winner22

oui c'est fait je fais un scan complet la

non c'est juste que j'ai fait tout ca comme un robot. Je n'y comprends absolument rien, c'est du mandarin dans un texte suédois pour moi. mais raison de plus d'appécier votre aide pour ma part. merci encore

Ah bon je sais pas pourquoi ca me fait un peu peur mais je le fais merci pour tout je ne sais meme pas si mon pc etait infecté.

non je parle d'avira

en effet c'etait ca. Dois je le desinstaller et reinstaller parqu'il arrive meme pas a finir un scan?

protection web Avira 1.4.3 je n'arrive pas a ouvrir le programme SFTGC. ressources insuffisantes .... comme avant la desinfection. Y a t-il un autre probleme sur mon PC selon vous?

bonjour ZHPfix (il etait sur mon bureau) http://cjoint.com/?EADlYKttTAv ZHPcleaner http://cjoint.com/?EADl1gagNO7 Qu'est ce que je fais de SFTGC il est sur mon bureau merci pour tout Avira me propose une extension pour chrome je dois l'accepter?

bonsoir et merci d'avance ADWCleaner http://cjoint.com/?EACs3WJ7kvg JRT http://cjoint.com/?EACs45O9aFi MBAM Dans le 'ici' je n'ai pas trouvé de lien. Peut etre est ce une partie des effets de la grippe. Donc j'ai utilisé la version que j'ai telechargé hier. J'espere que c'est bon. Je n'ai pas trouvé non plus : vérifiez que cette cases Lancer Malwarebytes Anti-Malware est bien cochée. Un essai gratuit de 14 jours des fonctions de la version Premium(payante) est pré-sélectionné, décochez le. Cela ne diminuera pas les capacités d'analyse et de suppression du programme. Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 29/01/2015 Heure de l'examen: 01:00:21 Fichier journal: Administrateur: Oui Version: 2.00.4.1028 Base de données Malveillants: v2015.01.28.10 Base de données Rootkits: v2015.01.14.01 Licence: Gratuit Protection contre les malveillants: Désactivé(e) Protection contre les sites Web malveillants: Désactivé(e) Auto-protection: Désactivé(e) Système d'exploitation: Windows 8.1 Processeur: x64 Système de fichiers: NTFS Utilisateur: Meir Marciano Type d'examen: Examen "Personnalisé" Résultat: Terminé Objets analysés: 522789 Temps écoulé: 2 h, 55 min, 17 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Activé(e) Heuristique: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 0 (Aucun élément malicieux detecté) Modules: 0 (Aucun élément malicieux detecté) Clés du Registre: 0 (Aucun élément malicieux detecté) Valeurs du Registre: 0 (Aucun élément malicieux detecté) Données du Registre: 0 (Aucun élément malicieux detecté) Dossiers: 0 (Aucun élément malicieux detecté) Fichiers: 1 PUP.PSWTool.ProductKey, E:\Programmes Install\Office 2010\KMSAuto Net v1.0.3 Portable EN.rar, Mis en quarantaine, [dc758a6d4d3ce4529bad85f545bba858], Secteurs physiques: 0 (Aucun élément malicieux detecté) (end) SC Cleaner Shortcut Cleaner 1.3.4 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2015 BleepingComputer.com More Information about Shortcut Cleaner can be found at this link: http://www.bleepingcomputer.com/download/shortcut-cleaner/ Windows Version: Windows 8.1 Program started at: 01/29/2015 07:42:48 AM. Scanning for registry hijacks: * No issues found in the Registry. Searching for Hijacked Shortcuts: Searching C:\Users\Meir Marciano\AppData\Roaming\Microsoft\Windows\Start Menu\ Searching C:\ProgramData\Microsoft\Windows\Start Menu\ Searching C:\Users\Meir Marciano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ Searching C:\Users\Public\Desktop\ Searching C:\Users\Meir Marciano\Desktop 0 bad shortcuts found. Program finished at: 01/29/2015 07:42:50 AM Execution time: 0 hours(s), 0 minute(s), and 1 seconds(s) ZHP Diag http://cjoint.com/?EADhfaBC2sr je n'ai pas fait ZHP fix parce que ce n'est pas éecrit dans le tuto merci bcp

