-04 14:00 . 2009-03-04 14:00 -------- d-----w c:\programdata\Nero 2009-03-04 14:00 . 2009-03-04 14:00 -------- d-----w c:\program files\Nero 2009-03-04 13:52 . 2009-03-04 13:52 -------- d-----w c:\programdata\NVIDIA 2009-03-04 13:49 . 2006-11-02 10:25 665600 ----a-w c:\windows\Inf\drvindex.dat 2009-03-04 12:41 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini 2009-03-04 12:36 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Calendar 2009-03-04 12:36 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Sidebar 2009-03-04 12:36 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Photo Gallery 2009-03-04 12:36 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Journal 2009-03-04 12:36 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Collaboration 2009-03-04 12:36 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Defender 2009-03-04 12:22 . 2006-11-02 10:32 101888 ----a-w c:\windows\System32\ifxcardm.dll 2009-03-04 12:22 . 2006-11-02 10:32 82432 ----a-w c:\windows\System32\axaltocm.dll 2009-03-04 11:58 . 2009-03-04 12:18 47560 ----a-w c:\windows\System32\SPReview.exe 2009-04-08 21:2009-03-08 21:07 53:16 . c:\program files\mozilla firefox\components\FFComm.dll . ((((((((((((((((((((((((((((( SnapShot@2009-04-14_14.55.01 ))))))))))))))))))))))))))))))))))))))))) . + 2009-03-04 11:56 . 2009-04-14 15:37 36916 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2006-11-02 13:05 . 2009-04-14 15:37 54308 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2006-11-02 13:02 . 2009-04-14 14:50 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2006-11-02 13:02 . 2009-04-14 15:35 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2006-11-02 13:02 . 2009-04-14 14:50 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2006-11-02 13:02 . 2009-04-14 15:35 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2006-11-02 13:02 . 2009-04-14 15:35 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2006-11-02 13:02 . 2009-04-14 14:50 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-03-04 14:46 . 2009-04-14 15:34 81984 c:\windows\System32\bdod.bin - 2009-03-04 14:46 . 2009-04-14 14:48 81984 c:\windows\System32\bdod.bin + 2009-03-04 11:49 . 2009-04-14 15:37 7118 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-911338889-616381348-3723791290-1000_UserData.bin + 2009-04-14 15:35 . 2009-04-14 15:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2009-04-14 14:49 . 2009-04-14 14:49 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2009-04-14 14:49 . 2009-04-14 14:49 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-04-14 15:35 . 2009-04-14 15:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2006-11-02 15:48 . 2009-04-14 14:34 669652 c:\windows\System32\perfh00C.dat + 2006-11-02 15:48 . 2009-04-14 14:57 669652 c:\windows\System32\perfh00C.dat + 2006-11-02 10:33 . 2009-04-14 14:57 587286 c:\windows\System32\perfh009.dat - 2006-11-02 10:33 . 2009-04-14 14:34 587286 c:\windows\System32\perfh009.dat + 2006-11-02 15:48 . 2009-04-14 14:57 123690 c:\windows\System32\perfc00C.dat - 2006-11-02 15:48 . 2009-04-14 14:34 123690 c:\windows\System32\perfc00C.dat - 2006-11-02 10:33 . 2009-04-14 14:34 101358 c:\windows\System32\perfc009.dat + 2006-11-02 10:33 . 2009-04-14 14:57 101358 c:\windows\System32\perfc009.dat - 2006-11-02 12:47 . 2009-04-14 14:54 262144 c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2006-11-02 12:47 . 2009-04-14 15:37 262144 c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT - 2006-11-02 12:47 . 2009-04-14 14:51 262144 c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2006-11-02 12:47 . 2009-04-14 15:37 262144 c:\windows\ServiceProfiles\LocalService\NTUSER.DAT . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-18 1233920] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-08 68856] "Skype"="c:\users\DERRIEN\Desktop\Skype.exe" [2009-02-04 23975720] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "Neuf Media Center"="c:\program files\SFR\Media Center\MediaCenter.exe" [2008-10-10 726336] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13580832] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 92704] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2009-04-08 778240] "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2009\IEShow.exe" [2009-04-08 69632] "Cobian Backup 9 interface"="c:\program files\Cobian Backup 9\cbInterface.exe" [2009-01-22 2749952] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000] "Malwarebytes Piracy"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-04-06 1277584] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "WebcamMaxMoniter"="c:\program files\WebcamMax\wcmmon.exe" [2008-02-12 456024] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-04-06 401040] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-04-17 6111232] "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-20 1826816] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-01-23 101136] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-01-23 101136] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-4-6 110592] Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-3-8 688128] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{C8900D01-3B06-4B42-A2FE-F3F58BD9755B}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{D6D4E72E-8DD5-49A0-9823-7664347CB7DE}"= UDP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR) "{C38A0056-8E77-472B-ADEB-47A676CC40FE}"= TCP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR) "{2DE9A23E-75C0-4E42-A8E6-3496C473BDEA}"= c:\program files\Skype\Phone\Skype.exe:Skype "TCP Query User{710C88B9-59A4-4AD4-8540-EAAA1450FE15}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus "UDP Query User{E725383B-0032-4071-A40F-3B4464DFEAE9}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus "TCP Query User{10D2C496-7AA9-4F5C-BF6C-E30EF954EB7F}c:\\program files\\universal share downloader\\usdownloader.exe"= UDP:c:\program files\universal share downloader\usdownloader.exe:Universal Share Downloader "UDP Query User{7E96CE9F-B3DC-4794-92D8-A6815E1553D2}c:\\program files\\universal share downloader\\usdownloader.exe"= TCP:c:\program files\universal share downloader\usdownloader.exe:Universal Share Downloader "{65A1DB8E-D0DD-40AA-9642-4063B4E3E0D4}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync "TCP Query User{AECF0DAC-2FEE-4460-AB0F-67C566997B67}c:\\users\\derrien\\desktop\\skype.exe"= UDP:c:\users\derrien\desktop\skype.exe:skype.exe "UDP Query User{E3D9E94B-EDAF-4008-A25A-52BA46849278}c:\\users\\derrien\\desktop\\skype.exe"= TCP:c:\users\derrien\desktop\skype.exe:skype.