arnold30
-
Compteur de contenus
22 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Messages posté(e)s par arnold30
-
-
Bonjour Pear,
Le Programme OTM à la fermeture n'a jamais voulu répondre. j'ai donc fait un redémarrage de mon PC.
J'ai constaté que les deux clés de registre avaient bien été supprimées, mais le dossier C:\_OTM\MovedFiles est vide.
Le malware a bien été supprimé. merci pour votre patience et votre aide.
-
Voici le Rapport SEAFlog.txt
-
Bonjour Pear,
j'ai fait le nécessaire suivant vos instructions. Voici le rapport ZHPFix. Sauf erreur de ma part, il semblerait que ce problème ne soit pas résolu.
-
Bonjour Pear,
Il reste un problème non résolu. Dans les moteurs de recherche IE il y a toujours un module "Protected Search" état par défaut qui semble générer un Spyware.ProtectedSearch.
Vous trouverez ci-joint le Tableau des moteurs de recherche IE de mon système ainsi qu'un nouveau rapport zhpdiag.
Merci d'avance pour votre aide.
-
Bonjour Pear,
Je ne me mélange pas les pinceaux. J'ai fait un copier/coller des différents rapports et au moment ou j'ai envoyé mon message, j'ai eu des coupures sur Internet.
c'est pour cela certainement que les fichiers sont incomplets!
Désolé, j'essaie de vous transmettre à nouveau mes rapports.
© CJoint.com, 2012 © CJoint.com, 2012
-
Bonsoir Pear,
J'ai suivi vos instructions sans rencontrer de problème.
Voici les différents rapports.
Merci de me tenir au courant.# AdwCleaner v2.301 - Rapport créé le 24/05/2013 à 17:06:15
# Mis à jour le 16/05/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Utilisateur - UTILISATEUR-PC
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\Utilisateur\Documents\adwcleaner.exe
# Option [Recherche]
***** [services] *****
***** [Fichiers / Dossiers] *****
***** [Registre] *****
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Présente : HKU\S-1-5-21-3560021713-929230594-2555399937-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
***** [Navigateurs] *****
-\\ Internet Explorer v10.0.9200.16576
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v21.0 (fr)
Fichier : C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\zg6l4yp6.default\prefs.js
[OK] Le fichier ne contient aucune entrée illégitime.# AdwCleaner v2.301 - Rapport créé le 24/05/2013 à 17:06:15
# Mis à jour le 16/05/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Utilisateur - UTILISATEUR-PC
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\Utilisateur\Documents\adwcleaner.exe
# Option [Recherche]
***** [services] *****
***** [Fichiers / Dossiers] *****
***** [Registre] *****
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Présente : HKU\S-1-5-21-3560021713-929230594-2555399937-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
***** [Navigateurs] *****
-\\ Internet Explorer v10.0.9200.16576
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v21.0 (fr)
Fichier : C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\zg6l4yp6.default\prefs.js
[OK] Le fichier ne contient aucune entrée illégitime.