bonsoir 1. j'ai ressenti des symptomes d'infection comme refus d'installer des programmes ou refus de lancer des liens url sur simple clic 2. lancé antivir. mais bloque apres 5%. 3. tout de meme noté 3 virus dont 'ADWARE/MultiPlug.aoa' pouvez vous m'aider zhp diag effectué ~ Rapport de ZHPDiag v2014.12.27.179 - Nicolas Coolman (27/12/2014) ~ Lancé par Meir Marciano (28/01/2015 00:36:47) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Nouvelle version disponible ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.16521 (Defaut) MFIE: Mozilla Firefox 29.0.1 GCIE: Google Chrome v40.0.2214.93 ---\\ Informations sur les produits Windows ~ Langage: Français Windows 8.1, 64-bit (Build 9600) Windows Server License Manager Script : OK ---\\ Logiciels de protection du système Avira Free Antivirus v14.0.7.468 Malwarebytes Anti-Malware version 2.0.4.1028 Windows Defender W8 (Deactivate) ---\\ Logiciels d'optimisation du système CCleaner v5.02 ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Reader XI ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3971 MB (45% free) System Restore: Activé (Enable) System drive C: has 186 GB (79%) free of 233 GB ---\\ Mode de connexion au système ~ Computer Name: MEIR ~ User Name: Meir Marciano ~ All Users Names: Meir Marciano, HomeGroupUser$, Guest, Administrator, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Meir Marciano\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Meir Marciano\AppData\Roaming\ ~ %Desktop% : C:\Users\Meir Marciano\Desktop\ ~ %Favorites% : C:\Users\Meir Marciano\Favorites\ ~ %LocalAppData% : C:\Users\Meir Marciano\AppData\Local\ ~ %StartMenu% : C:\Users\Meir Marciano\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 186 Go of 233 Go) E: Hard drive, Flash drive, Thumb drive (Free 30 Go of 221 Go) F: CD-ROM drive (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 49 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.63DC38C3E4564B2405D562855643ABA2] - (.Microsoft Corporation - Explorateur Windows.) (.14/11/2013 - 09:29:01.) -- C:\Windows\Explorer.exe [2328872] [MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 11:58:29.) -- C:\Windows\System32\Wininit.exe [144384] [MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 05:10:28.) -- C:\Windows\System32\wininet.dll [2334208] [MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.22/08/2013 - 11:55:08.) -- C:\Windows\System32\Winlogon.exe [564736] [MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/12/2013 - 10:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488] [MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.22/08/2013 - 15:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296] [MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 14:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464] [MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 13:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576] [MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 10:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352] [MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22/08/2013 - 13:38:00.) -- C:\Windows\system32\Drivers\DfsC.sys [134656] [MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 13:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336] [MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 13:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520] [MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 14:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848] [MD5.79B6F3DF7CDFD12159871FF71464F0CE] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.23/11/2013 - 09:08:19.) -- C:\Windows\system32\Drivers\MRxSmb.sys [403456] [MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 13:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624] [MD5.725EF69B2DBEB7B33280019A556201BC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.10/03/2014 - 12:35:58.) -- C:\Windows\system32\Drivers\ntfs.sys [2008408] [MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 13:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208] [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 13:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832] [MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.14/11/2013 - 09:16:57.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584] [MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 15:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520] [MD5.C85C075DE5B6D0FE116043054DE8EE02] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.31/01/2014 - 18:15:23.) -- C:\Windows\system32\Drivers\volsnap.sys [311640] ~ Generic Processes: Scanned in 00mn 01s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/4 ~ Mes musiques (My Musics) : 1/7 Mes Videos (My Videos) : 2/2 (Modified) ~ Mes Favoris (My Favorites) : 1/10 ~ Mes Documents (My Documents) : 2/2083 ~ Mon Bureau (My Desktop) : 1/5 ~ Menu demarrer (Programs) : 1/31 ~ Hidden Files: Scanned in 00mn 04s ---\\ Processus lancés [MD5.3C13F26A4766752314A5413038BD86B4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [7229752] [PID.2580] [MD5.BA18CFAB98426BFA6D6EC7E5B1961ED0] - (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200] [PID.2848] [MD5.6F442AB16C346018AC5A67727A3633E5] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592] [PID.1956] [MD5.E47AC731D42B2452D4C0BF096DF3DD6E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8145408] [PID.5292] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Meir Marciano\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\\ Liste des dossiers d'extension Google Chrome ~ Google Lines Browser: 0 Scanned in 00mn 07s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Meir Marciano\AppData\Roaming\Mozilla\Firefox\Profiles\lykswgu4.default\prefs.js M0 - MFSP: prefs.js [Meir Marciano - lykswgu4.default] about:home P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll ~ Firefox Browser: 5 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.16412 (winblue_gdr.130925-1958)) -- C:\Windows\SysWOW64\ieframe.dll ~ IE Browser: 10 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\WINDOWS\System32\Userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (24) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll ~ BHO: 2 Scanned in 00mn 00s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [TODDMain] . (.Pas de propriétaire - TOSHIBA System Settings Service.) -- C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe O4 - HKLM\..\Run: [TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Function Key Main Module.) -- C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co O4 - HKLM\..\Wow6432Node\Run: [AmIcoSinglun64] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe O4 - HKLM\..\Wow6432Node\Run: [1.TPUReg] . (.TOSHIBA - readLM.) -- C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Wow6432Node\Run: [bCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe O4 - HKLM\..\Wow6432Node\Run: [Avira Systray] . (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe O4 - HKUS\.DEFAULT\..\Run: [AviraSpeedup] C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe (.not file.) O4 - HKUS\S-1-5-18\..\Run: [AviraSpeedup] C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe (.not file.) ~ Application: Scanned in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll ~ Winsock: 8 Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{E37BA911-584B-4922-B26D-3B62ABE15CE4}: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CS1\Services\Tcpip\..\{E37BA911-584B-4922-B26D-3B62ABE15CE4}: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Avira Service Host (Avira.OE.ServiceHost) . (.Avira Operations GmbH & Co. KG - Avira.OE.ServiceHost.) - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe O23 - Service: Blue Coat K9 Web Protection (bckwfs) . (.Blue Coat Systems, Inc. - K9 Web Protection Filter.) - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DTS APO Service (dts_apo_service) . (.Pas de propriétaire - dts_apo_service.) - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: HP SI Service (HPSIService) . (.HP - HP Smart-Install Service.) - C:\WINDOWS\system32\HPSIsvc.exe O23 - Service: Intel® Capability Licensing Service Interface (Intel® Capability Licensing Service Interface) . (.Intel® Corporation - Intel® Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: C:\Windows\System32\stlang64.dll (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: TeamViewer 9 (TeamViewer9) . (.TeamViewer GmbH - TeamViewer 9.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe ~ Services: 16 Scanned in 00mn 05s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.D41D8CD98F00B204E9800998ECF8427E] [APT] [AutoKMS] (...) -- C:\WINDOWS\AutoKMS\AutoKMS.exe [2063360] =>Trojan.AutoKMS [MD5.9A1F3AEA8D61AA67D90F1B336C00984E] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5496600] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.798F5393B06CC3244645C9AD0DE80D71] [APT] [synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3049712] [MD5.00000000000000000000000000000000] [APT] [ZRPM] (...) -- C:\Users\Meir Marciano\AppData\Roaming\ZRPM.exe (.not file.) [0] [MD5.6F442AB16C346018AC5A67727A3633E5] [APT] [{2D42F379-0EA6-44D9-B2A3-10ADACA8D232}] (.Google Inc..) -- c:\program files (x86)\google\chrome\application\chrome.exe [843592] [MD5.00000000000000000000000000000000] [APT] [{7945F4E6-A412-422C-99D5-E1F39BF9A9B2}] (...) -- c:\users\Meir Marciano\appdata\local\google\chrome\application\chrome.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{7B95B239-9521-4C4C-9F67-BA51BD65EFF2}] (...) -- c:\users\Meir Marciano\appdata\local\google\chrome\application\chrome.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{DE5401FC-FC9F-47EE-899C-562C9EC8C3DF}] (...) -- c:\users\Meir Marciano\appdata\local\google\chrome\application\chrome.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{F4800C3C-3952-4AF6-8A92-305BC05129F9}] (...) -- c:\users\Meir Marciano\appdata\local\google\chrome\application\chrome.exe (.not file.) [0] [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [912] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [912] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [916] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [916] O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\Windows\Tasks\Synaptics TouchPad Enhancements.job [264] O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements [264] O39 - APT: ZRPM - (...) -- C:\Windows\Tasks\ZRPM.job [1376] O39 - APT: ZRPM - (...) -- C:\Windows\System32\Tasks\ZRPM [1376] ~ Scheduled Task: 19 Scanned in 00mn 18s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll ~ Active Setup: 7 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys O41 - Driver: (avipbb) . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\system32\DRIVERS\avkmgr.sys O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys ~ Drivers: 38 Scanned in 00mn 01s ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Reader XI (11.0.10) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001} O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM][64Bits] -- AmUStor O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {83CAF0DE-8D3B-4C37-A631-2B8F16EC3031} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {BDD99690-3541-4619-9D2A-3CDDB3E15F9E} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc O42 - Logiciel: Atheros Bluetooth Filter Driver Package - (.Qualcomm Atheros.) [HKLM][64Bits] -- {026B819B-4D60-4C8B-892D-33A0D8666F60} O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM][64Bits] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7} O42 - Logiciel: Avira Free Antivirus v14.0.7.468 - (.Avira.) [HKLM][64Bits] -- Avira AntiVir Desktop O42 - Logiciel: Avira v1.1.27.25527 - (.Avira Operations & Co. KG.) [HKLM][64Bits] -- {21388E37-9EC5-4549-95CA-95D9B2D327A4} O42 - Logiciel: Avira v1.1.27.25527 - (.Avira Operations & Co. KG.) [HKLM][64Bits] -- {e7c7c227-b742-4878-9425-f09bbf9951db} O42 - Logiciel: Blue Coat K9 Web Protection - (.Blue Coat Systems, Inc..) [HKLM][64Bits] -- Blue Coat K9 Web Protection O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} O42 - Logiciel: Box Sync - (.Box Inc..) [HKLM][64Bits] -- {eadb29c4-e3df-4f3b-be17-efa9d48456e8} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd O42 - Logiciel: DTS Sound - (.DTS, Inc..) [HKLM][64Bits] -- {2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4} O42 - Logiciel: Defraggler - (.Piriform.) [HKLM][64Bits] -- Defraggler O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox O42 - Logiciel: E-GOV.IL Sign&Verify Software - AGForm toolbar - (.GOV.IL.) [HKLM][64Bits] -- {98880888-285F-4260-989B-8B22020D756F} O42 - Logiciel: FXCM MetaTrader 4 - (.MetaQuotes Software Corp..) [HKLM][64Bits] -- FXCM MetaTrader 4 O42 - Logiciel: FXCM Trading Station - (...) [HKLM][64Bits] -- FXCM Trading Station O42 - Logiciel: FXCM Trading Station - (.FXCM.) [HKLM][64Bits] -- {494367EC-82A9-4C0D-A788-74A967998E8C} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google_adwords - (...) [HKLM][64Bits] -- CREAOMR2012Exécutable O42 - Logiciel: HP LaserJet Professional M1130-M1210 MFP Series - (...) [HKLM][64Bits] -- HP LaserJet Professional M1130-M1210 MFP Series O42 - Logiciel: IDT Audio - (.IDT.) [HKLM][64Bits] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001} O42 - Logiciel: IDT Audio Driver - (.IDT.) [HKLM][64Bits] -- {11424B27-C16B-4505-9667-82A10AD1B1DC} O42 - Logiciel: Intel® ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits] -- {5F65413B-7483-446A-AB9D-61EC13BD621E} O42 - Logiciel: Intel® Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {27DEA29A-222C-45F8-B70D-0A7B303FC71B} O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} O42 - Logiciel: Intel® SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {977D1ABF-4089-4CA7-BA33-CC75808B7ACE} O42 - Logiciel: Kaluach3 - (...) [HKLM][64Bits] -- Kaluach3 O42 - Logiciel: Kol Halashon Download Manager - (.Kol Halashon.) [HKLM][64Bits] -- {3B5F6507-5620-4136-B4DD-4E7069BE5B4B} O42 - Logiciel: Kol Halashon New Home Kiosk - (.Kol Halashon.) [HKLM][64Bits] -- {39426C04-52B1-43C7-AD7C-6BE48A80C626} O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.4.1028 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Mozilla Firefox 29.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 29.0.1 (x86 fr) O42 - Logiciel: MyFreeCodec - (...) [HKCU][64Bits] -- MyFreeCodec O42 - Logiciel: Qualcomm Atheros Client Installation Program - (.Qualcomm Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} O42 - Logiciel: Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Dr - (.Qualcomm Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A} O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054} O42 - Logiciel: Skype™ 6.18 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7} O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey O42 - Logiciel: TOSHIBA Function Key - (.Toshiba Corporation.) [HKLM][64Bits] -- {16562A90-71BC-41A0-B890-D91B0C267120} O42 - Logiciel: TOSHIBA Password Utility - (.Toshiba Corporation.) [HKLM][64Bits] -- InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5} O42 - Logiciel: TOSHIBA Recovery Media Creator - (.Toshiba Corporation.) [HKLM][64Bits] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF} O42 - Logiciel: TOSHIBA Resolution+ Plug-in for Windows Media Player - (.Toshiba Corporation.) [HKLM][64Bits] -- {6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94} =>.Microsoft Corporation O42 - Logiciel: TOSHIBA System Driver - (.Toshiba Corporation.) [HKLM][64Bits] -- {1E6A96A1-2BAB-43EF-8087-30437593C66C} O42 - Logiciel: TOSHIBA System Settings - (.Toshiba Corporation.) [HKLM][64Bits] -- {05A55927-DB9B-4E26-BA44-828EBFF829F0} O42 - Logiciel: TeamViewer 9 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer 9 O42 - Logiciel: Trading Station Publisher - (.Myfxbook Ltd..) [HKLM][64Bits] -- {C4EB237D-AAE3-46B8-B013-2E9A3BBC8795} O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM][64Bits] -- {933B4015-4618-4716-A828-5289FC03165F} O42 - Logiciel: WinRAR 5.01 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {2ABBBD91-91E5-4AD7-929A-FE15D1DC0576} ~ Logic: 38 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Adobe] [HKCU\Software\Agat] [HKCU\Software\Altica Création] [HKCU\Software\Ammyy] [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow\Software\Sense] [HKCU\Software\AppDataLow\Software\Unity] [HKCU\Software\AppDataLow\Software\adawarebp] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\AviraSpeedup] [HKCU\Software\Avira] [HKCU\Software\CamStudioOpenSource for Nick] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Disc Soft] [HKCU\Software\GameHouse] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Macromedia] [HKCU\Software\MetaQuotes Software] [HKCU\Software\Modern UI Test] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Myfree Codec] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\PC SOFT] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\RegisteredApplications] [HKCU\Software\Samsung] [HKCU\Software\Sign&Verify] [HKCU\Software\Skype] [HKCU\Software\Synaptics] [HKCU\Software\TPUKey] [HKCU\Software\TPUString] [HKCU\Software\TeamViewer] [HKCU\Software\Toshiba] [HKCU\Software\Trolltech] [HKCU\Software\Unity] [HKCU\Software\WildTangent] [HKCU\Software\WinRAR] [HKCU\Software\Wow6432Node] [HKCU\Software\ZRPM] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\ej-technologies] [HKCU\Software\globalUpdate] =>PUP.GlobalUpdate [HKCU\Software\hMailServer] [HKCU\Software\mcafeeVolatile] [HKCU\Software\yahooinstall] [HKLM\Software\ATI Technologies] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Blue Coat Systems] [HKLM\Software\Box] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\DivX] [HKLM\Software\EnigmaSoftwareGroup] [HKLM\Software\GEAR Software] [HKLM\Software\IDT] [HKLM\Software\IM Providers] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\Marvell] [HKLM\Software\MetaQuotes Software] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\RegisteredApplications] [HKLM\Software\SAMSUNG] [HKLM\Software\SRS Labs] [HKLM\Software\Synaptics] [HKLM\Software\Toshiba] [HKLM\Software\WinRAR] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\Ammyy] [HKLM\Software\Wow6432Node\Apple Computer, Inc.] [HKLM\Software\Wow6432Node\Apple Inc.] [HKLM\Software\Wow6432Node\Atheros] [HKLM\Software\Wow6432Node\AviraSpeedup] [HKLM\Software\Wow6432Node\Avira] [HKLM\Software\Wow6432Node\CandleWorks] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\DTS, Inc.] [HKLM\Software\Wow6432Node\DTS] [HKLM\Software\Wow6432Node\Disc Soft] [HKLM\Software\Wow6432Node\EnigmaSoftwareGroup] [HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\HewlettPackard] [HKLM\Software\Wow6432Node\IDT] [HKLM\Software\Wow6432Node\IM Providers] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\JavaSoft] [HKLM\Software\Wow6432Node\JreMetrics] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\Kol Halashon] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\Wow6432Node\MimarSinan] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\Myfree Codec] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\OdinM] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Qualcomm Atheros] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\SRS Labs] [HKLM\Software\Wow6432Node\Samsung] [HKLM\Software\Wow6432Node\Sense-nv] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\TOSHIBA] [HKLM\Software\Wow6432Node\TeamViewer] [HKLM\Software\Wow6432Node\WildTangent] [HKLM\Software\Wow6432Node\X-AVCSD] [HKLM\Software\Wow6432Node\ej-technologies] [HKLM\Software\Wow6432Node\hMailServer] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node] ~ Key Software: 233 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 08/12/2013 - 20:29:32 - [] ----D C:\Program Files (x86)\Adobe O43 - CFD: 04/02/2014 - 20:51:43 - [] ----D C:\Program Files (x86)\agat O43 - CFD: 05/07/2013 - 09:41:00 - [] ----D C:\Program Files (x86)\AmIcoSingLun O43 - CFD: 03/11/2014 - 18:15:04 - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc O43 - CFD: 05/07/2013 - 09:38:57 - [] ----D C:\Program Files (x86)\Atheros O43 - CFD: 16/12/2014 - 19:14:24 - [] ----D C:\Program Files (x86)\Avira O43 - CFD: 03/11/2014 - 18:14:30 - [] ----D C:\Program Files (x86)\Bonjour O43 - CFD: 19/07/2014 - 21:06:55 - [] ----D C:\Program Files (x86)\Candleworks O43 - CFD: 03/11/2014 - 18:14:13 - [] ----D C:\Program Files (x86)\Common Files O43 - CFD: 08/12/2013 - 12:21:14 - [] ----D C:\Program Files (x86)\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 30/09/2014 - 18:12:16 - [] ----D C:\Program Files (x86)\DTS, Inc O43 - CFD: 07/06/2013 - 22:36:51 - [] ----D C:\Program Files (x86)\eBay =>Toolbar.eBay O43 - CFD: 25/04/2014 - 12:15:21 - [] ----D C:\Program Files (x86)\Elcomsoft O43 - CFD: 29/09/2014 - 22:58:44 - [] ----D C:\Program Files (x86)\Enigma Software Group O43 - CFD: 25/02/2014 - 22:40:23 - [] ----D C:\Program Files (x86)\Full-Turk O43 - CFD: 08/09/2014 - 21:57:08 - [] ----D C:\Program Files (x86)\FXCM