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R2 gupdate1c9af92ffc09182;Service Google Update (gupdate1c9af92ffc09182);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-28 133104] R3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784] R3 DsAudioDevice_282;DsAudioDevice_282;c:\windows\system32\drivers\DsAudioDevice_282.sys [2009-01-08 16640] R3 UsbSagCom;Mobile Device Full USB Driver;c:\windows\system32\DRIVERS\UsbSagCom.sys [2007-06-29 51712] S2 CamthWDM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\CamthWDM.sys [2008-12-18 1051136] S2 CobianBackupAmanita;Cobian Backup 9 service;c:\program files\Cobian Backup 9\cbService.exe [2009-01-22 583168] S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280] S2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-04-06 179856] S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] S3 bdfm;bdfm;c:\windows\system32\drivers\bdfm.sys [2008-09-18 111112] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-04-06 15504] S3 ovt530;Hercules Webcam Deluxe;c:\windows\system32\Drivers\ov530vid.sys [2005-03-15 161792] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx REG_MULTI_SZ scan . Contenu du dossier 'Tâches planifiées' 2009-04-14 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-28 10:49] 2009-04-14 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-28 10:50] 2009-04-14 c:\windows\Tasks\User_Feed_Synchronization-{A3E44738-B4F1-4FB7-990A-00978D1F1086}.job - c:\windows\system32\msfeedssync.exe [2009-03-04 22:33] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.msn.fr/ mWindow Title = IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\DERRIEN\AppData\Roaming\Mozilla\Firefox\Profiles\8t4ppe8b.default\ FF - prefs.js: browser.search.selectedEngine - Live Search FF - prefs.js: browser.startup.homepage - hxxp://www.msn.fr/ FF - prefs.js: keyword.URL - about:neterror?e=query&u= FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll ---- PARAMETRES FIREFOX ---- FF - user.js: yahoo.homepage.dontask - true. ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-14 17:40 Windows 6.0.6001 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: ~,10time:~,-3 ComboFix-quarantined-files.txt 2009-04-14 15:42 ComboFix2.txt 2009-04-14 14:57 Avant-CF: 226 780 499 968 octets libres Après-CF: 226 743 484 416 octets libres 430 --- E O F --- 2009-03-22 21:49 et dernier rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:31:58, on 14/04/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe C:\Program Files\Cobian Backup 9\cbInterface.exe C:\Program Files\Windows Live\Family Safety\fsui.exe C:\Program Files\Search Settings\SearchSettings.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\WebcamMax\wcmmon.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Users\DERRIEN\Desktop\Skype.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\SFR\Media Center\MediaCenter.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE C:\Windows\System32\mobsync.exe C:\Program Files\SFR\Media Center\httpd\httpd.exe C:\Program Files\SFR\Media Center\httpd\httpd.exe C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [WinSys2] C:\Windows\system32\startup.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /F "C:\Windows\TEMP\E_S2547.tmp" /EF "HKLM" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Cobian Backup 9 interface] "C:\Program Files\Cobian Backup 9\cbInterface.exe" -service O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe O4 - HKLM\..\Run: [Malwarebytes Piracy] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /piracy O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [skype] "C:\Users\DERRIEN\Desktop\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [wacse] "c:\users\derrien\appdata\local\wacse.exe" wacse O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\DERRIEN\AppData\LocalLow\Dealio\kb127\res\DealioSearch.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe O23 - Service: Cobian Backup 9 service (CobianBackupAmanita) - Luis Cobian - C:\Program Files\Cobian Backup 9\cbService.exe O23 - Service: Service Google Update (gupdate1c9af92ffc09182) (gupdate1c9af92ffc09182) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe -- End of file - 10055 bytes voila et je crois que j'en avais besoin
- le 14 avril 2009
- 27 réponses
"resolu" rapport hijackthids et malware bytes

mimic8535 a répondu à un(e) sujet de mimic8535 dans Analyses et éradication malwares

ALLER VA Y C'est sympa mais il faut remettre tout propre merci
- le 14 avril 2009
- 27 réponses

Connexion

mimic8535

Compteur de contenus

Inscription

Dernière visite

mimic8535's Achievements

Member (4/12)

Réputation sur la communauté

fenetre publicitaire intempestive

fenetre publicitaire intempestive

fenetre publicitaire intempestive

fenetre publicitaire intempestive

fenetre publicitaire intempestive

fenetre publicitaire intempestive

"resolu" rapport hijackthids et malware bytes

"resolu" rapport hijackthids et malware bytes

"resolu" rapport hijackthids et malware bytes

"resolu" rapport hijackthids et malware bytes

"resolu" rapport hijackthids et malware bytes

"resolu" rapport hijackthids et malware bytes

"resolu" rapport hijackthids et malware bytes

"resolu" rapport hijackthids et malware bytes

"resolu" rapport hijackthids et malware bytes

Zebulon

Outils en ligne

Naviguer