-\\ Google Chrome v27.0.1453.94
Fichier : C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[R34].txt - [1365 octets] - [24/05/2013 17:06:15]
########## EOF - C:\AdwCleaner[R34].txt - [1426 octets] ##########
-\\ Google Chrome v27.0.1453.94~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Utilisateur on 24/05/2013 at 17:30:35,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\pc1data"
Successfully deleted: [Folder] "C:\Users\Utilisateur\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Utilisateur\AppData\Roaming\pcpro"
Successfully deleted: [Folder] "C:\Users\Utilisateur\AppData\Roaming\systweak"
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{1FF4A3E8-7D19-4C07-A401-9C12C5AC62C5}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{27C92C6F-0986-4C16-8412-CA93507C9E25}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{29B8C398-549B-49F5-B591-DE7EB890B854}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{2A593E55-373B-44DF-9729-881BADD37D44}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{31311169-80AD-4DE3-A437-0329EB5224DC}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{38C61F51-8CA9-4CD0-9F52-E85F30A4828B}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{4057AB9D-98DC-4362-8D22-6194C6E1CB7D}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{42B85DB2-02D9-41F3-958C-25250D0BE594}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{44020A60-0DA9-439E-AA0A-E1E62059A9C0}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{455082DE-F2AE-41D8-B6F7-8F39D0C4BCAC}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{65645549-4F69-41A4-B2C9-E51F4F0A2395}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{67B7EF93-26DE-462C-A79E-6645B5DA6E7E}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{6BC80C93-C948-43B3-9CDE-EBAA2D6BE41C}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{71057F20-DF12-4EC0-AE6D-B1EF7DE6BEAC}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{73C21C8F-54E7-4595-ADCE-42F4C8C291D2}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{78A77218-F07A-4150-BC95-E90FB0BB0B0F}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{8635A56F-33F8-48D8-84CD-B5D9FE3F48A8}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{8C40455C-10E9-4C49-9165-DE43E7EB04D7}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{92F87659-563E-4A66-BD44-A2FE9AC6CE7A}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{96E9C5B4-8E9F-49DC-BE13-BF2122248215}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{A960EA83-927E-4F1C-905C-3E0055582F40}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{AB2A862B-E833-4B83-97AE-532AFCB1A46A}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{B322F4A1-2134-494E-B559-0D22A8BEBDC1}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{C1077043-5F43-41F5-AAA8-AE7D88D59443}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{D5AA200E-4A07-42AD-9D9A-1F859D4E6040}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{D648B9C8-6AE9-4C5C-BF6C-B8CAC1B48709}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{EB436A96-67C5-4912-BB72-4F378F1044B2}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{FA9D67ED-BB3A-4A00-A0D4-EDAE3562108A}
Successfully deleted: [Empty Folder] C:\Users\Utilisateur\appdata\local\{FBD9D85D-8F55-4C9C-B266-0410CFFA2231}
~~~ Event Viewer Logs were cleared
Rapport de ZHPFix 2013.5.24.2 par Nicolas Coolman, Update du 24/05/2013
Fichier d'export Registre :
Run by Utilisateur at 24/05/2013 18:30:18
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Corbeille vidée