MetaTrader 4 O43 - CFD: 29/09/2014 - 19:17:01 - [] ----D C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate O43 - CFD: 09/01/2014 - 21:34:23 - [] ----D C:\Program Files (x86)\Google O43 - CFD: 04/02/2014 - 20:51:43 - [] ----D C:\Program Files (x86)\GOV.IL O43 - CFD: 25/02/2014 - 21:37:12 - [] ----D C:\Program Files (x86)\hMailServer O43 - CFD: 02/05/2014 - 11:34:18 - [] ----D C:\Program Files (x86)\IDT O43 - CFD: 24/09/2014 - 11:18:51 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 05/07/2013 - 09:33:29 - [] ----D C:\Program Files (x86)\Intel O43 - CFD: 05/05/2014 - 08:52:03 - [] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 03/11/2014 - 18:17:45 - [] ----D C:\Program Files (x86)\iTunes O43 - CFD: 15/12/2013 - 13:17:37 - [] ----D C:\Program Files (x86)\Kaluach3 O43 - CFD: 18/12/2013 - 17:47:43 - [] ----D C:\Program Files (x86)\Kol Halashon O43 - CFD: 27/01/2015 - 23:46:54 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware O43 - CFD: 02/09/2014 - 15:14:04 - [] ----D C:\Program Files (x86)\MarkAny O43 - CFD: 12/12/2013 - 21:19:16 - [] ----D C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 14/12/2013 - 22:55:21 - [] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 22/12/2013 - 00:38:26 - [] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 12/12/2013 - 21:21:49 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 12/12/2013 - 21:22:11 - [] ----D C:\Program Files (x86)\Microsoft Synchronization Services O43 - CFD: 12/12/2013 - 21:32:01 - [] ----D C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 05/01/2014 - 16:14:43 - [] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 25/02/2014 - 21:53:15 - [] ----D C:\Program Files (x86)\Mobogenie =>PUP.Mobogenie O43 - CFD: 05/06/2014 - 22:46:54 - [] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 06/01/2014 - 02:00:58 - [] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 12/12/2013 - 21:36:50 - [] ----D C:\Program Files (x86)\MSECache O43 - CFD: 02/04/2014 - 21:00:12 - [] ----D C:\Program Files (x86)\MyFree Codec O43 - CFD: 25/04/2014 - 05:44:14 - [] ----D C:\Program Files (x86)\Myfxbook Ltd O43 - CFD: 24/09/2014 - 11:20:09 - [] ----D C:\Program Files (x86)\Qualcomm Atheros O43 - CFD: 06/01/2014 - 02:00:58 - [] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 02/09/2014 - 15:09:07 - [] ----D C:\Program Files (x86)\Samsung O43 - CFD: 05/08/2014 - 19:55:16 - [] R---D C:\Program Files (x86)\Skype O43 - CFD: 25/03/2014 - 21:44:20 - [] ----D C:\Program Files (x86)\TeamViewer O43 - CFD: 05/07/2013 - 09:40:15 - [] ----D C:\Program Files (x86)\TOH Class Filter O43 - CFD: 24/03/2014 - 11:11:38 - [] ----D C:\Program Files (x86)\TOSHIBA O43 - CFD: 05/07/2013 - 09:53:36 - [] ----D C:\Program Files (x86)\TOSHIBA Corporation O43 - CFD: 24/03/2014 - 11:08:52 - [] ----D C:\Program Files (x86)\TOSHIBA Games O43 - CFD: 05/05/2014 - 08:52:09 - [] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 05/01/2014 - 16:14:46 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 05/01/2014 - 16:14:46 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 22/08/2013 - 17:36:33 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 22/08/2013 - 17:36:30 - [] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 05/01/2014 - 16:14:46 - [] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 22/08/2013 - 17:36:33 - [] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 05/01/2014 - 16:14:46 - [] -SH-D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 22/08/2013 - 17:36:30 - [] ----D C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 18/12/2013 - 14:16:49 - [] ----D C:\Program Files (x86)\WinRAR O43 - CFD: 28/01/2015 - 00:36:20 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 08/12/2013 - 20:30:35 - [] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 03/11/2014 - 18:16:35 - [] ----D C:\Program Files (x86)\Common Files\Apple O43 - CFD: 12/12/2013 - 21:22:10 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 25/02/2014 - 21:28:37 - [] ----D C:\Program Files (x86)\Common Files\DivX Shared O43 - CFD: 02/05/2014 - 11:34:10 - [] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 05/01/2014 - 16:49:56 - [] ----D C:\Program Files (x86)\Common Files\Intel O43 - CFD: 05/01/2014 - 16:14:41 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 05/07/2013 - 09:31:48 - [] ----D C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 22/08/2013 - 17:36:33 - [] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 23/08/2014 - 19:38:57 - [] ----D C:\Program Files (x86)\Common Files\Skype O43 - CFD: 05/01/2014 - 16:14:42 - [] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 24/03/2014 - 11:11:25 - [] ----D C:\Program Files (x86)\Common Files\Toshiba Shared O43 - CFD: 25/02/2014 - 22:08:27 - [] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard O43 - CFD: 08/12/2013 - 20:35:27 - [] ----D C:\ProgramData\Adobe O43 - CFD: 01/12/2013 - 21:41:47 - [] ----D C:\ProgramData\Allmyapps O43 - CFD: 25/04/2014 - 00:05:29 - [] ----D C:\ProgramData\AMMYY O43 - CFD: 05/07/2013 - 09:41:00 - [] ----D C:\ProgramData\AmUStor O43 - CFD: 03/11/2014 - 18:14:55 - [] ----D C:\ProgramData\Apple O43 - CFD: 03/11/2014 - 18:16:35 - [] ----D C:\ProgramData\Apple Computer O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Application Data O43 - CFD: 22/07/2014 - 00:58:11 - [] ----D C:\ProgramData\AVAST Software O43 - CFD: 22/07/2014 - 00:53:17 - [] ----D C:\ProgramData\Avira O43 - CFD: 27/02/2014 - 17:10:44 - [] ----D C:\ProgramData\BlueStacks O43 - CFD: 12/12/2013 - 21:11:18 - [] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Desktop O43 - CFD: 25/02/2014 - 21:28:37 - [] ----D C:\ProgramData\DivX O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Documents O43 - CFD: 03/11/2014 - 18:17:46 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 O43 - CFD: 01/01/2014 - 23:46:12 - [] ----D C:\ProgramData\Hewlett-Packard O43 - CFD: 16/07/2014 - 10:38:42 - [] ----D C:\ProgramData\HP O43 - CFD: 05/07/2013 - 09:35:53 - [] ----D C:\ProgramData\Intel O43 - CFD: 04/12/2013 - 13:26:13 - [] ----D C:\ProgramData\IsolatedStorage O43 - CFD: 18/12/2013 - 17:51:44 - [] ----D C:\ProgramData\Kol Halashon O43 - CFD: 29/09/2014 - 17:55:07 - [] ----D C:\ProgramData\Malwarebytes O43 - CFD: 29/12/2013 - 02:07:55 - [] ----D C:\ProgramData\McAfee O43 - CFD: 03/12/2013 - 13:22:29 - [] ----D C:\ProgramData\MetaQuotes O43 - CFD: 19/01/2015 - 10:15:50 - [] -S--D C:\ProgramData\Microsoft O43 - CFD: 26/04/2014 - 22:01:01 - [] ----D C:\ProgramData\Microsoft Help O43 - CFD: 17/02/2014 - 17:10:03 - [] ----D C:\ProgramData\Mozilla O43 - CFD: 19/01/2014 - 11:44:10 - [0] ----D C:\ProgramData\Oracle O43 - CFD: 16/12/2014 - 19:14:31 - [] ----D C:\ProgramData\Package Cache O43 - CFD: 05/01/2014 - 16:14:52 - [] ----D C:\ProgramData\PRICache O43 - CFD: 24/09/2014 - 11:20:02 - [] ----D C:\ProgramData\Qualcomm Atheros O43 - CFD: 14/11/2013 - 09:17:03 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 02/09/2014 - 15:06:38 - [] ----D C:\ProgramData\Samsung O43 - CFD: 23/08/2014 - 19:39:06 - [] ----D C:\ProgramData\Skype O43 - CFD: 30/09/2014 - 18:12:16 - [] ----D C:\ProgramData\SRS Labs O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Start Menu O43 - CFD: 28/11/2013 - 21:45:42 - [] ----D C:\ProgramData\Sun O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Templates O43 - CFD: 28/11/2013 - 13:55:26 - [] ----D C:\ProgramData\Toshiba O43 - CFD: 12/03/2014 - 10:18:15 - [] ----D C:\ProgramData\TP-LINK O43 - CFD: 24/03/2014 - 11:09:06 - [] ----D C:\ProgramData\WildTangent O43 - CFD: 19/07/2014 - 21:07:01 - [] --H-D C:\ProgramData\{EAD11D69-704B-44BF-AC79-3E975B0318F6} O43 - CFD: 22/08/2013 - 17:36:33 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 14/11/2013 - 09:17:03 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 14/11/2013 - 09:38:56 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 27/01/2015 - 23:05:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira O43 - CFD: 05/01/2014 - 16:17:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Coat K9 Web Protection O43 - CFD: 14/07/2014 - 09:31:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 05/01/2014 - 16:17:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 05/01/2014 - 16:17:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler O43 - CFD: 30/09/2014 - 18:12:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS, Inc O43 - CFD: 19/07/2014 - 21:07:00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FX Trading O43 - CFD: 08/09/2014 - 21:57:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FXCM MetaTrader 4 O43 - CFD: 24/03/2014 - 11:09:15 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 09/01/2014 - 21:34:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 06/10/2014 - 15:32:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOV.IL O43 - CFD: 10/02/2014 - 16:10:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP O43 - CFD: 05/01/2014 - 16:17:29 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel O43 - CFD: 03/11/2014 - 18:18:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes O43 - CFD: 05/01/2014 - 16:17:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaluach3 O43 - CFD: 05/01/2014 - 16:14:50 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kol Halashon O43 - CFD: 22/08/2013 - 17:36:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 26/04/2014 - 22:00:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 05/01/2014 - 16:17:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 02/04/2014 - 21:00:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec O43 - CFD: 09/04/2014 - 09:34:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimisateur moteurs de recherche O43 - CFD: 02/09/2014 - 15:07:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung O43 - CFD: 09/04/2014 - 23:00:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 12/03/2014 - 21:57:27 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 22/08/2013 - 17:36:33 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 14/11/2013 - 09:17:03 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 24/03/2014 - 11:10:32 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA O43 - CFD: 25/04/2014 - 05:44:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trading Station Publisher O43 - CFD: 21/01/2014 - 00:41:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 28/01/2015 - 00:36:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman O43 - CFD: 27/01/2015 - 12:13:49 - [0] ----D C:\Users\Meir Marciano\AppData\Roaming\ADM O43 - CFD: 08/12/2013 - 20:33:54 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\Adobe O43 - CFD: 03/11/2014 - 19:55:00 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\Apple Computer O43 - CFD: 22/07/2014 - 00:56:32 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\Avira O43 - CFD: 25/12/2013 - 10:31:04 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 25/02/2014 - 21:23:38 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\DivX O43 - CFD: 27/01/2015 - 12:35:20 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\Dropbox O43 - CFD: 30/09/2014 - 21:47:04 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\FreeFixer O43 - CFD: 05/01/2014 - 18:58:30 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\Identities O43 - CFD: 01/10/2014 - 19:29:29 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\IDT O43 - CFD: 08/12/2013 - 01:23:05 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\Islands O43 - CFD: 29/09/2014 - 21:38:17 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\LavasoftStatistics O43 - CFD: 28/11/2013 - 13:58:49 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\Macromedia O43 - CFD: 24/02/2014 - 21:02:52 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\MetaQuotes O43 - CFD: 02/01/2015 - 01:52:33 - [] -S--D C:\Users\Meir Marciano\AppData\Roaming\Microsoft O43 - CFD: 17/02/2014 - 17:10:21 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\Mozilla O43 - CFD: 25/04/2014 - 12:35:30 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\OpenOffice O43 - CFD: 02/09/2014 - 15:13:23 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\Samsung O43 - CFD: 08/10/2014 - 16:18:21 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\Skype O43 - CFD: 28/11/2013 - 14:08:06 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\sMedio O43 - CFD: 17/01/2015 - 23:25:33 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\TeamViewer O43 - CFD: 06/01/2014 - 10:03:42 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\Unity O43 - CFD: 24/03/2014 - 11:07:17 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\WildTangent O43 - CFD: 30/09/2014 - 18:11:42 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\WinBatch O43 - CFD: 15/12/2013 - 18:09:50 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\WinRAR O43 - CFD: 28/01/2015 - 00:37:41 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 08/12/2013 - 20:33:54 - [] ----D C:\Users\Meir Marciano\AppData\Local\Adobe O43 - CFD: 03/11/2014 - 18:15:06 - [] ----D C:\Users\Meir Marciano\AppData\Local\Apple O43 - CFD: 03/11/2014 - 18:18:43 - [] ----D C:\Users\Meir Marciano\AppData\Local\Apple Computer O43 - CFD: 05/01/2014 - 16:11:35 - [] -SH-D C:\Users\Meir Marciano\AppData\Local\Application Data O43 - CFD: 10/11/2014 - 14:34:21 - [] ----D C:\Users\Meir Marciano\AppData\Local\AviraSpeedup O43 - CFD: 27/11/2014 - 13:37:34 - [] ----D C:\Users\Meir Marciano\AppData\Local\Box Sync O43 - CFD: 20/01/2014 - 11:49:38 - [] ----D C:\Users\Meir Marciano\AppData\Local\cache O43 - CFD: 14/03/2014 - 01:03:25 - [] ----D C:\Users\Meir Marciano\AppData\Local\Cool_Mirage O43 - CFD: 01/12/2013 - 21:23:54 - [] ----D C:\Users\Meir Marciano\AppData\Local\CrashRpt O43 - CFD: 05/02/2014 - 21:46:03 - [0] ----D C:\Users\Meir Marciano\AppData\Local\Diagnostics O43 - CFD: 30/09/2014 - 18:11:49 - [] ----D C:\Users\Meir Marciano\AppData\Local\Downloaded Installations O43 - CFD: 06/06/2014 - 08:56:30 - [0] ----D C:\Users\Meir Marciano\AppData\Local\ElevatedDiagnostics O43 - CFD: 30/09/2014 - 21:10:51 - [] ----D C:\Users\Meir Marciano\AppData\Local\FreeFixer O43 - CFD: 22/07/2014 - 01:18:48 - [0] ----D C:\Users\Meir Marciano\AppData\Local\FXTS2 O43 - CFD: 07/12/2013 - 23:11:24 - [] ----D C:\Users\Meir Marciano\AppData\Local\Google O43 - CFD: 23/02/2014 - 13:00:56 - [] ----D C:\Users\Meir Marciano\AppData\Local\Halvar Information O43 - CFD: 05/01/2014 - 16:11:35 - [] -SH-D C:\Users\Meir Marciano\AppData\Local\History O43 - CFD: 28/09/2014 - 15:36:55 - [] ----D C:\Users\Meir Marciano\AppData\Local\Installer O43 - CFD: 22/12/2013 - 01:21:55 - [] ----D C:\Users\Meir Marciano\AppData\Local\Kaluach 3 O43 - CFD: 15/12/2013 - 13:17:36 - [] ----D C:\Users\Meir Marciano\AppData\Local\Kaluach3 O43 - CFD: 05/01/2014 - 16:39:14 - [] ----D C:\Users\Meir Marciano\AppData\Local\Microsoft O43 - CFD: 25/05/2014 - 22:53:43 - [] ----D C:\Users\Meir Marciano\AppData\Local\Microsoft Help O43 - CFD: 17/02/2014 - 17:10:11 - [] ----D C:\Users\Meir Marciano\AppData\Local\Mozilla O43 - CFD: 03/12/2013 - 13:22:59 - [0] ----D C:\Users\Meir Marciano\AppData\Local\PackageAware O43 - CFD: 28/01/2015 - 00:02:27 - [] ----D C:\Users\Meir Marciano\AppData\Local\Packages O43 - CFD: 20/01/2014 - 11:48:49 - [] ----D C:\Users\Meir Marciano\AppData\Local\Programs O43 - CFD: 02/09/2014 - 15:13:26 - [] ----D C:\Users\Meir Marciano\AppData\Local\Samsung O43 - CFD: 09/04/2014 - 23:01:08 - [] ----D C:\Users\Meir Marciano\AppData\Local\Skype O43 - CFD: 28/01/2015 - 00:37:34 - [] ----D C:\Users\Meir Marciano\AppData\Local\Temp O43 - CFD: 05/01/2014 - 16:11:35 - [] -SH-D C:\Users\Meir Marciano\AppData\Local\Temporary Internet Files O43 - CFD: 02/12/2013 - 00:44:39 - [] ----D C:\Users\Meir Marciano\AppData\Local\Toshiba O43 - CFD: 25/04/2014 - 05:44:43 - [] ----D C:\Users\Meir Marciano\AppData\Local\Trading_Station_Publisher O43 - CFD: 23/02/2014 - 11:50:39 - [0] ----D C:\Users\Meir Marciano\AppData\Local\Unity O43 - CFD: 27/03/2014 - 15:57:27 - [] ----D C:\Users\Meir Marciano\AppData\Local\VirtualStore O43 - CFD: 09/03/2014 - 15:58:39 - [] ----D C:\Users\Meir Marciano\AppData\Local\WDSetup O43 - CFD: 29/11/2013 - 04:35:07 - [] ----D C:\Users\Meir Marciano\AppData\Local\Wild Tangent O43 - CFD: 22/08/2013 - 17:36:32 - [] R---D C:\Users\Meir Marciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 22/08/2013 - 17:36:32 - [] R---D C:\Users\Meir Marciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 05/05/2014 - 08:56:22 - [] R---D C:\Users\Meir Marciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 24/12/2014 - 14:30:42 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox O43 - CFD: 15/12/2013 - 13:17:37 - [0] ----D C:\Users\Meir Marciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaluach3 O43 - CFD: 22/08/2013 - 17:36:32 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 11/11/2014 - 13:27:49 - [] R---D C:\Users\Meir Marciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 05/01/2014 - 16:12:40 - [] R---D C:\Users\Meir Marciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 21/01/2014 - 00:41:13 - [] ----D C:\Users\Meir Marciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Program Folder: 220 Scanned in 00mn 02s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.3C32FF010F869BC184DF71290477384E] - 19/01/2015 - 10:15:06 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [40664] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/01/2015 - 07:18:58 ---A- . (...) -- C:\Recovery.txt [0] O44 - LFC:[MD5.5D3DF85A45C150B5596DE43B9BABC9D4] - 27/01/2015 - 12:32:56 ---A- . (...) -- C:\Windows\PFRO.log [978] O44 - LFC:[MD5.F5DEC4C124562C8980F9E0110A39A13F] - 27/01/2015 - 23:27:13 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.CA43F8904E24BBE49982E4C0B29E6579] - 27/01/2015 - 23:30:57 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816] O44 - LFC:[MD5.478CC94C937D235CB0A96AB8F2359D81] - 27/01/2015 - 23:30:57 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [93400] O44 - LFC:[MD5.9D7BFFDB5FA62B600DF1FCB4919D9D79] - 27/01/2015 - 23:30:57 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [64216] O44 - LFC:[MD5.385D96C01AEE1FA47D20F7548BA831CE] - 27/01/2015 - 23:32:59 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [2053468] O44 - LFC:[MD5.DA45C4507E051C1A69336A85CB5A50C7] - 27/01/2015 - 23:32:59 ---A- . (...) -- C:\Windows\System32\perfc009.dat [136436] O44 - LFC:[MD5.28B1AFDF8A492EB34577D4D047F36182] - 27/01/2015 - 23:32:59 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [201638] O44 - LFC:[MD5.D600D56E2DFB540B6B9349E0F645DDBA] - 27/01/2015 - 23:32:59 ---A- . (...) -- C:\Windows\System32\perfh009.dat [725380] O44 - LFC:[MD5.5FA02C8BC6AE2F8E3F85153F96D66CF8] - 27/01/2015 - 23:32:59 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [991052] O44 - LFC:[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] - 27/01/2015 - 23:47:57 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752] O44 - LFC:[MD5.55C861A5411967E6628117DCCFC06DA3] - 28/01/2015 - 00:36:04 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1709091] ~ Files: 14 Scanned in 00mn 23s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.56D105BF653C60148938BC64A54A5250] - 19/01/2015 - 10:15:20 ---A- - C:\Windows\Prefetch\KMSAUTO NET.EXE-EB7ED451.pf =>Trojan.AutoKMS ~ Prefetcher: 1 Scanned in 00mn 02s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 17 Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 00mn 01s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 17 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 ~ MWPE Keys: 3 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:22/08/2013 - 14:43:41 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [108896] O58 - SDL:22/08/2013 - 14:43:41 ---A- . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) -- C:\Windows\System32\Drivers\adp80xx.sys [782176] O58 - SDL:22/08/2013 - 14:43:41 ---A- . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [79200] O58 - SDL:22/08/2013 - 14:43:41 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [259424] O58 - SDL:22/08/2013 - 14:43:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [25952] O58 - SDL:24/04/2013 - 09:52:54 ---A- . (.Alcor Micro, Corp. - Alocr Micro USB Mass Storage Driver.) -- C:\Windows\System32\Drivers\AmUStor.sys [109336] O58 - SDL:22/08/2013 - 14:43:41 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [114016] O58 - SDL:26/04/2014 - 20:53:26 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys.1400223218359 [1039096] O58 - SDL:26/04/2014 - 20:53:26 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys.1400223218359 [423240] O58 - SDL:16/04/2013 - 04:55:42 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athw8x.sys [3786752] O58 - SDL:12/11/2013 - 23:05:22 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athwbx.sys [3880448] O58 - SDL:14/10/2014 - 16:37:42 ---A- . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\Drivers\avgntflt.sys [119272] =>.Avira Operations GmbH O58 - SDL:14/10/2014 - 16:37:43 ---A- . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\Drivers\avipbb.sys [131608] =>.Avira Operations GmbH O58 - SDL:02/07/2014 - 16:23:11 ---A- . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\Drivers\avkmgr.sys [28600] =>.Avira Operations GmbH O58 - SDL:14/10/2014 - 16:37:43 ---A- . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) -- C:\Windows\System32\Drivers\avnetflt.sys [43064] =>.Avira Operations GmbH O58 - SDL:21/09/2013 - 12:21:54 ---A- . (.Blue Coat Systems, Inc. - K9 Web Protection Driver (WFP).) -- C:\Windows\System32\Drivers\bckd.sys [127216] O58 - SDL:13/08/2013 - 01:25:46 ---A- . (.Windows ® Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624] O58 - SDL:16/04/2013 - 23:12:44 ---A- . (.Atheros - Filter Driver for the Bluetooth.) -- C:\Windows\System32\Drivers\btfilter.sys [47816] O58 - SDL:22/08/2013 - 14:43:41 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [531296] O58 - SDL:08/12/2013 - 12:21:14 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283200] O58 - SDL:22/08/2013 - 14:43:45 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3357024] O58 - SDL:03/10/2012 - 16:14:56 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240] O58 - SDL:02/07/2012 - 11:16:02 ---A- . (.Intel Corporation - Intel® Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [62784] O58 - SDL:07/11/2012 - 05:23:22 ---A- . (.Pas de propriétaire - HP Fax Software Driver.) -- C:\Windows\System32\Drivers\HPM1210FAX.sys [16896] O58 - SDL:22/08/2013 - 14:43:45 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64352] O58 - SDL:30/07/2013 - 20:47:35 ---A- . (.Intel Corporation - Intel® Serial IO GPIO Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys [24568] O58 - SDL:25/07/2013 - 21:05:39 ---A- . (.Intel Corporation - Intel® Serial IO I2C Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_I2C.sys [99320] O58 - SDL:21/11/2013 - 07:31:28 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStorA.sys [632168] O58 - SDL:10/08/2013 - 02:39:30 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver (inbox) - x64.) -- C:\Windows\System32\Drivers\iaStorAV.sys [651248] O58 - SDL:22/08/2013 - 14:43:45 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [412000] O58 - SDL:04/11/2013 - 19:22:32 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [4195840] O58 - SDL:27/02/2013 - 05:58:34 ---A- . (.Intel® Corporation - Intel® Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [342528] O58 - SDL:18/10/2013 - 00:41:31 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\intelaud.sys [39320] O58 - SDL:18/10/2013 - 00:41:31 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\iwdbus.sys [27032] O58 - SDL:10/10/2012 - 16:27:00 ---A- . (.Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) -- C:\Windows\System32\Drivers\jswpslwfx.sys [26624] O58 - SDL:18/06/2013 - 16:44:59 ---A- . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controlle.) -- C:\Windows\System32\Drivers\L1C63x64.sys [129224] O58 - SDL:22/08/2013 - 14:43:44 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [109408] O58 - SDL:22/08/2013 - 14:43:45 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [93536] O58 - SDL:22/08/2013 - 14:43:44 ---A- . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas3.sys [81760] O58 - SDL:22/08/2013 - 14:43:45 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [82784] O58 - SDL:21/11/2014 - 06:14:08 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816] O58 - SDL:21/11/2014 - 06:14:12 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [93400] O58 - SDL:27/01/2015 - 23:47:57 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752] O58 - SDL:22/08/2013 - 14:43:45 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [56672] O58 - SDL:22/08/2013 - 14:43:45 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\megasr.sys [575840] O58 - SDL:22/08/2013 - 14:43:49 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [63840] O58 - SDL:24/12/2012 - 06:53:24 ---A- . (.Marvell Semiconductor, Inc. - USB EWS Device Driver.) -- C:\Windows\System32\Drivers\mvusbews.sys [20480] O58 - SDL:21/11/2014 - 06:14:26 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [64216] O58 - SDL:22/08/2013 - 14:43:31 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150368] O58 - SDL:22/08/2013 - 14:43:32 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168288] O58 - SDL:31/07/2013 - 20:25:45 ---A- . (.Realtek Semiconductor Corporation - Realtek WLAN USB NDIS Driver.) -- C:\Windows\System32\Drivers\RTWlanU.sys [1975000] O58 - SDL:22/08/2013 - 17:35:09 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040] O58 - SDL:22/08/2013 - 14:43:31 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44896] O58 - SDL:22/08/2013 - 14:43:32 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81760] O58 - SDL:02/05/2013 - 10:25:14 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_Intel.sys [33008] O58 - SDL:13/10/2014 - 07:57:40 ---A- . (.Google Inc - ADB Interface.) -- C:\Windows\System32\Drivers\ssadadb.sys [38080] O58 - SDL:13/10/2014 - 07:57:40 ---A- . (.MCCI Corporation - SAMSUNG Android USB Composite Device Driver.) -- C:\Windows\System32\Drivers\ssadbus.sys [169288] O58 - SDL:23/01/2014 - 05:20:56 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ssadcm.sys [17224] O58 - SDL:13/10/2014 - 07:57:40 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ssadcmnt.sys [17224] O58 - SDL:13/10/2014 - 07:57:40 ---A- . (.MCCI Corporation - SAMSUNG Android USB Modem Filter Driver.) -- C:\Windows\System32\Drivers\ssadmdfl.sys [21320] O58 - SDL:13/10/2014 - 07:57:40 ---A- . (.MCCI Corporation - SAMSUNG Android USB Modem.) -- C:\Windows\System32\Drivers\ssadmdm.sys [188232] O58 - SDL:13/10/2014 - 07:57:40 ---A- . (.MCCI Corporation - SAMSUNG Android USB Diagnostic Serial Port Device Driver.) -- C:\Windows\System32\Drivers\ssadserd.sys [158024] O58 - SDL:23/01/2014 - 05:20:56 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ssadwh.sys [17736] O58 - SDL:13/10/2014 - 07:57:40 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ssadwhnt.sys [17736] O58 - SDL:22/08/2013 - 14:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072] O58 - SDL:25/04/2013 - 04:58:46 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [546304] O58 - SDL:02/05/2013 - 10:25:16 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [474864] O58 - SDL:22/11/2013 - 07:22:54 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [40664] O58 - SDL:25/07/2012 - 02:54:00 ---A- . (.TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) -- C:\Windows\System32\Drivers\tdcmdpst.sys [31184] O58 - SDL:31/07/2012 - 13:28:54 ---A- . (.Windows ® Win 7 DDK provider - Toshiba Hotkey Driver.) -- C:\Windows\System32\Drivers\Thotkey.sys [28632] O58 - SDL:01/11/2013 - 05:22:28 ---A- . (.TOSHIBA Corporation - TOSHIBA Bluetooth EC Driver.) -- C:\Windows\System32\Drivers\tosrfec.sys [27032] O58 - SDL:18/06/2012 - 11:30:56 ---A- . (.TOSHIBA Corporation - tos_sps64.) -- C:\Windows\System32\Drivers\tos_sps64.sys [499096] O58 - SDL:25/07/2012 - 17:34:42 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\System32\Drivers\TVALZ_O.SYS [32832] O58 - SDL:15/08/2014 - 23:35:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784] O58 - SDL:22/08/2013 - 14:43:34 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19808] O58 - SDL:22/08/2013 - 14:43:34 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [168800] O58 - SDL:22/08/2013 - 14:43:34 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [305504] O58 - SDL:06/05/2008 - 16:06:00 ---A- . (.Western Digital Technologies - WD SCSI Architecture Model (SAM) driver.) -- C:\Windows\System32\Drivers\wdcsam64.sys [14464] O58 - SDL:12/11/2013 - 23:05:22 ----- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athwbx.sys [3880448] ~ Drivers: 79 Scanned in 00mn 10s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 25/01/2015 - 00:38:39 ---A- . (.Google Inc..) -- C:\Users\Meir Marciano\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll [142152] O61 - LFC: 27/01/2015 - 00:38:38 ---A- . (...) -- C:\Users\Meir Marciano\AppData\Local\Google\Chrome\User Data\nacl_validation_cache.bin [308] O61 - LFC: 27/01/2015 - 00:39:13 ---A- . (...) -- C:\Users\Meir Marciano\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\CommonUtils\c3382c0cb85d87f156ea930220c58374\CommonUtils.ni.dll [210432] O61 - LFC: 27/01/2015 - 00:39:13 ---A- . (...) -- C:\Users\Meir Marciano\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\CoreEngine\c3693bffa8ed1588e9c000ccdefdbf1b\CoreEngine.ni.dll [162816] O61 - LFC: 27/01/2015 - 00:39:13 ---A- . (...) -- C:\Users\Meir Marciano\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\FreshPaint\1f99f53d10e4a3270d75b16c3055d0e9\FreshPaint.ni.exe [227328] O61 - LFC: 27/01/2015 - 00:39:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Meir Marciano\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\HelperLibrary.Shared\50d8bf1a58cf81bf2383b310fc672b01\HelperLibrary.Shared.ni.dll [729600] O61 - LFC: 27/01/2015 - 00:39:13 ---A- . (.Microsoft Corporation.) -- C:\Users\Meir Marciano\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\HelperLibrary\909c544fd180584fabc802d3f8132285\HelperLibrary.ni.dll [518656] O61 - LFC: 27/01/2015 - 00:39:14 ---A- . (...) -- C:\Users\Meir Marciano\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.Aa9ae3ab0#\9ff22b5ad02086c5942aa3aa39dfaa7f\Microsoft.ApplicationInsights.ni.dll [50176] O61 - LFC: 27/01/2015 - 00:39:14 ---A- . (.Microsoft.) -- C:\Users\Meir Marciano\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.Aa7f4f37f#\68ba95ffba708f83ea95b40d06024a17\Microsoft.Advertising.WinRT.UI.ni.dll [537088] O61 - LFC: 27/01/2015 - 00:39:15 ---A- . (.Microsoft Corporation.) -- C:\Users\Meir Marciano\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\SharedState\5073821d60494d874216710ef2959aed\SharedState.ni.dll [50176] O61 - LFC: 27/01/2015 - 00:39:15 ---A- . (.Microsoft Corporation.) -- C:\Users\Meir Marciano\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\ViewModels\15248cb04bae034d52c8051012c11577\ViewModels.ni.dll [2286592] O61 - LFC: 27/01/2015 - 00:39:15 ---A- . (.Microsoft.) -- C:\Users\Meir Marciano\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\MicrosoftAdvertising\787c37e169c879015d66f388df658c40\MicrosoftAdvertising.ni.dll [633856] O61 - LFC: 27/01/2015 - 00:39:16 ---A- . (.Microsoft Corporation.) -- C:\Users\Meir Marciano\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Views\16c4f46310c57b33f02024d554e2782a\Views.ni.dll [2124800] O61 - LFC: 27/01/2015 - 00:40:08 ---A- . (...) -- C:\Users\Meir Marciano\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp58wa7c.dll [43008] O61 - LFC: 27/01/2015 - 00:40:08 ---A- . (...) -- C:\Users\Meir Marciano\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps3pxoa.dll [43008] O61 - LFC: 27/01/2015 - 00:40:17 ---A- . (...) -- C:\Users\Meir Marciano\AppData\Roaming\Microsoft\UProof\CMAdj.12.bin [218] O61 - LFC: 27/01/2015 - 00:40:19 ---A- . (.Ammyy LLC.) -- C:\Users\Meir Marciano\Downloads\AA_v3.5.exe [769528] O61 - LFC: 27/01/2015 - 00:40:19 ---A- . (.Piriform Ltd.) -- C:\Users\Meir Marciano\Downloads\ccsetup502.exe [5325208] O61 - LFC: 27/01/2015 - 00:40:20 ---A- . (.Malwarebytes Corporation.) -- C:\Users\Meir Marciano\Downloads\mbam-setup-2.0.4.1028.exe [20447072] O61 - LFC: 28/01/2015 - 00:39:08 ---A- . (...) -- C:\Users\Meir Marciano\AppData\Local\Packages\GAMELOFTSA.GTRacing2TheRealCarExperience_0pp20fcewvvtj\LocalState\gv3\Priority.bin [436] O61 - LFC: 28/01/2015 - 00:39:08 ---A- . (...) -- C:\Users\Meir Marciano\AppData\Local\Packages\GAMELOFTSA.GTRacing2TheRealCarExperience_0pp20fcewvvtj\LocalState\gv3\Resume.bin [0] O61 - LFC: 28/01/2015 - 00:39:08 ---A- . (...) -- C:\Users\Meir Marciano\AppData\Local\Packages\GAMELOFTSA.GTRacing2TheRealCarExperience_0pp20fcewvvtj\LocalState\gv3\Sessions.bin [100] O61 - LFC: 28/01/2015 - 00:39:08 ---A- . (...) -- C:\Users\Meir Marciano\AppData\Local\Packages\GAMELOFTSA.GTRacing2TheRealCarExperience_0pp20fcewvvtj\LocalState\gv3\Timer.bin [144] O61 - LFC: 28/01/2015 - 00:39:08 ---A- . (...) -- C:\Users\Meir Marciano\AppData\Local\Packages\GAMELOFTSA.GTRacing2TheRealCarExperience_0pp20fcewvvtj\LocalState\gv3\Token.bin [101] O61 - LFC: 28/01/2015 - 00:40:20 ---A- . (.Nicolas Coolman.) -- C:\Users\Meir Marciano\Downloads\ZHPDiag2.exe [6867801] =>.Nicolas Coolman ~ 319 Fichiers temporaires (Temporary files) ~ 1 Fichiers cookies (Cookies files) ~ Files: 25 Scanned in 01mn 47s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S ~ FASS Keys: 10 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [207360] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [155136] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [155136] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [324608] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1311744] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1104384] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [903168] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [109568] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [150528] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [107008] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1214976] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [220672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [70656] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [134144] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [221184] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [326656] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [81408] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [97792] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [336896] O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service d’infrastructure de localisation Windows.) -- C:\Windows\System32\GeofenceMonitorService.dll [491520] O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1555456] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [50688] O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [201728] O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [164352] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [101376] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [534016] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [223744] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [71680] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [433664] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [306688] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3532288] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [1017856] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [629760] ~ Services: 34 Scanned in 00mn 02s ---\\ Enumère les données de la clé NameSpace (MNS) (O92) O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE} O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B} O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA} O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C} O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0} O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641} ~ MNS: 6 Scanned in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 04/11/2013 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe SS - | Disabled 27/03/2013 163168 | (GFNEXSrv) . (...) - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe SS - | Auto 09/01/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 09/01/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe SS - | Demand 15/10/2014 643880 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Disabled 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 03/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 16/12/2014 431920 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SR - | Auto 16/12/2014 431920 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SR - | Auto 07/10/2014 60744 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 20/11/2014 166192 | (Avira.OE.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe SR - | Auto 21/09/2013 2649840 | (bckwfs) . (.Blue Coat Systems, Inc..) - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 10/09/2013 19792 | (dts_apo_service) . (...) - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe SR - | Auto 18/05/2011 126520 | (HPSIService) . (.HP.) - C:\WINDOWS\system32\HPSIsvc.exe SR - | Auto 19/06/2012 634632 | (Intel® Capability Licensing Service Interface) . (.Intel® Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe SR - | Auto 13/10/2014 743688 | (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe SR - | Auto 23/04/2013 332800 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe SR - | Auto 16/06/2014 5037888 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe SR - | Auto 28/07/2009 140632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe ~ Services: Scanned in 00mn 21s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by Meir Marciano at 28/01/2015 00:42:08 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Meir Marciano at 28/01/2015 00:42:10 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Liste des émulateurs de CD/DVD (MBR Hook) O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd ~ Emulateurs: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 13026 - (27/12/2014) Clés trouvées (Keys found) : 6 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 4 Fichiers trouvés (Files found) : 4 [HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent [HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke [HKLM\Software\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke [HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon [HKLM\Software\Classes\AppID\secman.DLL] =>PUP.Babylon C:\Program Files (x86)\eBay =>Toolbar.eBay^ C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate^ C:\Program Files (x86)\Mobogenie =>PUP.Mobogenie^ C:\Users\Meir Marciano\AppData\Local\Installer =>Adware.InstallPedia C:\WINDOWS\AutoKMS\AutoKMS.exe =>Trojan.AutoKMS^ [HKCU\Software\globalUpdate] =>PUP.GlobalUpdate^ [HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate^ [HKLM\Software\Wow6432Node\Sense-nv] =>PUP.CrossRider^ ~ Additionnel Scan: 260758 Items scanned in 00mn 41s ---\\ Informations complémentaires sur les modules ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4) ~ AMI: 3 Scanned in 00mn 00s ---\\ Récapitulatif des détections trouvées sur votre station http://nicolascoolman.fr/trojan-autokms =>Trojan.AutoKMS http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider http://nicolascoolman.fr/pup-mobogenie =>PUP.Mobogenie http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent http://nicolascoolman.fr/pup-whitesmoke =>PUP.Whitesmoke http://nicolascoolman.fr/pup-babylon =>PUP.Babylon http://nicolascoolman.fr/adware-installpedia =>Adware.InstallPedia ~ MSI: 8 link(s) detected in 00mn 00s End of the scan (1185 lines in 06mn 10s)(0) Ensuite Adwcleaner effectué voici le rapport # AdwCleaner v4.109 - Report created 28/01/2015 at 01:05:06 # Updated 24/01/2015 by Xplode # Database : 2015-01-24.3 [Local] # Operating System : Windows 8.1 (64 bits) # Username : Meir Marciano - MEIR # Running from : C:\Users\Meir Marciano\Desktop\adwcleaner_4.109.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\Users\Meir Marciano\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage File Found : C:\Users\Meir Marciano\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal File Found : C:\Users\Meir Marciano\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal File Found : C:\Users\Meir Marciano\daemonprocess.txt Folder Found : C:\Program Files (x86)\globalUpdate Folder Found : C:\Program Files (x86)\Mobogenie Folder Found : C:\Program Files\FreeFixer Folder Found : C:\ProgramData\Allmyapps Folder Found : C:\Users\Meir Marciano\AppData\Local\cool_mirage Folder Found : C:\Users\Meir Marciano\AppData\Local\CrashRpt Folder Found : C:\Users\Meir Marciano\AppData\Local\FreeFixer Folder Found : C:\Users\Meir Marciano\AppData\Local\PackageAware Folder Found : C:\Users\Meir Marciano\AppData\Roaming\FreeFixer ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\AppDataLow\Software\adawarebp Key Found : HKCU\Software\AppDataLow\Software\Sense Key Found : HKCU\Software\GlobalUpdate Key Found : HKCU\Software\Myfree Codec Key Found : [x64] HKCU\Software\GlobalUpdate Key Found : [x64] HKCU\Software\Myfree Codec Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F} Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978} Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61} Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0 Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Key Found : HKLM\SOFTWARE\GlobalUpdate Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Key Found : HKLM\SOFTWARE\Myfree Codec Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16518 -\\ Mozilla Firefox v29.0.1 (fr) -\\ Google Chrome v40.0.2214.93 ************************* AdwCleaner[R0].txt - [4338 octets] - [28/01/2015 00:50:39] AdwCleaner[R1].txt - [4241 octets] - [28/01/2015 01:05:06] ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [4301 octets] ##########