========== Clé(s) du Registre ==========
ERREUR Key****: SearchScopes :{0D845BFC-85B0-4F6C-B107-98864459E9A7}
SUPPRIME Driver Key: HWiNFO32
SUPPRIME Key: Service: McComponentHostService
ERREUR Key****: SearchScopes :{95B7759C-8C7F-4BF1-B163-73684A933233}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{990D3307-4843-4315-B324-342F3D814D1E}
SUPPRIME Key: HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
========== Valeur(s) du Registre ==========
ABSENT URLSearchHook: {9e96c0cd-a901-4032-9236-0e4a264aeee4}
ABSENT Valeur Standard Profile: FirewallRaz :
ABSENT Valeur Domain Profile: FirewallRaz :
SUPPRIME FirewallRaz (Private) : {05D50FC5-7B05-491C-9677-BF8DFB404608}
SUPPRIME FirewallRaz (Private) : {06ED3070-2DEC-40D1-8970-48E880D95BF1}
SUPPRIME FirewallRaz (Public) : {0A201B97-EFF7-47A5-BC16-AB63386DB0B8}
SUPPRIME FirewallRaz (Public) : {AF8232CC-1B15-42F8-9A26-BDE55263DB4B}
ProxyFix : Configuration proxy supprimée avec succès
SUPPRIME ProxyServer Value
SUPPRIME ProxyEnable Value
SUPPRIME EnableHttp1_1 Value
SUPPRIME ProxyHttp1.1 Value
SUPPRIME ProxyOverride Value
========== Dossier(s) ==========
Aucun dossiers CLSID Local utilisateur vide
========== Fichier(s) ==========
SUPPRIME File: c:\windows\prefetch\wisediskcleaner.exe-c5b09b73.pf
SUPPRIME File: c:\users\utilisateur\desktop\hwinfo64 program.lnk
ABSENT File: c:\program files (x86)\hwinfo64\hwinfo64.exe
SUPPRIME File: c:\windows\prefetch\oalinst.exe-77b1e6de.pf
SUPPRIME File: c:\windows\prefetch\taskschedule.exe-f9df18ad.pf
SUPPRIME File: c:\windows\prefetch\iwsimf.exe-acbd52d0.pf
SUPPRIME File: c:\windows\prefetch\diskscan.exe-4110b52c.pf
SUPPRIME File: c:\windows\prefetch\drivermax.exe-0eeb5770.pf
SUPPRIME File: c:\program files (x86)\mcafee security scan\3.0.318\mcchsvc.exe
SUPPRIME File: c:\users\utilisateur\appdata\local\google\toolbar cache\7.4.3607.2246\fr\translate_element.js.content
SUPPRIME File: c:\users\utilisateur\appdata\local\google\toolbar cache\7.4.3607.2246\fr\translate_languages.json.content
SUPPRIME Flash Cookies
SUPPRIME Temporaires Windows
========== Tache planifiée ==========
SUPPRIME Task: {0507CA3D-188F-4F7D-9718-6438901BB569}
SUPPRIME Task: {B28DB8E5-54B1-4F85-9CA4-638590B9E932}
========== Restauration Système ==========
Point de restauration du système créé avec succès
========== Autre ==========
NON TRAITE McAfee Security Scan Plus v3.0.318.3
========== Récapitulatif ==========
6 : Clé(s) du Registre
13 : Valeur(s) du Registre
1 : Dossier(s)
13 : Fichier(s)
2 : Tache planifiée
1 : Restauration Système
1 : Autre
End of clean in 00mn 13s
========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R10].txt - 12/02/2013 18:06:41 [2469]
C:\ZHP\ZHPFix[R11].txt - 12/02/2013 10:21:01 [1287]
C:\ZHP\ZHPFix[R12].txt - 12/02/2013 10:22:54 [1322]
C:\ZHP\ZHPFix[R13].txt - 12/02/2013 10:26:57 [1381]
C:\ZHP\ZHPFix[R14].txt - 12/02/2013 14:17:41 [1446]
C:\ZHP\ZHPFix[R15].txt - 12/02/2013 14:36:42 [1481]
C:\ZHP\ZHPFix[R16].txt - 12/02/2013 18:17:40 [1517]
C:\ZHP\ZHPFix[R17].txt - 12/02/2013 18:26:19 [3957]
C:\ZHP\ZHPFix[R18].txt - 12/02/2013 15:51:26 [2114]
C:\ZHP\ZHPFix[R19].txt - 12/02/2013 16:00:42 [1901]
C:\ZHP\ZHPFix[R1].txt - 12/02/2013 18:29:06 [754]
C:\ZHP\ZHPFix[R20].txt - 12/02/2013 16:23:55 [1941]
C:\ZHP\ZHPFix[R21].txt - 12/02/2013 17:00:28 [1598]
C:\ZHP\ZHPFix[R22].txt - 12/02/2013 18:22:18 [1651]
C:\ZHP\ZHPFix[R23].txt - 12/02/2013 11:29:20 [1887]
C:\ZHP\ZHPFix[R24].txt - 12/02/2013 18:45:31 [3661]
C:\ZHP\ZHPFix[R25].txt - 12/02/2013 16:49:23 [3864]
C:\ZHP\ZHPFix[R26].txt - 12/02/2013 17:30:42 [2217]
C:\ZHP\ZHPFix[R27].txt - 12/02/2013 14:32:07 [1924]
C:\ZHP\ZHPFix[R28].txt - 18/02/2013 10:02:27 [2097]
C:\ZHP\ZHPFix[R29].txt - 18/02/2013 15:55:53 [2830]
C:\ZHP\ZHPFix[R2].txt - 12/02/2013 18:49:33 [802]
C:\ZHP\ZHPFix[R30].txt - 23/02/2013 15:42:20 [12120]
C:\ZHP\ZHPFix[R31].txt - 19/03/2013 12:03:29 [2715]
C:\ZHP\ZHPFix[R32].txt - 20/04/2013 09:19:50 [2327]
C:\ZHP\ZHPFix[R33].txt - 07/05/2013 14:37:07 [3750]
C:\ZHP\ZHPFix[R34].txt - 07/05/2013 15:21:04 [2294]
C:\ZHP\ZHPFix[R35].txt - 15/05/2013 16:05:12 [2366]
C:\ZHP\ZHPFix[R36].txt - 18/05/2013 14:55:36 [2540]
C:\ZHP\ZHPFix[R37].txt - 18/05/2013 15:15:09 [2472]
C:\ZHP\ZHPFix[R38].txt - 19/05/2013 18:03:29 [2508]
C:\ZHP\ZHPFix[R3].txt - 12/02/2013 14:52:59 [853]
C:\ZHP\ZHPFix[R4].txt - 12/02/2013 10:21:26 [994]
C:\ZHP\ZHPFix[R5].txt - 12/02/2013 17:49:00 [955]
C:\ZHP\ZHPFix[R6].txt - 12/02/2013 15:16:37 [1190]
C:\ZHP\ZHPFix[R7].txt - 12/02/2013 18:01:02 [1059]
C:\ZHP\ZHPFix[R8].txt - 12/02/2013 18:03:18 [3715]
C:\ZHP\ZHPFix[R9].txt - 12/02/2013 18:04:37 [1424]
C:\ZHP\ZHPFix[R39].txt - 24/05/2013 18:30:18 [5041]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24/05/2013 at 17:39:40,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fichier : C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[R34].txt - [1365 octets] - [24/05/2013 17:06:15]
########## EOF - C:\AdwCleaner[R34].txt - [1426 octets] ##########
-
-
Bonjour,
Dans la liste de mes moteurs de recherche, s'affiche un moteur anormal "Protected Search" état par défaut . Ce moteur s'est introduit à mon insu. J'utilise habituellement Google par défaut (qui ne peut d'ailleurs s'enregistrer au niveau des options générales d'IE).
J'ai essayé de supprimer dans l'affichage du tableau les moteurs dont je n'ai pas d'utilité, mais après déconnection et reconnexion à internet explorer, ils s'affichent tous à nouveau. J'ai vérifié dans mes programmes si je trouvais un programme douteux relatif à protected search. Il n'y en a aucun.
J'ai lancé un diagnostic complet de mon Système à l'aide de ZHP Diag. Effectivement, le rapport indique qu'il y a des malwares.
Pourriez- vous m'indiquer la marche à suivre pour résoudre tous ces problèmes?
Mon Système fonctionne sous Windows 7 édition Familiale Premium pack 1 64bits, IE 10, mémoire 4G0, disque dur SATA 500Go, Antivirus gratuit Avast. L'ensemble fonctionne bien actuellement. Dans la liste de mes moteurs de recherche, s'affiche un moteur anormal "Protected Search" état par défaut . Ce moteur s'est introduit à mon insu. J'utilise habituellement Google par défaut (qui ne peut d'ailleurs s'enregistrer au niveau des options générales d'IE).
J'ai essayé de supprimer dans l'affichage du tableau les moteurs dont je n'ai pas d'utilité, mais après déconnection et reconnexion à internet explorer, ils s'affichent tous à nouveau. J'ai vérifié dans mes programmes si je trouvais un programme douteux relatif à protected search. Il n'y en a aucun.
J'ai lancé un diagnostic complet de mon Système à l'aide de ZHP Diag. Effectivement, le rapport indique qu'il y a des malwares.
Pourriez- vous m'indiquer la marche à suivre pour résoudre tous ces problèmes?
Mon Système fonctionne sous Windows 7 édition Familiale Premium pack 1 64bits, IE 10, mémoire 4G0, disque dur SATA 500Go, Antivirus gratuit Avast. L'ensemble fonctionne bien actuellement.
Pourriez-vous m'indiquer comment vous transmettre le rapport d'analyse du programme ZHP Diag ainsi que la liste de mes moteurs de recherche?