Bonjour à tous J'utilise k9 pour mon contrôle parental. J'aimerais bloquer twitter.com. En vain. Que ce soit en bloquant la categorie reseaux sociaux, ni meme par le biais des exceptions (bloquer un site independamment de sa categorie). Oups! je me dis je vais tout bloquer pour voire ce que ca donne. Toujours pas bloqué. Oups! Fichier hosts. Non plus. Petite remarque : twitter.fr est bien bloqué mais .com non. Merci bien

salut bon ben pas de reponses tant pis pour moi... a+

voila GMER GMER 1.0.15.15641 - GMER - Rootkit Detector and Remover Rootkit scan 2011-08-07 20:17:23 Windows 6.1.7601 Service Pack 1 Running: npj0p2s7.exe; Driver: C:\Users\\AppData\Local\Temp\pwddqkog.sys ---- Modules - GMER 1.0.15 ---- Module \SystemRoot\system32\DRIVERS\iaStor.sys (Intel Matrix Storage Manager driver - ia32/Intel Corporation) 8B226000-8B300000 (892928 bytes) Module \SystemRoot\system32\drivers\amdxata.sys (Storage Filter Driver/Advanced Micro Devices) 8B344000-8B34D000 (36864 bytes) Module \SystemRoot\System32\Drivers\msrpc.sys (Kernel Remote Procedure Call Provider/Microsoft Corporation) 8B556000-8B581000 (176128 bytes) Module \SystemRoot\system32\DRIVERS\hpdskflt.sys (HP Disk Filter - SATA/RAID/Hewlett-Packard Company) 8B75E000-8B767000 (36864 bytes) Module \SystemRoot\system32\drivers\bckd.sys (K9 Web Protection Driver/Blue Coat Systems, Inc.) 907BC000-907D0000 (81920 bytes) Module \SystemRoot\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) 907F6000-907FC000 (24576 bytes) Module \SystemRoot\system32\drivers\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) 8B3EC000-8B3F6000 (40960 bytes) Module \SystemRoot\System32\drivers\discache.sys (System Indexer/Cache Driver/Microsoft Corporation) 8B200000-8B20C000 (49152 bytes) Module \SystemRoot\system32\DRIVERS\avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) 90EBF000-90EE5000 (155648 bytes) Module \SystemRoot\system32\DRIVERS\atikmdag.sys (ATI Radeon Kernel Mode Driver/ATI Technologies Inc.) 91801000-91D16000 (5328896 bytes) Module \SystemRoot\system32\DRIVERS\NETw5s32.sys (Intel® Wireless WiFi Link Driver/Intel Corporation) 92628000-92CA4000 (6799360 bytes) Module \SystemRoot\system32\DRIVERS\yk62x86.sys (Pilote Miniport pour contrôleur Ethernet Marvell Yukon./Marvell) 92CAE000-92CFE000 (327680 bytes) Module \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys (HpqKbFiltr Keyboard Filter Driver/Hewlett-Packard Development Company, L.P.) 92D16000-92D1F000 (36864 bytes) Module \SystemRoot\system32\DRIVERS\SynTP.sys (Synaptics Touchpad Driver/Synaptics Incorporated) 92D2C000-92D5F000 (208896 bytes) Module \SystemRoot\system32\DRIVERS\Accelerometer.sys (HP Accelerometer/Hewlett-Packard Company) 92D6E000-92D7A000 (49152 bytes) Module \SystemRoot\system32\DRIVERS\cpqbttn.sys (HP Tablet PC Key Button HID Driver/Hewlett-Packard Development Company, L.P.) 92D7E000-92D81000 (12288 bytes) Module \SystemRoot\system32\DRIVERS\AGRSM.sys (SoftModem Device Driver/LSI Corp) 9229B000-923A1000 (1073152 bytes) Module \SystemRoot\System32\TSDDD.dll (Framebuffer Display Driver/Microsoft Corporation) 98ED0000-98ED9000 (36864 bytes) Module \SystemRoot\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) 923EA000-923FF000 (86016 bytes) Module \SystemRoot\System32\Drivers\secdrv.SYS (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) 9E122000-9E12C000 (40960 bytes) Module \??\C:\Users\\AppData\Local\Temp\mbr.sys 9E009000-9E010000 (28672 bytes) Module \??\C:\Users\\AppData\Local\Temp\pwddqkog.sys (GMER) 90FDE000-90FF7000 (102400 bytes) ---- Processes - GMER 1.0.15 ---- Process C:\Windows\system32\csrss.exe (Processus d’exécution client-serveur/Microsoft Corporation) 428 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft® Windows Live ID Service/Microsoft Corp.) 436 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Windows\system32\wininit.exe (Application de démarrage de Windows/Microsoft Corporation) 500 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Windows\system32\csrss.exe (Processus d’exécution client-serveur/Microsoft Corporation) 512 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Windows\system32\services.exe (Applications Services et Contrôleur/Microsoft Corporation) 560 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) 576 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\pstorsvc.dll (Protected storage server/Microsoft Corporation) 0x6A220000 Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 684 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 772 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Windows\system32\atiesrxx.exe (AMD External Events Service Module/AMD) 824 Library C:\Windows\system32\atiesrxx.exe (AMD External Events Service Module/AMD) 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Process C:\Windows\system32\winlogon.exe (Application d’ouverture de session Windows/Microsoft Corporation) 876 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\slc.dll (Dll de client de gestion de licences du logiciel/Microsoft Corporation) 0x734D0000 Process C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 932 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Library C:\Windows\System32\npmproxy.dll (Network List Manager Proxy/Microsoft Corporation) 0x6FCE0000 Process C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 968 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Library c:\windows\system32\l2gpstore.dll (Policy Storage dll/Microsoft Corporation) 0x717D0000 Library C:\Windows\system32\slc.dll (Dll de client de gestion de licences du logiciel/Microsoft Corporation) 0x734D0000 Process C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe 984 Library C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Process C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (RAID Monitor/Intel Corporation) 1004 Library C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (RAID Monitor/Intel Corporation) 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll (Intel Storage Driver Interface Dynamic Lib/Intel Corporation) 0x10000000 Library C:\Program Files\Intel\Intel Matrix Storage Manager\FRA\PlugInRAID_FRA.dll (RAID Plug-in for Intel® Matrix Storage Console/Intel Corporation) 0x00570000 Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1028 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Library c:\windows\system32\slc.dll (Dll de client de gestion de licences du logiciel/Microsoft Corporation) 0x734D0000 Library C:\Windows\system32\wbem\ncprov.dll (Non-COM WMI Event Provision APIs/Microsoft Corporation) 0x6F980000 Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1164 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\slc.dll (Dll de client de gestion de licences du logiciel/Microsoft Corporation) 0x734D0000 Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1204 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\System32\npmproxy.dll (Network List Manager Proxy/Microsoft Corporation) 0x6FCE0000 Process C:\Windows\system32\rundll32.exe (Processus hôte Windows (Rundll32)/Microsoft Corporation) 1228 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Users\\AppData\Local\Google\Chrome\APPLIC~1\130782~1.107\gcswf32.dll 0x5AC80000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Process C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 1244 Library C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 0x01140000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\chrome.dll (Google Chrome/Google Inc.) 0x58A40000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x73A10000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\icudt.dll (ICU Data DLL/The ICU Project) 0x5FAE0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\pdf.dll 0x5EEC0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\ppGoogleNaClPluginChrome.dll 0x5F990000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\avcodec-52.dll 0x5F6B0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\avutil-50.dll 0x5F680000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\avformat-52.dll 0x5F640000 Process C:\Windows\system32\atieclxx.exe (AMD External Events Client Module/AMD) 1268 Library C:\Windows\system32\atieclxx.exe (AMD External Events Client Module/AMD) 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Library C:\Windows\system32\atiadlxx.dll (ADL/Advanced Micro Devices, Inc.) 0x10000000 Process C:\Windows\system32\Hpservice.exe (HpService/Hewlett-Packard Company) 1284 Library C:\Windows\system32\Hpservice.exe (HpService/Hewlett-Packard Company) 0x00DF0000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\accelerometerDLL.dll (HP Mobile Data Protection User Mode DLL/Hewlett-Packard Company) 0x73240000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Process C:\Windows\System32\spoolsv.exe (Application sous-système spouleur/Microsoft Corporation) 1548 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Library C:\Windows\System32\slc.dll (Dll de client de gestion de licences du logiciel/Microsoft Corporation) 0x734D0000 Library C:\Windows\System32\hpz3lw71.dll (LanguageMonitor/Hewlett-Packard Corporation) 0x6E850000 Library C:\Windows\System32\usbmon.dll (DLL du moniteur de port d’impression dynamique standard/Microsoft Corporation) 0x6D460000 Library C:\Windows\system32\spool\PRTPROCS\W32X86\hpzppw71.dll (HP Print Processor/Hewlett-Packard Corporation) 0x6D3B0000 Library C:\Windows\System32\npmproxy.dll (Network List Manager Proxy/Microsoft Corporation) 0x6FCE0000 Process C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 1576 Library C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Program Files\Avira\AntiVir Desktop\schedr.dll (avschdr Dynamic Link Library/Avira GmbH) 0x10000000 Library C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll (Event Logger/Avira GmbH) 0x00230000 Library C:\Program Files\Avira\AntiVir Desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x711F0000 Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x00710000 Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1596 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library c:\windows\system32\slc.dll (Dll de client de gestion de licences du logiciel/Microsoft Corporation) 0x734D0000 Library C:\Windows\System32\npmproxy.dll (Network List Manager Proxy/Microsoft Corporation) 0x6FCE0000 Process C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1676 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Library C:\Windows\System32\ndptsp.tsp (Fournisseur de service TAPI proxy NDIS/Microsoft Corporation) 0x6FB60000 Process C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Acrobat Update Service/Adobe Systems Incorporated) 1720 Library C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Acrobat Update Service/Adobe Systems Incorporated) 0x01040000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 1744 Library C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 0x00830000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Program Files\Avira\AntiVir Desktop\libdb44.dll (Berkeley DB 4.4 DLL/Sleepycat Software) 0x13000000 Library C:\Program Files\Avira\AntiVir Desktop\AVEvtLog.dll (Event Logger/Avira GmbH) 0x10000000 Library C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll (AVGuard Messages (Deutsch)/Avira GmbH) 0x00100000 Library C:\Program Files\Avira\AntiVir Desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x711F0000 Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x00770000 Library C:\Program Files\Avira\AntiVir Desktop\AVPREF.DLL (Prefix DLL/Avira GmbH) 0x003A0000 Library C:\Program Files\Avira\AntiVir Desktop\avsmtp.dll (Antivirus email sender library/Avira GmbH) 0x70C00000 Library C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL (On-access scan support/Avira GmbH) 0x007F0000 Library C:\Windows\system32\FLTLIB.DLL (Bibliothèque de filtres/Microsoft Corporation) 0x70460000 Library C:\Program Files\Avira\AntiVir Desktop\aecore.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x00880000 Library C:\Program Files\Avira\AntiVir Desktop\aevdf.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x009D0000 Library C:\Program Files\Avira\AntiVir Desktop\aescript.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01DD0000 Library C:\Program Files\Avira\AntiVir Desktop\aescn.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x00C00000 Library C:\Program Files\Avira\AntiVir Desktop\aesbx.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01120000 Library C:\Program Files\Avira\AntiVir Desktop\aerdl.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01200000 Library C:\Program Files\Avira\AntiVir Desktop\aepack.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01A60000 Library C:\Program Files\Avira\AntiVir Desktop\unacev2.dll (UNACE Dynamic Link Library/ACE Compression Software) 0x015B0000 Library C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x016B0000 Library C:\Program Files\Avira\AntiVir Desktop\aeheur.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x026F0000 Library C:\Program Files\Avira\AntiVir Desktop\aehelp.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x016F0000 Library C:\Program Files\Avira\AntiVir Desktop\aegen.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01C40000 Library C:\Program Files\Avira\AntiVir Desktop\aeemu.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01CB0000 Library C:\Program Files\Avira\AntiVir Desktop\aebb.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x00C20000 Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x00C90000 Process C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe (K9 Web Protection Filter/Blue Coat Systems, Inc.) 1772 Library C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe (K9 Web Protection Filter/Blue Coat Systems, Inc.) 0x00A60000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Com for QLB application/Hewlett-Packard Development Company, L.P.) 1800 Library C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Com for QLB application/Hewlett-Packard Development Company, L.P.) 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Process C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft® Windows Live ID Service Monitor/Microsoft Corp.) 1828 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1856 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library c:\windows\system32\fntcache.dll (Service de cache de police Windows/Microsoft Corporation) 0x6A120000 Process C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1896 Library c:\windows\system32\hpzinw12.dll (Dot4Net Module/Hewlett-Packard) 0x00020000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 1940 Library c:\windows\system32\hpzipm12.dll (PmlDrv Module/Hewlett-Packard) 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (AntiVir shadow copy service/Avira GmbH) 2008 Library C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (AntiVir shadow copy service/Avira GmbH) 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x10000000 Process C:\Windows\System32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 2016 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Windows\system32\conhost.exe (Hôte de la fenêtre de la console/Microsoft Corporation) 2040 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Windows\system32\AUDIODG.EXE (Isolation graphique de périphérique audio Windows /Microsoft Corporation) 2112 Library C:\Windows\System32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\System32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Process C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 2144 Library C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 0x01140000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\chrome.dll (Google Chrome/Google Inc.) 0x58A40000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x73A10000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\icudt.dll (ICU Data DLL/The ICU Project) 0x5FAE0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\pdf.dll 0x5EEC0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\ppGoogleNaClPluginChrome.dll 0x5F990000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\avcodec-52.dll 0x5F6B0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\avutil-50.dll 0x5F680000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\avformat-52.dll 0x5F640000 Process C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Office Software Protection Platform Service/Microsoft Corporation) 2276 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Process C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) 2380 Library C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) 0x013E0000 Library C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) 0x69350000 Library C:\Program Files\Mozilla Firefox\mozsqlite3.dll (SQLite Database Library/sqlite.org) 0x722A0000 Library C:\Program Files\Mozilla Firefox\MOZCRT19.dll (User-Generated Microsoft ® C/C++ Runtime Library/Mozilla Foundation) 0x72510000 Library C:\Program Files\Mozilla Firefox\mozjs.dll 0x6AE30000 Library C:\Program Files\Mozilla Firefox\nspr4.dll (NSPR Library/Mozilla Foundation) 0x73360000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Program Files\Mozilla Firefox\smime3.dll (NSS S/MIME Library/Mozilla Foundation) 0x733C0000 Library C:\Program Files\Mozilla Firefox\nss3.dll (NSS Base Library/Mozilla Foundation) 0x71FB0000 Library C:\Program Files\Mozilla Firefox\nssutil3.dll (NSS Utility Library/Mozilla Foundation) 0x733A0000 Library C:\Program Files\Mozilla Firefox\plc4.dll (PLC Library/Mozilla Foundation) 0x73A70000 Library C:\Program Files\Mozilla Firefox\plds4.dll (PLDS Library/Mozilla Foundation) 0x73E90000 Library C:\Program Files\Mozilla Firefox\ssl3.dll (NSS SSL Library/Mozilla Foundation) 0x724E0000 Library C:\Program Files\Mozilla Firefox\mozalloc.dll (Mozilla Foundation) 0x73350000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x73A10000 Library C:\Program Files\Mozilla Firefox\MOZCPP19.dll (User-Generated Microsoft ® C/C++ Runtime Library/Mozilla Foundation) 0x6C030000 Library C:\Program Files\Mozilla Firefox\xpcom.dll (Mozilla Foundation) 0x72730000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Library C:\Program Files\Mozilla Firefox\components\browsercomps.dll (Mozilla Foundation) 0x723C0000 Library C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf 0x6E1E0000 Library C:\Windows\system32\slc.dll (Dll de client de gestion de licences du logiciel/Microsoft Corporation) 0x734D0000 Library C:\Program Files\Mozilla Firefox\softokn3.dll (NSS PKCS #11 Library/Mozilla Foundation) 0x720A0000 Library C:\Program Files\Mozilla Firefox\nssdbm3.dll (Legacy Database Driver/Mozilla Foundation) 0x726A0000 Library C:\Program Files\Mozilla Firefox\freebl3.dll (NSS freebl Library/Mozilla Foundation) 0x72050000 Library C:\Program Files\Mozilla Firefox\nssckbi.dll (NSS Builtin Trusted Root CAs/Mozilla Foundation) 0x71F40000 Library C:\Windows\system32\Macromed\Flash\NPSWF32.dll 0x68710000 Library C:\Windows\system32\MSACM32.dll (Filtre audio ACM Microsoft/Microsoft Corporation) 0x73450000 Process C:\Windows\system32\taskhost.exe (Processus hôte pour Tâches Windows/Microsoft Corporation) 2456 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\slc.dll (Dll de client de gestion de licences du logiciel/Microsoft Corporation) 0x734D0000 Library C:\Windows\System32\npmproxy.dll (Network List Manager Proxy/Microsoft Corporation) 0x6FCE0000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Library C:\Windows\system32\MSACM32.dll (Filtre audio ACM Microsoft/Microsoft Corporation) 0x73450000 Library C:\Windows\System32\l3codeca.acm (MPEG Layer-3 Audio Codec for MSACM/Fraunhofer Institut Integrierte Schaltungen IIS) 0x6CC10000 Process C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 2484 Library C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 0x01140000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\chrome.dll (Google Chrome/Google Inc.) 0x58A40000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x73A10000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\icudt.dll (ICU Data DLL/The ICU Project) 0x5FAE0000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Library C:\Windows\system32\slc.dll (Dll de client de gestion de licences du logiciel/Microsoft Corporation) 0x734D0000 Library C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf 0x6E1E0000 Process C:\Windows\system32\Dwm.exe (Gestionnaire de fenêtres du Bureau/Microsoft Corporation) 2508 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\atidxx32.dll (atidxx32.dll/ATI Technologies Inc. ) 0x6E5F0000 Library C:\Windows\system32\slc.dll (Dll de client de gestion de licences du logiciel/Microsoft Corporation) 0x734D0000 Process C:\Windows\Explorer.EXE (Explorateur Windows/Microsoft Corporation) 2536 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Library C:\Windows\system32\slc.dll (Dll de client de gestion de licences du logiciel/Microsoft Corporation) 0x734D0000 Library C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf 0x6E1E0000 Library C:\Windows\system32\MSACM32.dll (Filtre audio ACM Microsoft/Microsoft Corporation) 0x73450000 Library C:\Windows\System32\l3codeca.acm (MPEG Layer-3 Audio Codec for MSACM/Fraunhofer Institut Integrierte Schaltungen IIS) 0x6CC10000 Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (PDF Shell Extension/Adobe Systems, Inc.) 0x73650000 Library C:\Windows\System32\npmproxy.dll (Network List Manager Proxy/Microsoft Corporation) 0x6FCE0000 Library C:\Windows\system32\wwanapi.dll (Mbnapi/Microsoft Corporation) 0x72200000 Library C:\Windows\System32\bthprops.cpl (Applet Panneau de configuration Bluetooth/Microsoft Corporation) 0x71D70000 Library C:\Windows\System32\wercplsupport.dll (Rapports et solutions aux problèmes/Microsoft Corporation) 0x6A620000 Process C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Event Monitor User Notification Tool/Intel Corporation) 2748 Library C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Event Monitor User Notification Tool/Intel Corporation) 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll (Intel Storage Driver Interface Dynamic Lib/Intel Corporation) 0x10000000 Library C:\Program Files\Intel\Intel Matrix Storage Manager\FRA\IAAMon_FRA.dll (Event Monitor User Notification Tool/Intel Corporation) 0x00300000 Process C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (Quick Launch Buttons/ Hewlett-Packard Development Company, L.P.) 2756 Library C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (Quick Launch Buttons/ Hewlett-Packard Development Company, L.P.) 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Library C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.DLL (QLB Database Handler/Hewlett-Packard Development Company, L.P.) 0x10000000 Process C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics TouchPad Enhancements/Synaptics Incorporated) 2764 Library C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics TouchPad Enhancements/Synaptics Incorporated) 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\SynCOM.dll (SynCOM/Synaptics Incorporated) 0x10000000 Library C:\Windows\system32\SynTPAPI.dll (SynTPAPI/Synaptics Incorporated) 0x63010000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Process C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 2776 Library C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x73A10000 Library C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll (Antivirus Control Center Common Worker Library/Avira GmbH) 0x6C550000 Library c:\program files\avira\antivir desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x711F0000 Library c:\program files\avira\antivir desktop\ccgen.dll (Control Center General Plugin/Avira GmbH) 0x10000000 Library c:\program files\avira\antivir desktop\ccgenrc.dll (Control Center General Plugin Resources/Avira GmbH) 0x003F0000 Library c:\program files\avira\antivir desktop\ccguard.dll (Control Center Guard Plugin/Avira GmbH) 0x00520000 Library c:\program files\avira\antivir desktop\ccgrdrc.dll (Control Center Guard Plugin Resources/Avira GmbH) 0x005B0000 Library c:\program files\avira\antivir desktop\ccgrdw.dll (Control Center Guard Worker Plugin/Avira GmbH) 0x6CC50000 Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x005D0000 Library c:\program files\avira\antivir desktop\ccupdate.dll (Control Center Updater Plugin/Avira GmbH) 0x01420000 Library c:\program files\avira\antivir desktop\ccupdrc.dll (Control Center Updater Plugin Resources/Avira GmbH) 0x02080000 Library c:\program files\avira\antivir desktop\cclic.dll (Control Center License Plugin/Avira GmbH) 0x02090000 Library c:\program files\avira\antivir desktop\cclicrc.dll (Control Center License Plugin Resources/Avira GmbH) 0x020E0000 Library c:\program files\avira\antivir desktop\ccmsg.dll (Control Center Message Plugin/Avira GmbH) 0x020F0000 Library c:\program files\avira\antivir desktop\ccmsgrc.dll (Control Center MSG Plugin Resources/Avira GmbH) 0x02160000 Library C:\Program Files\Avira\AntiVir Desktop\rcimage.dll (Avira AntiVir PersonalEdition Classic Master Resource File (English)/Avira GmbH) 0x02480000 Library c:\program files\avira\antivir desktop\ccmainrc.dll (Control Center Resources/Avira GmbH) 0x016B0000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Process C:\Windows\System32\StikyNot.exe (Pense-bête/Microsoft Corporation) 2784 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\System32\slc.dll (Dll de client de gestion de licences du logiciel/Microsoft Corporation) 0x734D0000 Process C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Outlook/Microsoft Corporation) 2912 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf 0x6E1E0000 Library c:\progra~1\micros~2\office14\olmapi32.dll (Extended MAPI 1.0 for Windows NT/Microsoft Corporation) 0x69030000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x73A10000 Library C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll 0x67930000 Library C:\Program Files\Microsoft Office\Office14\WindowsLiveProvider.DLL (Live Social Provider/Microsoft Corporation) 0x67890000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Library c:\progra~1\micros~2\office14\exsec32.dll (digsig32/Microsoft Corporation) 0x67750000 Library C:\Program Files\Common Files\Microsoft Shared\OFFICE14\USP10.DLL (Uniscribe Unicode script processor/Microsoft Corporation) 0x60AE0000 Library C:\Windows\system32\MSACM32.dll (Filtre audio ACM Microsoft/Microsoft Corporation) 0x73450000 Library C:\Windows\System32\l3codeca.acm (MPEG Layer-3 Audio Codec for MSACM/Fraunhofer Institut Integrierte Schaltungen IIS) 0x6CC10000 Process C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (Volume related element/ Hewlett-Packard Development Company, L.P.) 2976 Library C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (Volume related element/ Hewlett-Packard Development Company, L.P.) 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Process C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 3080 Library C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 0x01140000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\chrome.dll (Google Chrome/Google Inc.) 0x58A40000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x73A10000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\icudt.dll (ICU Data DLL/The ICU Project) 0x5FAE0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\pdf.dll 0x5EEC0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\ppGoogleNaClPluginChrome.dll 0x5F990000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\avcodec-52.dll 0x5F6B0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\avutil-50.dll 0x5F680000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\avformat-52.dll 0x5F640000 Process C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 3184 Library C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 0x01140000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\chrome.dll (Google Chrome/Google Inc.) 0x58A40000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x73A10000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\icudt.dll (ICU Data DLL/The ICU Project) 0x5FAE0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\gcswf32.dll 0x5AC80000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Library C:\Windows\system32\MSACM32.dll (Filtre audio ACM Microsoft/Microsoft Corporation) 0x73450000 Process C:\Windows\system32\SearchIndexer.exe (Indexeur Microsoft Windows Search/Microsoft Corporation) 3380 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Process C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 3480 Library C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 0x01140000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\chrome.dll (Google Chrome/Google Inc.) 0x58A40000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x73A10000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\icudt.dll (ICU Data DLL/The ICU Project) 0x5FAE0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\pdf.dll 0x5EEC0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\ppGoogleNaClPluginChrome.dll 0x5F990000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\avcodec-52.dll 0x5F6B0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\avutil-50.dll 0x5F680000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\avformat-52.dll 0x5F640000 Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 3492 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Windows\system32\DEVOBJ.dll (Device Information Set DLL/Microsoft Corporation) 0x753F0000 Process C:\Windows\system32\svchost.exe (Processus hôte pour les services Windows/Microsoft Corporation) 3520 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (hpqwmiex Module/Hewlett-Packard Development Company, L.P.) 3552 Library C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (hpqwmiex Module/Hewlett-Packard Development Company, L.P.) 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Users\\Downloads\npj0p2s7.exe 3684 Library C:\Users\\Downloads\npj0p2s7.exe 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 3788 Library C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Chrome/Google Inc.) 0x01140000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\chrome.dll (Google Chrome/Google Inc.) 0x58A40000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x73A10000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\icudt.dll (ICU Data DLL/The ICU Project) 0x5FAE0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\pdf.dll 0x5EEC0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\ppGoogleNaClPluginChrome.dll 0x5F990000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\avcodec-52.dll 0x5F6B0000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\avutil-50.dll 0x5F680000 Library C:\Users\\AppData\Local\Google\Chrome\Application\13.0.782.107\avformat-52.dll 0x5F640000 Process C:\Windows\system32\wbem\wmiprvse.exe (WMI Provider Host/Microsoft Corporation) 3828 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 Process C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Synaptics Pointing Device Helper/Synaptics Incorporated) 3952 Library C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Synaptics Pointing Device Helper/Synaptics Incorporated) 0x00400000 Library C:\Windows\system32\LPK.dll (Language Pack/Microsoft Corporation) 0x75B00000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x77210000 ---- Services - GMER 1.0.15 ---- Service C:\Windows\system32\DRIVERS\Accelerometer.sys (HP Accelerometer/Hewlett-Packard Company) [MANUAL] Accelerometer Service C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Acrobat Update Service/Adobe Systems Incorporated) [AUTO] AdobeARMservice Service C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec Windows SAS/SATA Storport Driver/Adaptec, Inc.) [MANUAL] adp94xx Service C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec Windows SATA Storport Driver/Adaptec, Inc.) [MANUAL] adpahci Service C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec StorPort Ultra320 SCSI Driver/Adaptec, Inc.) [MANUAL] adpu320 Service C:\Windows\system32\DRIVERS\AGRSM.sys (SoftModem Device Driver/LSI Corp) [MANUAL] AgereSoftModem Service C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec Ultra SCSI miniport/Adaptec, Inc.) [MANUAL] aic78xx Service C:\Windows\system32\drivers\aliide.sys (ALi mini IDE Driver/Acer Laboratories Inc.) [MANUAL] aliide Service C:\Windows\system32\atiesrxx.exe (AMD External Events Service Module/AMD) [AUTO] AMD External Events Utility Service C:\Windows\system32\drivers\amdsata.sys (AHCI 1.2 Device Driver/Advanced Micro Devices) [MANUAL] amdsata Service C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technology AHCI Compatible Controller Driver for Windows family/AMD Technologies Inc.) [MANUAL] amdsbs Service C:\Windows\system32\drivers\amdxata.sys (Storage Filter Driver/Advanced Micro Devices) [bOOT] amdxata Service C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) [AUTO] AntiVirSchedulerService Service C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) [AUTO] AntiVirService Service C:\Windows\system32\DRIVERS\arc.sys (Adaptec RAID Storport Driver/Adaptec, Inc.) [MANUAL] arc Service C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec SAS RAID WS03 Driver/Adaptec, Inc.) [MANUAL] arcsas Service Atierecord Service C:\Windows\system32\DRIVERS\atikmdag.sys (ATI Radeon Kernel Mode Driver/ATI Technologies Inc.) [MANUAL] atikmdag Service C:\Windows\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) [AUTO] avgntflt Service C:\Windows\system32\DRIVERS\avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) [sYSTEM] avipbb Service C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom NetXtreme II GigE VBD/Broadcom Corporation) [MANUAL] b06bdrv Service C:\Windows\system32\DRIVERS\b57nd60x.sys (Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet./Broadcom Corporation) [MANUAL] b57nd60x Service C:\Windows\system32\drivers\bckd.sys (K9 Web Protection Driver/Blue Coat Systems, Inc.) [sYSTEM] bckd Service C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe (K9 Web Protection Filter/Blue Coat Systems, Inc.) [AUTO] bckwfs Service C:\Windows\system32\DRIVERS\BrFiltLo.sys (Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltLo Service C:\Windows\system32\DRIVERS\BrFiltUp.sys (Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltUp Service C:\Windows\System32\Drivers\Brserid.sys (Pilote Brother Série I/F (WDM)/Brother Industries Ltd.) [MANUAL] Brserid Service C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Serial driver (WDM version)/Brother Industries Ltd.) [MANUAL] BrSerWdm Service C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother USB MDM Driver /Brother Industries Ltd.) [MANUAL] BrUsbMdm Service C:\Windows\System32\Drivers\BrUsbSer.sys (Brother USB Serial Driver/Brother Industries Ltd.) [MANUAL] BrUsbSer Service C:\Windows\system32\drivers\cmdide.sys (CMD PCI IDE Bus Driver/CMD Technology, Inc.) [MANUAL] cmdide Service C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Com for QLB application/Hewlett-Packard Development Company, L.P.) [AUTO] Com4QLBEx Service C:\Windows\System32\drivers\discache.sys (System Indexer/Cache Driver/Microsoft Corporation) [sYSTEM] discache Service C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom NetXtreme II 10 GigE VBD/Broadcom Corporation) [MANUAL] ebdrv Service C:\Windows\system32\DRIVERS\elxstor.sys (Storport Miniport Driver for LightPulse HBAs/Emulex) [MANUAL] elxstor Service C:\Windows\system32\DRIVERS\flpydisk.sys (Floppy Driver/Microsoft Corporation) [MANUAL] flpydisk Service C:\Windows\system32\DRIVERS\cpqbttn.sys (HP Tablet PC Key Button HID Driver/Hewlett-Packard Development Company, L.P.) [MANUAL] HBtnKey Service C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge WinTV 885 Consumer IR Driver for eHome/Hauppauge Computer Works, Inc.) [MANUAL] hcw85cir Service C:\Windows\system32\DRIVERS\hpdskflt.sys (HP Disk Filter - SATA/RAID/Hewlett-Packard Company) [bOOT] hpdskflt Service C:\Windows\system32\DRIVERS\HpqKbFiltr.sys (HpqKbFiltr Keyboard Filter Driver/Hewlett-Packard Development Company, L.P.) [MANUAL] HpqKbFiltr Service C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (hpqwmiex Module/Hewlett-Packard Development Company, L.P.) [MANUAL] hpqwmiex Service C:\Windows\system32\drivers\HpSAMD.sys (Smart Array SAS/SATA Controller Media Driver/Hewlett-Packard Company) [MANUAL] HpSAMD Service C:\Windows\system32\Hpservice.exe (HpService/Hewlett-Packard Company) [AUTO] hpsrv Service C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (RAID Monitor/Intel Corporation) [AUTO] IAANTMON Service C:\Windows\system32\DRIVERS\iaStor.sys (Intel Matrix Storage Manager driver - ia32/Intel Corporation) [bOOT] iaStor Service C:\Windows\system32\drivers\iaStorV.sys (Intel Matrix Storage Manager driver - ia32/Intel Corporation) [MANUAL] iaStorV Service C:\Windows\system32\DRIVERS\iirsp.sys (Intel/ICP Raid Storport Driver/Intel Corp./ICP vortex GmbH) [MANUAL] iirsp Service C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Fusion-MPT FC Driver (StorPort)/LSI Corporation) [MANUAL] LSI_FC Service C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Fusion-MPT SAS Driver (StorPort)/LSI Corporation) [MANUAL] LSI_SAS Service C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI SAS Gen2 Driver (StorPort)/LSI Corporation) [MANUAL] LSI_SAS2 Service C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Fusion-MPT SCSI Driver (StorPort)/LSI Corporation) [MANUAL] LSI_SCSI Service C:\Windows\system32\DRIVERS\megasas.sys (MEGASAS RAID Controller Driver for Windows 7 for x86/LSI Corporation) [MANUAL] megasas Service C:\Windows\system32\DRIVERS\MegaSR.sys (LSI MegaRAID Software RAID Driver/LSI Corporation, Inc.) [MANUAL] MegaSR Service MSDTC Bridge 3.0.0.0 Service MSDTC Bridge 4.0.0.0 Service C:\Windows\system32\drivers\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [sYSTEM] mssmbios Service C:\Windows\system32\DRIVERS\NETw5s32.sys (Intel® Wireless WiFi Link Driver/Intel Corporation) [MANUAL] NETw5s32 Service C:\Windows\system32\DRIVERS\netw5v32.sys (Intel® Wireless WiFi Link Driver/Intel Corporation) [MANUAL] netw5v32 Service C:\Windows\system32\DRIVERS\nfrd960.sys (IBM ServeRAID Controller Driver/IBM Corporation) [MANUAL] nfrd960 Service C:\Windows\system32\drivers\nvraid.sys (NVIDIA® nForce RAID Driver/NVIDIA Corporation) [MANUAL] nvraid Service C:\Windows\system32\drivers\nvstor.sys (NVIDIA® nForce Sata Performance Driver/NVIDIA Corporation) [MANUAL] nvstor Service Outlook Service C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Fibre Channel Stor Miniport Driver/QLogic Corporation) [MANUAL] ql2300 Service C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic iSCSI Storport Miniport Driver/QLogic Corporation) [MANUAL] ql40xx Service RDPUDD Service (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [AUTO] secdrv Service ServiceModelEndpoint 3.0.0.0 Service ServiceModelOperation 3.0.0.0 Service ServiceModelService 3.0.0.0 Service C:\Windows\system32\DRIVERS\SiSRaid2.sys (SiS RAID Stor Miniport Driver/Silicon Integrated Systems Corp.) [MANUAL] SiSRaid2 Service C:\Windows\system32\DRIVERS\sisraid4.sys (SiS AHCI Stor-Miniport Driver/Silicon Integrated Systems) [MANUAL] SiSRaid4 Service SMSvcHost 3.0.0.0 Service SMSvcHost 4.0.0.0 Service C:\Windows\system32\DRIVERS\snp2uvc.sys [MANUAL] SNP2UVC Service C:\Windows\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) [sYSTEM] ssmdrv Service C:\Windows\system32\DRIVERS\stexstor.sys (Promise SuperTrak EX Series Driver for Windows /Promise Technology) [MANUAL] stexstor Service System32\drivers\synth3dvsc.sys [MANUAL] Synth3dVsc Service C:\Windows\system32\DRIVERS\SynTP.sys (Synaptics Touchpad Driver/Synaptics Incorporated) [MANUAL] SynTP Service TCPIP6TUNNEL Service TCPIPTUNNEL Service system32\drivers\tsusbhub.sys [MANUAL] tsusbhub Service C:\Windows\system32\DRIVERS\umpass.sys (Generic pass-through driver/Microsoft Corporation) [MANUAL] UmPass Service system32\DRIVERS\VClone.sys [sYSTEM] VClone Service C:\Windows\system32\DRIVERS\vgapnp.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [MANUAL] vga Service System32\drivers\rdvgkmd.sys [MANUAL] VGPU Service C:\Windows\system32\drivers\viaide.sys (VIA Generic PCI IDE Bus Driver/VIA Technologies, Inc.) [MANUAL] viaide Service C:\Windows\system32\DRIVERS\vsmraid.sys (VIA RAID DRIVER FOR AMD-X86-64/VIA Technologies Inc.,Ltd) [MANUAL] vsmraid Service C:\Windows\system32\drivers\wimmount.sys (Wim file system Driver/Microsoft Corporation) [MANUAL] WIMMount Service Windows Workflow Foundation 3.0.0.0 Service WSearchIdxPi Service C:\Windows\system32\DRIVERS\yk62x86.sys (Pilote Miniport pour contrôleur Ethernet Marvell Yukon./Marvell) [MANUAL] yukonw7 ---- EOF - GMER 1.0.15 ----