Merci d'avance
-
Bonjour Bleuet,
J'ai été absent plusieurs jours et je ne sais plus si je t'avais adressé le lien du rapport de Getsysteminfo.
Je te l'envoie à nouveau.
Bon week-end.
- Brazilian - Dutch - English - Estonian - French - German - Hongarian - Italian - Polish - Portuguese - Russian - Simplified Chinese - Spanish - Turkish
- French
- Brazilian
- Dutch
- English
- Estonian - French
- German
- Hongarian
- Italian
- Polish
- Portuguese
- Russian
- Simplified Chinese
- Spanish
- TurkishDefaultBlackAnitchkaHalloweenChristmasDefaultDefaultBlackAnitchkaHalloweenChristmas
Se connecter (Mot de passe perdu ?)Créez un compte (Gratuit et rapide)ForumNote des versions
InstructionsSuivez le guide (Anglais)Téléchargement
Félicitations !
Votre rapport a été créé avec succès!
Vous pouvez le faire analyser par des spécialistes en partageant le lien suivant:
Si vous souhaitez l'analyser vous-même (pour les experts uniquement), cliquez ici
Copyright © 2006 - 2011 GetSystemInfo.com.
All rights reserved.
-
Bonjour Bleuet,
Tu trouveras ci-joint le lien concernant GetSystemInfo.
Bon Week-end.
Je t - Brazilian - Dutch - English - Estonian - French - German - Hongarian - Italian - Polish - Portuguese - Russian - Simplified Chinese - Spanish - Turkish
- French - Brazilian - Dutch - English - Estonian - French - German - Hongarian - Italian - Polish - Portuguese - Russian - Simplified Chinese - Spanish - TurkishDefaultBlackAnitchkaHalloweenChristmasDefaultDefaultBlackAnitchkaHalloweenChristmasSe connecter (Mot de passe perdu ?)Créez un compte (Gratuit et rapide)ForumNote des versions
InstructionsSuivez le guide (Anglais)Téléchargement
Félicitations ! Votre rapport a été créé avec succès!
Vous pouvez le faire analyser par des spécialistes en partageant le lien suivant:
Si vous souhaitez l'analyser vous-même (pour les experts uniquement), cliquez ici
Copyright © 2006 - 2011 GetSystemInfo.com.
All rights reserved.
-
VT Community Sign in ▼ My account ▼ Sign outSigning out...
Languages ▼ VirusTotal's website has changed, we need new translations, do you feel like helping the community?info@virustotal.comSign in to VT CommunitySafety ratings and user comments (disinfection, in-the-wild locations, reverse engineering reports, etc.) on malware and URLs, free and easy.
emailpassword Keep me logged inSign in Signing in, please wait...
Login failed, please try againForgot your password?Create an accountEdit my profile
Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware. File name: PhysicalDisk0_MBR.bin
Submission date: 2011-09-09 09:29:10 (UTC)
Current status: queuedqueuedanalysingfinished
Result: 0/ 44 (0.0%)VT Community
not reviewed
Safety score: - CompactPrint resultsAntivirusVersionLast UpdateResultAhnLab-V32011.09.09.002011.09.09-AntiVir7.11.14.1532011.09.09-Antiy-AVL2.0.3.72011.09.09-Avast4.8.1351.02011.09.08-Avast55.0.677.02011.09.08-AVG10.0.0.11902011.09.09-BitDefender7.22011.09.09-ByteHero1.0.0.12011.08.22-CAT-QuickHeal11.002011.09.09-ClamAV0.97.0.02011.09.09-Commtouch5.3.2.62011.09.09-Comodo100432011.09.08-DrWeb5.0.2.033002011.09.09-Emsisoft5.1.0.112011.09.09-eSafe7.0.17.02011.09.07-eTrust-Vet36.1.85482011.09.09-F-Prot4.6.2.1172011.09.09-F-Secure9.0.16440.02011.09.09-Fortinet4.3.370.02011