voila j'ai lu sur un autre message qu'il vallait mieux utliser ZHPDiag alors voila le rapport Rapport de ZHPDiag v1.28.1313 par Nicolas Coolman, Update du 05/08/2011 Run by .......at 07/08/2011 17:51:16 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 5.0 v GCIE: Google Chrome v13.0.782.107 (Defaut) ---\\ Windows Product Information Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : Absent (Not found) Windows ID Activation : Inconnue (Unknown) Windows Licence : Inconnue (Unknown) Software Protection Service (Protection logicielle) : KO Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Information ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3067 MB (56% free) System Restore: Activé (Enable) System drive C: has 36 GB (63%) free of 56 GB ---\\ Logged in mode ~ Computer Name: -PC ~ User Name: ~ All Users Names: , Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\\AppData\Roaming\ ~ %Desktop% : C:\Users\\Desktop\ ~ %Favorites% : C:\Users\\Favorites\ ~ %LocalAppData% : C:\Users\\AppData\Local\ ~ %StartMenu% : C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 36 Go of 56 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 100 Go of 232 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 1 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 9 Go) G:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.28/04/2011 - 07:30:54.) -- C:\Windows\Explorer.exe [2616320] [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (....) (.14/07/2009 - 03:14:31.) -- C:\Windows\system32\rundll32.exe [44544] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 03:14:45.) -- C:\Windows\system32\Wininit.exe [96256] [MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/03/2011 - 22:41:18.) -- C:\Windows\system32\wininet.dll [1126912] [MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.29/03/2011 - 14:17:54.) -- C:\Windows\system32\Winlogon.exe [286720] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 03:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584] [MD5.81189C3D7763838E55C397759D49007A] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.28/04/2011 - 07:39:00.) -- C:\Windows\system32\drivers\ntfs.sys [1211264] [MD5.D41D8CD98F00B204E9800998ECF8427E] - (....) (.29/03/2011 - 00:00:00.) -- C:\Windows\system32\sppcomapi.dll [193536] [MD5.4A1DDEFCD5C41BFABF2AFE14AE5D91CF] - (....) (.27/04/2011 - 23:32:24.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/34 ~ Mes Favoris (My Favorites) : 3/26 ~ Mes Documents (My Documents) : 1/17 ~ Mon Bureau (My Desktop) : 0/15 ~ Menu demarrer (Programs) : 6/33 ~ Scan Hidden Files in 00mn 00s ---\\ Processus lancés [MD5.75B2B53A5A75087D48ADE7C1CEBC3687] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904] [MD5.FE7CE849DB8C3986B2E721C6A3184FAA] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [287800] [MD5.27BECC2AF4E3ABF31B1E8214A7EFDD9E] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512] [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [MD5.2F0EAAF91FC7A5C70D1F4BE9B18A1CF5] - (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe [354304] [MD5.001B2CD2D45BC59575BA0F1A4A997682] - (. Hewlett-Packard Development Company, L.P. - Volume related element.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe [76856] [MD5.9CCA0C387F6E6A1D5CFEF82992DC601C] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [MD5.0DE3C7622EC33126579B1742260F08C2] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe [632888] [MD5.CA6DB5CB169E09209D0BA380E398D87B] - (.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE [15889248] [MD5.E8CF6556E37BAD500F763B1DEF8780BC] - (.Google Inc. - Google Chrome.) -- C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe [1017912] [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- C:\Windows\system32\rundll32.exe [44544] [MD5.12FDBDA5759C7A19F57799F91F9F97A4] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664064] ~ Scan Processes Running in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] None G2 - GCE: Preference [user Data\Default] [beffmlbcbemlhacdkgniohbbamiogdkh] View Theme (Aero) v.2.0 (Activé) ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\lv6tf6wp.default\prefs.js M3 - MFPP: Plugins - [] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [] -- C:\Program Files\Mozilla FireFox\searchplugins\fcmdSrch.xml M3 - MFPP: Plugins - [] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M0 - MFSP: prefs.js [- lv6tf6wp.default] Google P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 2.0.0048.0.) -- C:\Program Files\Mozilla Firefox\Plugins\npOGAPlugin.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.dll P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (...) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (.not file.) P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKUS\S-1-5-21-2218891609-2992209685-1648886966-1000\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} . (...) (No version) -- (.not file.) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll R3 - URLSearchHook: (no name) - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} . (...) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} . (...) -- (.not file.) ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [iAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-2218891609-2992209685-1648886966-1000\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-21-2218891609-2992209685-1648886966-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\\Desktop\013 NetVision.lnk - Clé orpheline O4 - Global Startup: C:\Users\\Desktop\Calculator.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\calc.exe O4 - Global Startup: C:\Users\\Desktop\FOREX.lnk . (...) -- D:\Document De Meir\Documents\FOREX O4 - Global Startup: C:\Users\\Desktop\Ma musique.lnk . (...) -- D:\Document De Meir\Music O4 - Global Startup: C:\Users\\Desktop\Maasser 1.xls.lnk . (...) -- D:\Document De Meir\Documents\Divers\Maasser 1.xls O4 - Global Startup: C:\Users\\Desktop\MES DOCUMENTS.lnk . (...) -- D:\Document De Meir\Documents O4 - Global Startup: C:\Users\\Desktop\Mes images.lnk . (...) -- D:\Document De Meir\Pictures O4 - Global Startup: C:\Users\\Desktop\Mes vidéos.lnk . (...) -- D:\Document De Meir\Videos O4 - Global Startup: C:\Users\\Desktop\OTSAR HAHOKHMA.lnk . (...) -- D:\Document De Meir\Documents\OTSAR HAHOKHMA O4 - Global Startup: C:\Users\\Desktop\Rabbanith HALFER.lnk . (...) -- D:\Document De Meir\Documents\Hinoukh\Rabbanith HALFER O4 - Global Startup: C:\Users\\Desktop\Rav Guershon CAHEN chlita.lnk . (...) -- D:\Document De Meir\Documents\Rav Guershon CAHEN chlita O4 - Global Startup: C:\Users\\Desktop\Revo Uninstaller.lnk . (.VS Revo Group.) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe O4 - Global Startup: C:\Users\\Desktop\úåøú àîú - 274.lnk . (...) -- C:\Program Files\úåøú àîú - 274\bh3.exe O4 - Global Startup: C:\Users\\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE O4 - Global Startup: C:\Users\\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &Envoyer à OneNote . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~2\Office14\EXCEL.exe ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBTTN~1.dll ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{CA76E732-EAD9-42BA-85E8-B70B7E3AED3E}: NameServer = 212.143.212.143 194.90.1.5 O17 - HKLM\System\CCS\Services\Tcpip\..\{21FFF372-3D56-465E-B9A5-D9AE0E3D30E1}: DhcpNameServer = 192.168.101.102 192.168.101.101 O17 - HKLM\System\CCS\Services\Tcpip\..\{500BD800-EAD5-42B8-B245-2B1C7ED6B50C}: DhcpNameServer = 10.100.102.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{CA76E732-EAD9-42BA-85E8-B70B7E3AED3E}: NameServer = 212.143.212.143 194.90.1.5 O17 - HKLM\System\CS1\Services\Tcpip\..\{21FFF372-3D56-465E-B9A5-D9AE0E3D30E1}: DhcpNameServer = 192.168.101.102 192.168.101.101 O17 - HKLM\System\CS1\Services\Tcpip\..\{500BD800-EAD5-42B8-B245-2B1C7ED6B50C}: DhcpNameServer = 10.100.102.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{CA76E732-EAD9-42BA-85E8-B70B7E3AED3E}: NameServer = 212.143.212.143 194.90.1.5 O17 - HKLM\System\CS2\Services\Tcpip\..\{21FFF372-3D56-465E-B9A5-D9AE0E3D30E1}: DhcpNameServer = 192.168.101.102 192.168.101.101 O17 - HKLM\System\CS2\Services\Tcpip\..\{500BD800-EAD5-42B8-B245-2B1C7ED6B50C}: DhcpNameServer = 10.100.102.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ Scan SSODL in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Blue Coat K9 Web Protection (bckwfs) . (.Blue Coat Systems, Inc. - K9 Web Protection Filter.) - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe O23 - Service: Com4QLBEx (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P. - Com for QLB application.) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\system32\Hpservice.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2218891609-2992209685-1648886966-1000Core.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2218891609-2992209685-1648886966-1000UA.job [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2218891609-2992209685-1648886966-1000Core] (.Google Inc..) -- C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2218891609-2992209685-1648886966-1000UA] (.Google Inc..) -- C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Program Files\Nosibay\Widget LEquipe.fr\LWidget LEquipe.fr.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{D46B35A4-440C-4362-BB22-677C4191B7CB}] (...) -- C:\Program Files\Skype\Phone\Skype.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [First Boot] (...) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe (.not file.) ~ Scan Scheduled Task in 00mn 01s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: (bckd) . (.Blue Coat Systems, Inc. - K9 Web Protection Driver.) - C:\Windows\system32\drivers\bckd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\system32\drivers\csc.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VClone) . (. - .) - C:\Windows\system32\DRIVERS\VClone.sys (.not file.) O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Blue Coat K9 Web Protection 4.2.123 - (.Blue Coat Systems, Inc..) [HKLM] -- Blue Coat K9 Web Protection O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Definition update for Microsoft Office 2010 (KB982726) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2FD3FD50-4D6B-433B-9AB8-83F04675DA44} O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler O42 - Logiciel: Easy CD-DA Extractor 12 - (.Poikosoft.) [HKLM] -- Easy CD-DA Extractor 12 O42 - Logiciel: FXCM Trading Station - (.Pas de propriétaire.) [HKCU] -- FXCM Trading Station O42 - Logiciel: GoToMeeting 4.8.0.723 - (.CitrixOnline.) [HKCU] -- GoToMeeting O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: HD Tune 2.55 - (.EFD Software.) [HKLM] -- HD Tune_is1 O42 - Logiciel: HP Quick Launch Buttons - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355} O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft Office Professionnel Plus 2010 - (.Microsoft Corporation.) [HKLM] -- Office14.PROPLUS O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr) O42 - Logiciel: Revo Uninstaller 1.92 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft Excel 2010 (KB2523021) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{AA9E4C48-857D-4558-A4F4-343CA7680277} O42 - Logiciel: Security Update for Microsoft InfoPath 2010 (KB2510065) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3C6C6854-EB6B-455C-B0A6-9871F0538028} O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2289078) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{1D1A4F08-2F17-475B-BA72-476CE5992FEE} O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2289161) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F134C2C6-30B3-4169-A325-58482B4CE6FC} O42 - Logiciel: Security Update for Microsoft PowerPoint 2010 (KB2519975) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{45D7C5CD-B967-44AF-9DAB-E5C8545558AD} O42 - Logiciel: Security Update for Microsoft Publisher 2010 (KB2409055) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{C3C277D5-36E3-4B1A-926A-175B2BC019CF} O42 - Logiciel: Security Update for Microsoft Word 2010 (KB2345000) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A6D422EE-1196-45EE-B9AE-6B5B64975E8B} O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870 O42 - Logiciel: Update for Microsoft Office 2010 (KB2202188) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{86B7A074-265D-420C-9E1E-7A920EF0ECA7} O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{556146F7-74AE-4E0A-B64F-5B8B93469F61} O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B5516874-E926-4BFD-B412-D0E70112F244} O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D6CE7280-6EE3-419A-8F47-DB111C040B1B} O42 - Logiciel: Update for Microsoft Office 2010 (KB2494150) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA} O42 - Logiciel: Update for Microsoft Office 2010 (KB2523113) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{C0FF04BF-A05E-408B-81CA-B7FACDA508A3} O42 - Logiciel: Update for Microsoft OneNote 2010 (KB2493983) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{309EEC22-83CE-4109-B019-BA9392FAA322} O42 - Logiciel: Update for Microsoft Outlook Social Connector (KB2441641) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A10DC2B7-6FDA-4C17-9DF0-6A834CAC4306} O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: úåøú àîú - 274 - (.Pas de propriétaire.) [HKLM] -- úåøú àîú - 274 ---\\ HKCU & HKLM Software Keys [HKCU\Software\ALWIL Software] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Monitored] [HKCU\Software\AppDataLow\Software\Setuprog] [HKCU\Software\AppDataLow\Software\settings] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Avira] [HKCU\Software\BitDefender] [HKCU\Software\Citrix] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\EasyBits] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\JavaSoft] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MetaQuotes Software] [HKCU\Software\MimarSinan] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NCH Software] [HKCU\Software\NCH Swift Sound] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Piriform] [HKCU\Software\Poikosoft] [HKCU\Software\Policies] [HKCU\Software\Skype] [HKCU\Software\Synaptics] [HKCU\Software\VSRevoGroup] [HKCU\Software\WH SELFINVEST] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\cacaoweb] [HKCU\Software\yahooinstall] [HKLM\Software\ALWIL Software] [HKLM\Software\AMD] [HKLM\Software\ATI Technologies] [HKLM\Software\Adobe] [HKLM\Software\Agere] [HKLM\Software\Avira] [HKLM\Software\Blue Coat Systems] [HKLM\Software\CandleWorks] [HKLM\Software\Caphyon] [HKLM\Software\Citrix] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Google] [HKLM\Software\HPQLOG] [HKLM\Software\HPQ] [HKLM\Software\Hewlett-Packard] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\LSI] [HKLM\Software\Licenses] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Poikosoft] [HKLM\Software\Policies] [HKLM\Software\RegisteredApplications] [HKLM\Software\Setuprog] [HKLM\Software\Siemens] [HKLM\Software\Sonic] [HKLM\Software\Synaptics] [HKLM\Software\TrendMicro] [HKLM\Software\Uniblue] [HKLM\Software\Volatile] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\X-AVCSD] [HKLM\Software\mozilla.org] [HKLM\Software\tueagles] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 21/06/2011 - 10:39:06 - [164206100] ----D- C:\Program Files\Adobe O43 - CFD: 12/04/2011 - 01:23:28 - [137568206] ----D- C:\Program Files\Avira O43 - CFD: 01/08/2011 - 09:26:16 - [28220761] ----D- C:\Program Files\Blue Coat K9 Web Protection O43 - CFD: 21/06/2011 - 10:19:52 - [332288] ----D- C:\Program Files\CableConnect O43 - CFD: 22/02/2011 - 12:01:20 - [40828882] ----D- C:\Program Files\Candleworks O43 - CFD: 04/08/2011 - 10:56:08 - [4068448] ----D- C:\Program Files\CCleaner O43 - CFD: 29/03/2011 - 22:18:46 - [19719460] ----D- C:\Program Files\Citrix O43 - CFD: 01/08/2011 - 12:00:02 - [493628154] ----D- C:\Program Files\Common Files O43 - CFD: 22/04/2011 - 13:39:22 - [4176624] ----D- C:\Program Files\Defraggler O43 - CFD: 29/03/2011 - 02:26:58 - [83226644] ----D- C:\Program Files\DVD Maker O43 - CFD: 17/03/2011 - 14:55:44 - [12148002] ----D- C:\Program Files\Easy CD-DA Extractor 12 O43 - CFD: 19/04/2011 - 22:49:58 - [0] ----D- C:\Program Files\Elaborate Bytes O43 - CFD: 22/02/2011 - 12:08:26 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 28/03/2011 - 19:42:48 - [1294055] ----D- C:\Program Files\HD Tune O43 - CFD: 19/04/2011 - 22:45:00 - [33910700] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 19/04/2011 - 22:42:36 - [52558910] ----D- C:\Program Files\HP O43 - CFD: 29/03/2011 - 00:00:26 - [7816391] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 28/03/2011 - 18:30:36 - [48648859] ----D- C:\Program Files\Intel O43 - CFD: 15/06/2011 - 21:42:14 - [5175108] ----D- C:\Program Files\Internet Explorer O43 - CFD: 15/06/2011 - 21:46:30 - [88550924] ----D- C:\Program Files\Java O43 - CFD: 28/07/2011 - 15:39:10 - [7009806] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 29/07/2011 - 01:15:18 - [0] ----D- C:\Program Files\Microsoft O43 - CFD: 23/03/2011 - 23:45:08 - [39848379] ----D- C:\Program Files\Microsoft Analysis Services O43 - CFD: 14/07/2009 - 12:01:22 - [147813426] ----D- C:\Program Files\Microsoft Games O43 - CFD: 23/03/2011 - 23:49:14 - [990167592] ----D- C:\Program Files\Microsoft Office O43 - CFD: 15/06/2011 - 21:43:20 - [38411899] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 10/05/2011 - 14:13:58 - [1805760] ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 23/03/2011 - 23:49:14 - [793991] ----D- C:\Program Files\Microsoft Sync Framework O43 - CFD: 23/03/2011 - 23:49:42 - [326800] ----D- C:\Program Files\Microsoft Synchronization Services O43 - CFD: 23/03/2011 - 23:47:24 - [1378033] ----D- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 23/03/2011 - 23:49:14 - [8167779] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 27/06/2011 - 14:05:20 - [35651008] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 23/03/2011 - 23:50:12 - [26521] ----D- C:\Program Files\MSBuild O43 - CFD: 29/07/2011 - 13:14:58 - [6395439] ----D- C:\Program Files\MSECache O43 - CFD: 13/07/2011 - 23:08:52 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 14/07/2009 - 07:52:32 - [39159041] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 28/03/2011 - 18:54:44 - [165912] ----D- C:\Program Files\SCM Microsystems O43 - CFD: 28/03/2011 - 18:55:20 - [28064873] ----D- C:\Program Files\Synaptics O43 - CFD: 20/06/2011 - 21:55:58 - [3123] ----D- C:\Program Files\ToratEmetUserData O43 - CFD: 11/04/2011 - 23:56:38 - [1197493] ----D- C:\Program Files\Trend Micro O43 - CFD: 14/07/2009 - 07:53:24 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 22/02/2011 - 11:40:08 - [6812742] ----D- C:\Program Files\VS Revo Group O43 - CFD: 29/03/2011 - 02:26:56 - [3050496] ----D- C:\Program Files\Windows Defender O43 - CFD: 29/03/2011 - 02:26:58 - [7013496] ----D- C:\Program Files\Windows Journal O43 - CFD: 28/07/2011 - 19:54:48 - [108086664] ----D- C:\Program Files\Windows Live O43 - CFD: 29/03/2011 - 02:26:58 - [6181376] ----D- C:\Program Files\Windows Mail O43 - CFD: 29/03/2011 - 02:26:58 - [6604034] ----D- C:\Program Files\Windows Media Player O43 - CFD: 22/02/2011 - 12:08:26 - [12197556] ----D- C:\Program Files\Windows NT O43 - CFD: 29/03/2011 - 02:26:58 - [4417800] ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 29/03/2011 - 02:26:58 - [189952] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 29/03/2011 - 02:26:58 - [6683807] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 22/02/2011 - 12:04:24 - [5253970] ----D- C:\Program Files\WinRAR O43 - CFD: 07/08/2011 - 17:51:18 - [4002525] ----D- C:\Program Files\ZHPDiag O43 - CFD: 20/06/2011 - 21:55:40 - [270728709] ----D- C:\Program Files\úåøú àîú - 274 O43 - CFD: 21/06/2011 - 10:39:12 - [3606170] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 23/03/2011 - 23:49:40 - [99136] ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD: 29/03/2011 - 00:28:02 - [344576] ----D- C:\Program Files\Common Files\Hewlett-Packard O43 - CFD: 29/03/2011 - 20:02:00 - [96932] ----D- C:\Program Files\Common Files\HP O43 - CFD: 15/06/2011 - 21:46:48 - [1258951] ----D- C:\Program Files\Common Files\Java O43 - CFD: 28/07/2011 - 19:49:36 - [251039930] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 01/08/2011 - 12:00:02 - [901120] ----D- C:\Program Files\Common Files\Nosibay O43 - CFD: 14/07/2009 - 05:37:06 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 06/04/2011 - 12:38:14 - [2254216] ----D- C:\Program Files\Common Files\Skype O43 - CFD: 14/07/2009 - 05:37:06 - [41103783] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 23/03/2011 - 23:45:48 - [14410601] ----D- C:\Program Files\Common Files\System O43 - CFD: 14/04/2011 - 21:22:48 - [178510037] ----D- C:\Program Files\Common Files\Windows Live O43 - CFD: 21/06/2011 - 10:39:08 - [479] ----D- C:\ProgramData\Adobe O43 - CFD: 22/02/2011 - 11:15:24 - [2790253] ----D- C:\ProgramData\Alwil Software O43 - CFD: 14/07/2009 - 07:53:56 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 12/04/2011 - 01:23:28 - [814936421] ----D- C:\ProgramData\Avira O43 - CFD: 08/05/2011 - 19:16:10 - [0] ----D- C:\ProgramData\Babylon O43 - CFD: 22/02/2011 - 12:08:26 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 14/07/2009 - 07:53:56 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 07:53:56 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 17/03/2011 - 14:55:42 - [14511] ----D- C:\ProgramData\Easy CD-DA Extractor O43 - CFD: 22/02/2011 - 12:08:26 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 07:53:56 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 28/03/2011 - 19:06:20 - [203595] ----D- C:\ProgramData\Hewlett-Packard O43 - CFD: 29/03/2011 - 21:06:26 - [8515170] ----D- C:\ProgramData\HP O43 - CFD: 28/03/2011 - 18:52:44 - [5343] ----D- C:\ProgramData\hpqLog O43 - CFD: 11/04/2011 - 22:58:40 - [16582790] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 22/02/2011 - 12:08:26 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 29/07/2011 - 01:15:18 - [191108459] -S--D- C:\ProgramData\Microsoft O43 - CFD: 15/06/2011 - 21:24:18 - [63858] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 22/02/2011 - 12:08:26 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 26/06/2011 - 22:08:34 - [0] ----D- C:\ProgramData\NCH Swift Sound O43 - CFD: 22/05/2011 - 13:58:04 - [2304992] ----D- C:\ProgramData\Skype Extras O43 - CFD: 14/07/2009 - 07:53:56 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 31/03/2011 - 20:03:38 - [189] ----D- C:\ProgramData\Sun O43 - CFD: 17/03/2011 - 14:55:54 - [0] ----D- C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - 07:53:56 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 28/03/2011 - 18:34:32 - [0] ----D- C:\ProgramData\Uniblue O43 - CFD: 29/03/2011 - 16:47:26 - [59] ----D- C:\ProgramData\WEBREG O43 - CFD: 28/03/2011 - 18:43:54 - [20272988] ----D- C:\ProgramData\{657095DF-DBDB-4B17-8245-B38845C97069} O43 - CFD: 13/04/2011 - 02:17:06 - [5534577] ----D- C:\Users\\AppData\Roaming\Adobe O43 - CFD: 12/04/2011 - 01:26:32 - [0] ----D- C:\Users\\AppData\Roaming\Avira O43 - CFD: 08/05/2011 - 19:16:10 - [1598] ----D- C:\Users\\AppData\Roaming\Babylon O43 - CFD: 19/07/2011 - 01:35:04 - [398129] ----D- C:\Users\\AppData\Roaming\cacaoweb O43 - CFD: 22/02/2011 - 14:15:26 - [51986332] ----D- C:\Users\\AppData\Roaming\FXTS2 O43 - CFD: 29/03/2011 - 00:41:26 - [2273] ----D- C:\Users\\AppData\Roaming\HP O43 - CFD: 28/03/2011 - 18:56:40 - [130510] ----D- C:\Users\\AppData\Roaming\hpqLog O43 - CFD: 22/02/2011 - 12:08:56 - [0] ----D- C:\Users\\AppData\Roaming\Identities O43 - CFD: 22/02/2011 - 11:26:20 - [1787] ----D- C:\Users\\AppData\Roaming\Macromedia O43 - CFD: 11/04/2011 - 22:58:46 - [5366] ----D- C:\Users\\AppData\Roaming\Malwarebytes O43 - CFD: 14/07/2009 - 12:00:34 - [0] ----D- C:\Users\\AppData\Roaming\Media Center Programs O43 - CFD: 29/07/2011 - 16:49:52 - [8632345] -S--D- C:\Users\\AppData\Roaming\Microsoft O43 - CFD: 22/02/2011 - 11:20:06 - [14452033] ----D- C:\Users\\AppData\Roaming\Mozilla O43 - CFD: 26/06/2011 - 22:09:48 - [5537806] ----D- C:\Users\\AppData\Roaming\NCH Software O43 - CFD: 26/06/2011 - 22:08:02 - [0] ----D- C:\Users\\AppData\Roaming\NCH Swift Sound O43 - CFD: 18/07/2011 - 18:25:42 - [49348] ----D- C:\Users\\AppData\Roaming\QuickScan O43 - CFD: 22/05/2011 - 17:05:54 - [3375870] ----D- C:\Users\\AppData\Roaming\Skype O43 - CFD: 22/05/2011 - 16:05:06 - [44272] ----D- C:\Users\\AppData\Roaming\skypePM O43 - CFD: 29/07/2011 - 01:11:04 - [12546192] ----D- C:\Users\\AppData\Roaming\Thunderbird O43 - CFD: 15/05/2011 - 20:12:20 - [295] ----D- C:\Users\\AppData\Roaming\Windows Live Writer O43 - CFD: 22/02/2011 - 11:50:00 - [12] ----D- C:\Users\\AppData\Roaming\WinRAR O43 - CFD: 13/04/2011 - 02:11:54 - [15233363] ----D- C:\Users\\AppData\Local\Adobe O43 - CFD: 22/02/2011 - 12:08:42 - [0] -SH-D- C:\Users\\AppData\Local\Application Data O43 - CFD: 08/05/2011 - 19:16:10 - [4809235] ----D- C:\Users\\AppData\Local\Babylon O43 - CFD: 26/06/2011 - 15:18:52 - [2556568] ----D- C:\Users\\AppData\Local\Diagnostics O43 - CFD: 17/03/2011 - 14:55:58 - [12448] ----D- C:\Users\\AppData\Local\Easy CD-DA Extractor O43 - CFD: 26/06/2011 - 15:19:16 - [1357274] ----D- C:\Users\\AppData\Local\ElevatedDiagnostics O43 - CFD: 31/03/2011 - 21:03:18 - [366280656] ----D- C:\Users\\AppData\Local\Google O43 - CFD: 22/02/2011 - 12:08:42 - [0] -SH-D- C:\Users\\AppData\Local\Historique O43 - CFD: 30/03/2011 - 02:08:22 - [16849] ----D- C:\Users\\AppData\Local\HP O43 - CFD: 08/07/2011 - 10:11:44 - [328089420] ----D- C:\Users\\AppData\Local\Microsoft O43 - CFD: 28/02/2011 - 09:31:50 - [145900] ----D- C:\Users\\AppData\Local\Microsoft Help O43 - CFD: 22/02/2011 - 11:20:00 - [64338539] ----D- C:\Users\\AppData\Local\Mozilla O43 - CFD: 22/02/2011 - 12:01:04 - [0] ----D- C:\Users\\AppData\Local\PackageAware O43 - CFD: 07/08/2011 - 17:50:44 - [45816] ----D- C:\Users\\AppData\Local\Temp O43 - CFD: 22/02/2011 - 12:08:42 - [0] -SH-D- C:\Users\\AppData\Local\Temporary Internet Files O43 - CFD: 29/07/2011 - 01:11:04 - [7332393] ----D- C:\Users\\AppData\Local\Thunderbird O43 - CFD: 28/07/2011 - 16:07:26 - [128963] ----D- C:\Users\\AppData\Local\VirtualStore O43 - CFD: 27/06/2011 - 12:56:48 - [90112] ----D- C:\Users\\AppData\Local\Windows Live O43 - CFD: 14/05/2011 - 23:14:36 - [372494] ----D- C:\Users\\AppData\Local\Windows Live Writer O43 - CFD: 21/06/2011 - 20:31:56 - [0] ----D- C:\Users\\AppData\Local\{0096EF5B-334C-4ABC-92C6-95814A4D5E68} O43 - CFD: 30/06/2011 - 09:59:58 - [0] ----D- C:\Users\\AppData\Local\{05D5674A-D2E3-4328-B3C2-4AB959991B8A} O43 - CFD: 13/06/2011 - 08:37:54 - [0] ----D- C:\Users\\AppData\Local\{05FCFDAA-7413-484C-B9A5-524453940DED} O43 - CFD: 26/07/2011 - 13:32:38 - [0] ----D- C:\Users\\AppData\Local\{06DED8F7-1AAB-40A1-A2AB-4FBE29F37A47} O43 - CFD: 20/05/2011 - 10:00:14 - [0] ----D- C:\Users\\AppData\Local\{0833D8FD-2930-45EB-ACC3-7EA75CC67E7A} O43 - CFD: 23/07/2011 - 22:01:00 - [0] ----D- C:\Users\\AppData\Local\{0C917759-492B-4E78-B7B2-A6A55960E881} O43 - CFD: 03/07/2011 - 09:34:44 - [0] ----D- C:\Users\\AppData\Local\{16048C3B-42AE-4977-97C7-FC2A5DC6ACCA} O43 - CFD: 07/06/2011 - 10:12:14 - [0] ----D- C:\Users\\AppData\Local\{17EF2116-ED88-4065-8C14-C53DAE205173} O43 - CFD: 16/06/2011 - 08:43:22 - [0] ----D- C:\Users\\AppData\Local\{19EDBC59-67A6-42E8-A755-154C1127E605} O43 - CFD: 29/05/2011 - 22:08:02 - [0] ----D- C:\Users\\AppData\Local\{1C3217AF-33EA-46DD-BA54-7386AA60561F} O43 - CFD: 14/05/2011 - 21:14:56 - [0] ----D- C:\Users\\AppData\Local\{22251EC6-23E2-450F-B3DE-4AA6549B939B} O43 - CFD: 23/07/2011 - 21:37:52 - [0] ----D- C:\Users\\AppData\Local\{23FB9C8F-1D3B-41B6-BDF1-F2F61FADF64E} O43 - CFD: 12/06/2011 - 14:42:30 - [0] ----D- C:\Users\\AppData\Local\{24F1B9F5-0200-472B-9361-3B8020EE274A} O43 - CFD: 13/07/2011 - 08:29:00 - [0] ----D- C:\Users\\AppData\Local\{2A319725-B1C6-4EB3-9D25-03A44CD474DD} O43 - CFD: 15/06/2011 - 01:53:24 - [0] ----D- C:\Users\\AppData\Local\{2A50008C-4307-4700-ADDC-99C2FF3CB3AE} O43 - CFD: 22/07/2011 - 13:44:12 - [0] ----D- C:\Users\\AppData\Local\{2C38B21F-BE66-4FC6-8EB0-C915361BBE51} O43 - CFD: 17/05/2011 - 20:52:56 - [0] ----D- C:\Users\\AppData\Local\{2CE2407F-A247-4C49-9A14-ADDBE627C674} O43 - CFD: 14/06/2011 - 13:52:58 - [0] ----D- C:\Users\\AppData\Local\{2DCC4F39-244B-4C9F-B759-2C49EE51FEBD} O43 - CFD: 06/06/2011 - 08:31:26 - [0] ----D- C:\Users\\AppData\Local\{2F793120-4E7B-4AF9-9B0A-DFEA0D3E9B82} O43 - CFD: 15/07/2011 - 10:26:42 - [0] ----D- C:\Users\\AppData\Local\{30EB2AFA-07FD-4892-AF44-E80374735ECB} O43 - CFD: 16/05/2011 - 13:44:56 - [0] ----D- C:\Users\\AppData\Local\{320B2D22-8C33-4977-AA6B-46D23EEEC5F6} O43 - CFD: 07/08/2011 - 11:46:00 - [0] ----D- C:\Users\\AppData\Local\{33D7A6A4-D7A6-44BC-B8EF-28A6FBF2AC08} O43 - CFD: 03/07/2011 - 21:35:20 - [0] ----D- C:\Users\\AppData\Local\{3499B93D-F0F5-4327-9FA6-173BA4B3277A} O43 - CFD: 26/05/2011 - 14:10:40 - [0] ----D- C:\Users\\AppData\Local\{34CB3550-D5CF-492E-8DD3-13AA2E2A8378} O43 - CFD: 07/07/2011 - 14:00:58 - [0] ----D- C:\Users\\AppData\Local\{360C257E-6948-4C29-AB9E-0DB54D9DA4DA} O43 - CFD: 03/06/2011 - 08:31:14 - [0] ----D- C:\Users\\AppData\Local\{39BFA4FF-E7CE-4ECC-BB10-EDD0581FF8ED} O43 - CFD: 02/07/2011 - 21:34:18 - [0] ----D- C:\Users\\AppData\Local\{39F0F1CF-B9F7-48AF-AAAA-EA51EF849B94} O43 - CFD: 25/06/2011 - 21:20:32 - [0] ----D- C:\Users\\AppData\Local\{3B645F76-8CC9-4063-B51A-34FF054D4523} O43 - CFD: 11/07/2011 - 08:30:38 - [0] ----D- C:\Users\\AppData\Local\{3ED16CE9-F517-47CC-89CB-EF08CB1E1A39} O43 - CFD: 13/06/2011 - 20:38:18 - [0] ----D- C:\Users\\AppData\Local\{416E5905-B02F-4C3E-A538-4CB2F9E07AA4} O43 - CFD: 09/06/2011 - 22:00:48 - [0] ----D- C:\Users\\AppData\Local\{41F40757-C366-48B0-8BFC-FADB1EF73965} O43 - CFD: 23/06/2011 - 14:03:22 - [0] ----D- C:\Users\\AppData\Local\{46B16055-8837-40B3-ADD3-FE43D29B6A5E} O43 - CFD: 10/05/2011 - 14:24:58 - [0] ----D- C:\Users\\AppData\Local\{48269DC4-8F74-47F5-8BA4-35D271841016} O43 - CFD: 16/07/2011 - 22:02:58 - [0] ----D- C:\Users\\AppData\Local\{4C14C3EE-0E92-47DF-A3E7-89651ED8AFB5} O43 - CFD: 12/06/2011 - 13:49:08 - [0] ----D- C:\Users\\AppData\Local\{4E00B0BB-BD13-4D41-AB67-A3299E379612} O43 - CFD: 06/06/2011 - 22:12:00 - [0] ----D- C:\Users\\AppData\Local\{515C3DA3-B6D2-4BC3-9ECD-5FF08D8E3CB5} O43 - CFD: 16/06/2011 - 23:02:08 - [0] ----D- C:\Users\\AppData\Local\{547332C2-9753-4F3D-A70E-DBCC8800D9ED} O43 - CFD: 19/06/2011 - 14:00:16 - [0] ----D- C:\Users\\AppData\Local\{54847C8F-DB36-41BC-915D-158300D34032} O43 - CFD: 12/05/2011 - 21:36:04 - [0] ----D- C:\Users\\AppData\Local\{54BE5CB4-EB56-45E5-8F21-DD4616DFD0EA} O43 - CFD: 24/06/2011 - 09:21:36 - [0] ----D- C:\Users\\AppData\Local\{55906C03-4492-40C8-961E-F56E42DE6515} O43 - CFD: 21/07/2011 - 13:43:00 - [0] ----D- C:\Users\\AppData\Local\{55E8AD70-92F5-4217-8A5A-DAD0A485BAAA} O43 - CFD: 13/07/2011 - 22:24:54 - [0] ----D- C:\Users\\AppData\Local\{5923C02A-66F8-4E51-A89D-4CB010D228F2} O43 - CFD: 28/05/2011 - 21:14:46 - [0] ----D- C:\Users\\AppData\Local\{597E3E55-6DCB-48C3-9612-DA148405538A} O43 - CFD: 08/07/2011 - 08:40:22 - [0] ----D- C:\Users\\AppData\Local\{5D86B564-CB8F-4BF0-A71C-25407807B0B4} O43 - CFD: 20/06/2011 - 14:00:32 - [0] ----D- C:\Users\\AppData\Local\{5D8F8012-E105-49BD-9CC0-87919FE2A31B} O43 - CFD: 17/05/2011 - 08:13:22 - [0] ----D- C:\Users\\AppData\Local\{5E05DD37-C633-40E7-AA09-9FD95B54AE8D} O43 - CFD: 26/06/2011 - 22:13:04 - [0] ----D- C:\Users\\AppData\Local\{5E780016-1D0B-4E80-BCDE-D124D365CD1E} O43 - CFD: 23/05/2011 - 12:00:56 - [0] ----D- C:\Users\\AppData\Local\{5F36DC54-3AE7-4DFB-B274-FADA767F3255} O43 - CFD: 04/08/2011 - 15:26:34 - [0] ----D- C:\Users\\AppData\Local\{5F7D3B9D-5247-441D-ACE4-6DE8319F2CAA} O43 - CFD: 09/07/2011 - 20:58:24 - [0] ----D- C:\Users\\AppData\Local\{60AF164C-6F03-4FA3-8639-7E2CA4946503} O43 - CFD: 22/02/2011 - 12:01:22 - [13729114] --H-D- C:\Users\\AppData\Local\{60DD9664-2F44-43D6-B1CC-33BEBE6B5480} O43 - CFD: 18/06/2011 - 21:27:46 - [0] ----D- C:\Users\\AppData\Local\{632D752D-752F-4B94-9898-8B6D3CE78ED9} O43 - CFD: 28/07/2011 - 15:56:50 - [0] ----D- C:\Users\\AppData\Local\{64121457-24D0-4B65-957F-6DA964DFF03A} O43 - CFD: 06/07/2011 - 08:24:18 - [0] ----D- C:\Users\\AppData\Local\{66774037-272B-4ED7-81EC-070B96EB9544} O43 - CFD: 17/06/2011 - 11:02:32 - [0] ----D- C:\Users\\AppData\Local\{680E27B7-B0A5-4870-BB06-AECFB707A7A6} O43 - CFD: 22/07/2011 - 01:43:36 - [0] ----D- C:\Users\\AppData\Local\{68E8F8B0-6FC5-4F2E-98E8-89E54C645B83} O43 - CFD: 18/06/2011 - 21:30:30 - [0] ----D- C:\Users\\AppData\Local\{698B51FC-73D2-4A8C-B55B-10311DE834A4} O43 - CFD: 14/07/2011 - 22:26:06 - [0] ----D- C:\Users\\AppData\Local\{6A6549A2-5D9A-4391-97BA-9F01AD8FFC0D} O43 - CFD: 22/05/2011 - 22:08:18 - [0] ----D- C:\Users\\AppData\Local\{6C828817-538E-4376-90D9-2A1767C96CC7} O43 - CFD: 21/05/2011 - 20:53:04 - [0] ----D- C:\Users\\AppData\Local\{6CF8D090-B579-4145-8A92-63203B838DAC} O43 - CFD: 12/06/2011 - 11:03:18 - [0] ----D- C:\Users\\AppData\Local\{6ED94342-6960-465C-B8E2-1EC9D3CAF01A} O43 - CFD: 18/06/2011 - 22:34:30 - [0] ----D- C:\Users\\AppData\Local\{7060BCD8-8A5B-4587-9D0B-294071FBFA4B} O43 - CFD: 29/06/2011 - 21:59:18 - [0] ----D- C:\Users\\AppData\Local\{719CD799-6FBB-44F1-95B2-D3718B2BFAAF} O43 - CFD: 14/05/2011 - 21:14:56 - [0] ----D- C:\Users\\AppData\Local\{7522093D-B8DF-4412-8D0A-B3F6AD5DD9F6} O43 - CFD: 21/06/2011 - 08:31:18 - [0] ----D- C:\Users\\AppData\Local\{7723CE25-903F-42BE-8726-D127AF167E24} O43 - CFD: 05/06/2011 - 14:43:48 - [0] ----D- C:\Users\\AppData\Local\{78CEE5A0-1BF5-43B2-A883-88D0A444CBD7} O43 - CFD: 19/05/2011 - 18:59:28 - [0] ----D- C:\Users\\AppData\Local\{7BF2698F-B1DE-4977-BD9C-31CCDB8DAB22} O43 - CFD: 17/07/2011 - 13:18:56 - [0] ----D- C:\Users\\AppData\Local\{7C858F1D-76E6-4CF5-ACE0-B038DD34230F} O43 - CFD: 12/07/2011 - 14:24:18 - [0] ----D- C:\Users\\AppData\Local\{7E011476-E6B1-4406-B7E3-786AD37322FC} O43 - CFD: 11/06/2011 - 21:03:00 - [0] ----D- C:\Users\\AppData\Local\{7E5841F0-6A79-4CAD-B7B1-2B0A2E075681} O43 - CFD: 14/05/2011 - 22:04:50 - [0] ----D- C:\Users\\AppData\Local\{81A32782-015D-4F31-A3D1-9CB2056D7092} O43 - CFD: 22/05/2011 - 09:16:30 - [0] ----D- C:\Users\\AppData\Local\{84E53A07-3283-4692-B8C8-6BCD411C5884} O43 - CFD: 27/07/2011 - 13:39:12 - [0] ----D- C:\Users\\AppData\Local\{85837497-10DE-4C97-998C-86177389EBF8} O43 - CFD: 01/06/2011 - 14:06:30 - [0] ----D- C:\Users\\AppData\Local\{86638D3C-0D0F-4818-93A0-52EC42AD1E9A} O43 - CFD: 31/05/2011 - 21:29:08 - [0] ----D- C:\Users\\AppData\Local\{8810D6DD-6F95-4C5B-AE29-CD5F26B4178A} O43 - CFD: 19/07/2011 - 01:49:16 - [0] ----D- C:\Users\\AppData\Local\{88AEA5C8-CAC8-44CA-95B0-85699E400CC0} O43 - CFD: 11/05/2011 - 14:50:44 - [0] ----D- C:\Users\\AppData\Local\{8972BF03-C656-4648-B1E4-957444F942B3} O43 - CFD: 11/07/2011 - 13:47:58 - [0] ----D- C:\Users\\AppData\Local\{8A377DE6-8E44-41A9-A666-97C4047250DE} O43 - CFD: 12/06/2011 - 12:09:28 - [0] ----D- C:\Users\\AppData\Local\{8A38D634-DF13-4066-8579-2CD1471880C0} O43 - CFD: 25/05/2011 - 09:27:56 - [0] ----D- C:\Users\\AppData\Local\{8B832FC8-8F39-419C-842B-7D786B00803F} O43 - CFD: 09/06/2011 - 09:24:46 - [0] ----D- C:\Users\\AppData\Local\{8DC4B2BA-9D3D-457E-88B5-823732C8F04D} O43 - CFD: 20/07/2011 - 07:54:46 - [0] ----D- C:\Users\\AppData\Local\{9148BD2A-7CF0-43DD-BEC8-46B3B68FFC65} O43 - CFD: 29/06/2011 - 08:38:08 - [0] ----D- C:\Users\\AppData\Local\{91999723-EEB0-4693-AC77-782AB4919E00} O43 - CFD: 30/05/2011 - 13:52:24 - [0] ----D- C:\Users\\AppData\Local\{92620371-FCBC-4EE0-BD4E-407DC1F874FF} O43 - CFD: 18/07/2011 - 13:48:40 - [0] ----D- C:\Users\\AppData\Local\{9267CC7E-4EA1-43C6-B719-D16B4831D59C} O43 - CFD: 24/07/2011 - 16:33:48 - [0] ----D- C:\Users\\AppData\Local\{9331C387-65CF-4F57-994D-B642722ABF01} O43 - CFD: 25/05/2011 - 23:54:16 - [0] ----D- C:\Users\\AppData\Local\{93904B69-F0E0-49AD-903D-A88F8F23463B} O43 - CFD: 14/05/2011 - 23:14:46 - [0] ----D- C:\Users\\AppData\Local\{946E1454-DDF6-4295-8124-08D0D42ADB2C} O43 - CFD: 19/07/2011 - 13:49:52 - [0] ----D- C:\Users\\AppData\Local\{94D6A9F3-9C0B-429C-8F31-210B5B650D0F} O43 - CFD: 28/05/2011 - 20:37:44 - [0] ----D- C:\Users\\AppData\Local\{96A7A0BE-2324-4478-947C-4DA5484D9529} O43 - CFD: 30/06/2011 - 22:31:24 - [0] ----D- C:\Users\\AppData\Local\{9A2E9A3F-B82B-4547-BBF5-1620CA383BD9} O43 - CFD: 22/06/2011 - 22:05:20 - [0] ----D- C:\Users\\AppData\Local\{9A6CB2C5-3C4E-4BEA-B241-55CC71F897DE} O43 - CFD: 28/06/2011 - 00:30:38 - [0] ----D- C:\Users\\AppData\Local\{9FF288F8-CE31-4D1E-BF31-C5239321CE7A} O43 - CFD: 19/05/2011 - 06:59:04 - [0] ----D- C:\Users\\AppData\Local\{A0C7191D-670B-4B58-8841-042C771692DC} O43 - CFD: 16/07/2011 - 23:31:24 - [0] ----D- C:\Users\\AppData\Local\{A0E9EEAE-FAFE-4D97-A021-8ABE20982A45} O43 - CFD: 27/05/2011 - 02:31:56 - [0] ----D- C:\Users\\AppData\Local\{A1AD6C96-0757-4E26-B8F3-1A6CA15F6D30} O43 - CFD: 05/07/2011 - 13:36:08 - [0] ----D- C:\Users\\AppData\Local\{A33442AB-7EBA-4424-BD5A-527DFC260D3B} O43 - CFD: 22/06/2011 - 08:49:50 - [0] ----D- C:\Users\\AppData\Local\{A4250426-15C0-446C-8695-A836C8615159} O43 - CFD: 07/06/2011 - 14:37:10 - [0] ----D- C:\Users\\AppData\Local\{A788D04F-4980-4D83-9FE8-888EE8E0B1AD} O43 - CFD: 26/05/2011 - 00:25:24 - [0] ----D- C:\Users\\AppData\Local\{AAE79C5D-2134-4CBC-BE15-2F3C17271D9E} O43 - CFD: 27/05/2011 - 14:32:20 - [0] ----D- C:\Users\\AppData\Local\{AD373193-922A-4E06-B5E9-9AA7662201B4} O43 - CFD: 02/06/2011 - 14:15:36 - [0] ----D- C:\Users\\AppData\Local\{BCF9B87A-7C81-430F-A17A-6C7FFD59F4DE} O43 - CFD: 18/05/2011 - 13:49:20 - [0] ----D- C:\Users\\AppData\Local\{BD00329E-C45A-434A-8B55-357DF39EB589} O43 - CFD: 04/07/2011 - 23:36:58 - [0] ----D- C:\Users\\AppData\Local\{C34E039D-0857-4C62-9650-1B748FCF9610} O43 - CFD: 31/05/2011 - 08:52:02 - [0] ----D- C:\Users\\AppData\Local\{C3971C6E-6DC2-48A2-BBD8-B663EA53798D} O43 - CFD: 04/07/2011 - 11:36:20 - [0] ----D- C:\Users\\AppData\Local\{C3FE5818-C730-4676-8937-2BF5F7C56456} O43 - CFD: 12/05/2011 - 09:35:40 - [0] ----D- C:\Users\\AppData\Local\{C553400F-A52D-4951-ADDC-0279C8B335C6} O43 - CFD: 26/06/2011 - 09:57:54 - [0] ----D- C:\Users\\AppData\Local\{C6FEF6B6-5D96-4911-A553-03833175CB5A} O43 - CFD: 27/06/2011 - 12:30:00 - [0] ----D- C:\Users\\AppData\Local\{C70866EB-3EEB-4D65-B907-54A605A475AC} O43 - CFD: 24/05/2011 - 13:56:42 - [0] ----D- C:\Users\\AppData\Local\{CA158EAE-8C23-4182-A04C-85C03AFEFAAB} O43 - CFD: 25/06/2011 - 21:21:42 - [0] ----D- C:\Users\\AppData\Local\{CE6B5D25-03B1-453E-9C52-D8FCA9F2FB7C} O43 - CFD: 18/06/2011 - 21:29:30 - [0] ----D- C:\Users\\AppData\Local\{D7527272-5B28-49C8-A2C8-8E4928D4C1A2} O43 - CFD: 08/06/2011 - 20:51:46 - [0] ----D- C:\Users\\AppData\Local\{DB245E5F-FE04-4952-B501-E7B7D7337A40} O43 - CFD: 04/08/2011 - 15:26:46 - [0] ----D- C:\Users\\AppData\Local\{E0FB63F2-EF4B-4C56-B864-92AC06C854B2} O43 - CFD: 25/07/2011 - 13:24:24 - [0] ----D- C:\Users\\AppData\Local\{E1AB7B72-E164-4E8B-A9A7-697E2CEF3C61} O43 - CFD: 10/06/2011 - 10:01:12 - [0] ----D- C:\Users\\AppData\Local\{E733D2DD-0DF5-4589-96CD-21A0D41F3323} O43 - CFD: 04/06/2011 - 21:09:42 - [0] ----D- C:\Users\\AppData\Local\{E8533E58-5506-4D75-B85A-042C591F5A57} O43 - CFD: 15/06/2011 - 13:53:50 - [0] ----D- C:\Users\\AppData\Local\{E9D2B3ED-5E01-4437-9B92-DBDA08EB67DE} O43 - CFD: 06/07/2011 - 20:24:42 - [0] ----D- C:\Users\\AppData\Local\{EDAE0624-0466-4B18-A8F4-2AD2E5718840} O43 - CFD: 10/07/2011 - 13:56:02 - [0] ----D- C:\Users\\AppData\Local\{EE4997BC-B2A0-4AE2-975C-F9A5A305CD6A} O43 - CFD: 14/07/2011 - 10:25:30 - [0] ----D- C:\Users\\AppData\Local\{F03FF284-9FC3-43EE-831B-0C6836BEA670} O43 - CFD: 28/07/2011 - 19:58:04 - [0] ----D- C:\Users\\AppData\Local\{F1C9B4CD-B1C3-4336-80A2-6ED917BC686E} O43 - CFD: 28/05/2011 - 21:15:22 - [0] ----D- C:\Users\\AppData\Local\{F1E92FA6-32AA-4003-9E75-C0391AAF2143} O43 - CFD: 29/05/2011 - 09:30:06 - [0] ----D- C:\Users\\AppData\Local\{F2BB2603-D409-4195-B67A-2789195DF6BC} O43 - CFD: 28/06/2011 - 13:50:00 - [0] ----D- C:\Users\\AppData\Local\{F2FF8234-9284-4A5C-AFE5-1094C877EDD9} O43 - CFD: 02/06/2011 - 02:06:54 - [0] ----D- C:\Users\\AppData\Local\{F3B65D35-6D68-4FD7-BCF5-C4D47D5FFEC5} O43 - CFD: 20/07/2011 - 22:05:16 - [0] ----D- C:\Users\\AppData\Local\{F49F144A-2824-4883-9E5F-6D33F2D3F1F9} O43 - CFD: 15/05/2011 - 14:25:26 - [0] ----D- C:\Users\\AppData\Local\{F7C06365-53F1-41E4-9BA6-6615BBCA1308} O43 - CFD: 20/07/2011 - 07:53:56 - [0] ----D- C:\Users\\AppData\Local\{FCBD576E-122A-4072-99C5-E69FF191E001} O43 - CFD: 01/07/2011 - 10:32:00 - [0] ----D- C:\Users\\AppData\Local\{FE81143E-B9DB-4FAE-9175-205D174A7F6C} ~ Scan Program Folder in 00mn 01s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.85A00EDC92196ECBE40862E51CF81E05] - 07/08/2011 - 16:02:29 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1472638] O44 - LFC:[MD5.D74E3C688AA4F552EB9F55CB8EA67170] - 07/08/2011 - 11:38:30 ---A- . (...) -- C:\Windows\setupact.log [56] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 07/08/2011 - 11:38:30 ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.93288C2C9F9C5FF6A9427519743994AD] - 07/08/2011 - 11:38:29 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.0B131D5552B5ECCA3F816E8E7809F133] - 03/08/2011 - 14:05:48 --HA- . (...) -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [14080] O44 - LFC:[MD5.0B131D5552B5ECCA3F816E8E7809F133] - 03/08/2011 - 14:05:48 --HA- . (...) -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [14080] O44 - LFC:[MD5.0F8A7A53F11C7BAD599EA5891AC55264] - 03/08/2011 - 13:17:34 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1549700] O44 - LFC:[MD5.3F6A26D4AC03663D8AF5B3970071BBCE] - 03/08/2011 - 13:17:34 ---A- . (...) -- C:\Windows\system32\perfc009.dat [106388] O44 - LFC:[MD5.2738C7BB464C420FC65ECF94FBBC5087] - 03/08/2011 - 13:17:34 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [130754] O44 - LFC:[MD5.3A8D7207C36C9B4DE77459C9085B7E4E] - 03/08/2011 - 13:17:34 ---A- . (...) -- C:\Windows\system32\perfh009.dat [616008] O44 - LFC:[MD5.6CE10DC4886657A0C8E0F28E26437A06] - 03/08/2011 - 13:17:34 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [704480] O44 - LFC:[MD5.3D2BF16FD44FA459C528552A5B1C8C28] - 31/07/2011 - 17:43:50 ---A- . (...) -- C:\Windows\Retafte.bmp [9522] O44 - LFC:[MD5.A701BC7AFF242BECC7DC352FCB7A6DC2] - 13/07/2011 - 22:53:53 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [406456] ~ Scan Files in 00mn 16s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\system32\Drivers\Wdf01000.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\system32\Drivers\Wdf01000.sys ~ Scan CSB in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{4f687330-3e5e-11e0-8160-00247e1a2cc7}\AutoRun\command. (...) -- H:\SETUP.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"wdmaud.drv"="Pilote de fonction UAA 1.1 Microsoft pour High Definition Audio" . (...) -- (.not file.) ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (...) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\BCSSync [Key] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe O53 - SMSR:HKLM\...\startupreg\cacaoweb [Key] . (...) -- C:\Users\\AppData\Roaming\cacaoweb\cacaoweb.exe O53 - SMSR:HKLM\...\startupreg\DriverScanner [Key] . (...) -- C:\Program Files\Uniblue\DriverScanner\launcher.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O53 - SMSR:HKLM\...\startupreg\RESTART_STICKY_NOTES [Key] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O53 - SMSR:HKLM\...\startupreg\VirtualCloneDrive [Key] . (...) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (.not file.) ~ Scan SMSR Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.CC1F1D3D70DC13C2C281488D347D4415] - 13/05/2011 - 17:57:20 ---A- . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\system32\drivers\Accelerometer.sys [35896] O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 11/06/2009 - 03:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422976] O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 14/07/2009 - 03:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297552] O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 14/07/2009 - 03:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [146512] O58 - SDL:[MD5.7E10E3BB9B258AD8A9300F91214D67B9] - 11/06/2009 - 00:13:48 ---A- . (.LSI Corp - SoftModem Device Driver.) -- C:\Windows\system32\drivers\AGRSM.sys [1035776] O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 14/07/2009 - 03:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14400] O58 - SDL:[MD5.D320BF87125326F996D4904FE24300FC] - 28/04/2011 - 07:38:37 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [80256] O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 11/06/2009 - 03:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys [159312] O58 - SDL:[MD5.46387FB17B086D16DEA267D5BE23A2F2] - 28/04/2011 - 07:38:37 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [22400] O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 14/07/2009 - 03:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [76368] O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 14/07/2009 - 03:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [86608] O58 - SDL:[MD5.04F09923A393E4E0E8453A8F78361E73] - 18/08/2009 - 04:48:06 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [4994560] O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 12/04/2011 - 13:38:47 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [61960] O58 - SDL:[MD5.5FEDEF54757B34FB611B9EC8FB399364] - 12/04/2011 - 15:11:12 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [137656] O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 14/07/2009 - 00:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\system32\drivers\b57nd60x.sys [229888] O58 - SDL:[MD5.7CFD6D37ABA7006148ABBF4F629B2D2A] - 01/08/2011 - 23:41:02 ---A- . (.Blue Coat Systems, Inc. - K9 Web Protection Driver.) -- C:\Windows\system32\drivers\bckd.sys [86544] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 14/07/2009 - 00:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 14/07/2009 - 00:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 14/07/2009 - 02:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [272128] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 14/07/2009 - 00:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 14/07/2009 - 00:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 14/07/2009 - 00:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 11/06/2009 - 00:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys [430080] O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 14/07/2009 - 03:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [15952] O58 - SDL:[MD5.7DAD592A4D28092D584CFB4DEEF1373D] - 28/03/2011 - 08:38:54 ---A- . (.Hewlett-Packard Development Company, L.P. - HP Tablet PC Key Button HID Driver.) -- C:\Windows\system32\drivers\CPQBttn.sys [9344] O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 11/06/2009 - 03:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [70720] O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 11/06/2009 - 03:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [453712] O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 11/06/2009 - 00:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys [3100160] O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 14/07/2009 - 00:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [26624] O58 - SDL:[MD5.4EF10B866C62ABBEAF7511CDD05A19BE] - 13/05/2011 - 17:57:42 ---A- . (.Hewlett-Packard Company - HP Disk Filter - SATA/RAID.) -- C:\Windows\system32\drivers\hpdskflt.sys [25656] O58 - SDL:[MD5.1210960FF8928950D2A786895B0C424A] - 28/03/2011 - 07:46:54 ---A- . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\Windows\system32\drivers\HpqKbFiltr.sys [15872] O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 14/07/2009 - 03:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [67152] O58 - SDL:[MD5.D9D3F168A2FD4C2380D98821A3FF3357] - 28/03/2011 - 13:34:12 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [331288] O58 - SDL:[MD5.5CD5F9A5444E6CDCB0AC89BD62D8B76E] - 28/04/2011 - 07:38:51 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys [332160] O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 14/07/2009 - 03:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41040] O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 14/07/2009 - 03:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [95824] O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 14/07/2009 - 03:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89168] O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 14/07/2009 - 03:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [54864] O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 14/07/2009 - 03:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96848] O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 11/04/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22712] O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 28/07/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [41272] O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 11/06/2009 - 03:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys [30800] O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 14/07/2009 - 03:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [235584] O58 - SDL:[MD5.5B2DFA9C5C02DDF2A113CC0F551B59DF] - 13/01/2010 - 17:36:40 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw5s32.sys [6755840] O58 - SDL:[MD5.58218EC6B61B1169CF54AAB0D00F5FE2] - 11/06/2009 - 00:02:51 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\netw5v32.sys [4231168] O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 14/07/2009 - 03:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [44624] O58 - SDL:[MD5.B3E25EE28883877076E0E1FF877D02E0] - 28/04/2011 - 07:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [117120] O58 - SDL:[MD5.4380E59A170D88C4F1022EFF6719A8A4] - 28/04/2011 - 07:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [143744] O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 11/06/2009 - 03:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1383488] O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 14/07/2009 - 03:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106064] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 14/07/2009 - 22:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 11/06/2009 - 03:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [40016] O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 14/07/2009 - 03:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [77888] O58 - SDL:[MD5.AE625E8A3608537E701CE45874A0842E] - 28/03/2011 - 09:44:48 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\system32\drivers\sncduvc.sys [34096] O58 - SDL:[MD5.44EDD50D218EF1CF76FBF9B9FC58F79D] - 28/03/2011 - 09:45:34 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\system32\drivers\snp2uvc.sys [1805872] O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 12/04/2011 - 13:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520] O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 03:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [21072] O58 - SDL:[MD5.1DE40024679CDE0E573465253519730E] - 28/03/2011 - 16:33:04 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [213680] O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 14/07/2009 - 03:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [16976] O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 11/06/2009 - 03:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [141904] O58 - SDL:[MD5.B07C5B7EFDF936FF93D4F540938725BE] - 14/07/2009 - 00:02:53 ---A- . (.Marvell - Pilote Miniport pour contrôleur Ethernet Marvell Yukon..) -- C:\Windows\system32\drivers\yk62x86.sys [311296] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 14/07/2009 - 23:40:41 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 14/07/2009 - 23:40:44 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 14/07/2009 - 23:40:40 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 14/07/2009 - 23:40:43 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 14/07/2009 - 23:40:43 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 14/07/2009 - 23:40:23 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 14/07/2009 - 23:40:31 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 14/07/2009 - 23:40:35 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 14/07/2009 - 23:40:39 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 14/07/2009 - 23:40:27 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 14/07/2009 - 23:40:11 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 14/07/2009 - 23:40:15 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 14/07/2009 - 23:40:17 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 14/07/2009 - 23:40:19 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 14/07/2009 - 23:40:13 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] ~ Scan Drivers in 00mn 06s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: RSIT - (.random/random.) ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 04/03/2011 - C:\Windows\system32\DRIVERS\avgntflt.sys - No object(No service) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 04/03/2011 - C:\Windows\system32\DRIVERS\avipbb.sys - No object(No service) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - 10/06/2011 - C:\Windows\system32\drivers\bckd.sys - No object(No service) .(.Blue Coat Systems, Inc. - K9 Web Protection Driver.) - LEGACY_BCKD O64 - Services: CurCS - 17/06/2010 - C:\Windows\system32\DRIVERS\ssmdrv.sys - No object(No service) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV ~ Scan Services in 00mn 01s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {0D7562AE-8EF6-416d-A838-AB665251703A} - (Facemoods Search) - Facemoods Search ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.5095D657B76B7F782A9F626273170A79] [sPRF][22/02/2011] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.2 r152.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2871968] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "TCP Query User{835A79C7-035B-4FC4-8390-5DC6947389EA}C:\program files\java\jre6\bin\java.exe" | In - Public - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\java.exe O87 - FAEL: "UDP Query User{56C84E47-F399-46F6-8841-CFB0A0C997B5}C:\program files\java\jre6\bin\java.exe" | In - Public - P17 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\java.exe O87 - FAEL: "TCP Query User{3120A575-D6F5-4C3C-A679-C4E609781123}C:\program files\java\jre6\bin\javaw.exe" | In - Public - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe O87 - FAEL: "UDP Query User{B460F4BA-638F-42B8-8F9E-9FC226E3BF05}C:\program files\java\jre6\bin\javaw.exe" | In - Public - P17 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe O87 - FAEL: "TCP Query User{E4B8DC0F-AE0F-4F80-BEFC-551B87E7B5A4}C:\users\\appdata\local\google\chrome\application\chrome.exe" | In - Public - P6 - TRUE | .(.Google Inc..) -- C:\users\ \appdata\local\google\chrome\application\chrome.exe O87 - FAEL: "UDP Query User{07758511-A874-4201-95EB-DD7265CD7C9F}C:\users\\appdata\local\google\chrome\application\chrome.exe" | In - Public - P17 - TRUE | .(.Google Inc..) -- C:\users\\appdata\local\google\chrome\application\chrome.exe ~ Scan Firewall in 00mn 01s ---\\ Scan Additionnel (O88) Database Version : 8584 - (05/08/2011) Clés trouvées (Keys found) : 4 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 6 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}] =>Toolbar.Facemood [HKLM\Software\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}] =>Toolbar.Facemood [HKCU\Software\cacaoweb] =>PUP.CacaoWeb [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb] =>PUP.CacaoWeb C:\Program Files\Common Files\Nosibay =>Adware.SPointer C:\ProgramData\Babylon =>Toolbar.Babylon C:\Users\\AppData\Roaming\Babylon =>Toolbar.Babylon C:\Users\\AppData\Roaming\cacaoweb =>PUP.CacaoWeb C:\Users\\AppData\Local\Babylon =>Toolbar.Babylon ~ Scan Additionnel in 00mn 08s ---\\ Recherche détournement de DNS routeur (O89) Serveur : mp202.home Address: 10.100.102.1 Nom : www.l.google.com Addresses: 74.125.39.106 74.125.39.103 74.125.39.147 74.125.39.99 74.125.39.104 74.125.39.105 Aliases: www.google.fr www.google.com ~ Scan DNS in 00mn 03s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 21/06/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 18/08/2009 176128 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe SR - | Auto 12/04/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 12/04/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 01/08/2011 1575184 | (bckwfs) . (.Blue Coat Systems, Inc..) - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe SR - | Auto 28/03/2011 228408 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe SR - | Demand 28/03/2011 229944 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe SR - | Auto 13/05/2011 26168 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\system32\Hpservice.exe SR - | Auto 28/03/2011 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ~ Scan Services in 00mn 04s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover ~ Scan MBR in 00mn 06s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by at 07/08/2011 17:52:09 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 08s End of the scan (1117 lines in 00mn 53s)(0)

salut voici les symptomes : pc portable lenteur + rond de recherche qui s'affiche en permanence je ne sais pas dire si c'est que la connexion internet ou tout le pc je le sens un peu chaud dessous utilisation de l'uc anormalement elevée + firefox 120 Meg pr un ou 2 onglets ouverts ..... test complet antiviR ok AD-Remover aussi effectué avant de fouiller + loin je joins le hijack (que je ne sais pas lire) merci davance Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:14:39, on 12/04/2011 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: setuprog Toolbar - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\prxtbSet0.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: setuprog - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\prxtbSet0.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: setuprog Toolbar - {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files\Setuprog\prxtbSet0.dll O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\M.......\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- End of file - 5378 bytes

salut j'obtiens uniquement les favoris par défaut (sites publics ....) de + j'ai des favoris sur firefox et sur chrome.... donc je suppose qu'ils ne doivent pas être tous ensemble a+