.09.09-GData222011.09.09-IkarusT3.1.1.107.02011.09.09-Jiangmin13.0.9002011.09.08-K7AntiVirus9.112.51082011.09.08-Kaspersky9.0.0.8372011.09.09-McAfee5.400.0.11582011.09.09-McAfee-GW-Edition2010.1D2011.09.08-Microsoft1.76042011.09.09-NOD3264482011.09.09-Norman6.07.112011.09.08-nProtect2011-09-09.012011.09.09-Panda10.0.3.52011.09.08-PCTools8.0.0.52011.09.09-Prevx3.02011.09.09-Rising23.74.03.032011.09.09-Sophos4.69.02011.09.09-SUPERAntiSpyware4.40.0.10062011.09.09-Symantec20111.2.0.822011.09.09-TheHacker6.7.0.1.2912011.09.08-TrendMicro9.500.0.10082011.09.06-TrendMicro-HouseCall9.500.0.10082011.09.09-VBA323.12.16.42011.09.08-VIPRE104172011.09.09-ViRobot2011.9.9.46652011.09.09-VirusBuster14.0.204.12011.09.08-Additional informationShow allMD5 : 02cd129ac83ce2c001abbfc01887dc73SHA1 : 7b833cab3a41c1878c52c88f55fdcfdf10911382SHA256: a946046239bc532dc415b4f6c0d8baf4d8c77a5e60248ac7d0d7a7cbcdc05defssdeep: 6:GHcimqQ0hFlc1tWZVLTqvFh226ALwPr0w2ZnRIyFT06pxJtAKCFWHWLLGAKCFWf1:cdm6lc1E
BclMPAlBvyStYcWLTCL6qFile size : 512 bytesFirst seen: 2011-09-09 08:18:17Last seen : 2011-09-09 09:29:10TrID:
Unknown!sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
VT Community
0
Thisfile hasnever been reviewed by any VT Community member. Be the first one to comment on it!VirusTotal TeamAdd your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?
You can add basic styles to your comments using the following accepted bbcode tags:
text -- bold
text -- italics
text -- underline
text -- strikethrough
text
-- preformatted text
You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for. GoodwareMalwareSpam attachment/link
P2P downloadPropagating via IMNetwork worm
Drive-by-download
Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.
Preview commentEdit commentPost comment Posting comment...
Comment successfully posted ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
VirusTotal © Hispasec Sistemas - [/url] Blog - Twitter - Contact: info@virustotal.com - TOS & Privacy PolicyBonjour Bleuet,
Tu trouveras ci-joint le Rapport de VirusTotal.VT Community Sign in ▼ My account ▼ Sign outSigning out...
Languages ▼ VirusTotal's website has changed, we need new translations, do you feel like helping the community?info@virustotal.comSign in to VT CommunitySafety ratings and user comments (disinfection, in-the-wild locations, reverse engineering reports, etc.) on malware and URLs, free and easy.
emailpassword Keep me logged inSign in Signing in, please wait...
Login failed, please try againForgot your password?Create an accountEdit my profileVirustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware. File name: PhysicalDisk0_MBR.bin
Submission date: 2011-09-09 08:18:17 (UTC)
Safety score: - CompactPrint resultsAntivirusVersionLast UpdateResultAhnLab-V32011.09.09.002011.09.09-AntiVir7.11.14.1522011.09.08-Antiy-AVL2.0.3.72011.09.09-Avast4.8.1351.02011.09.08-Avast55.0.677.02011.09.08-AVG10.0.0.11902011.09.09-BitDefender7.22011.09.09-ByteHero1.0.0.12011.09.01-CAT-QuickHealNone2011.09.09-ClamAV0.97.0.02011.09.09-Commtouch5.3.2.62011.09.09-Comodo100432011.09.08-DrWeb5.0.2.033002011.09.09-Emsisoft5.1.0.112011.09.09-eSafe7.0.17.02011.09.07-eTrust-Vet36.1.85472011.09.08-F-Prot4.6.2.1172011.09.09-F-Secure9.0.16440.02011.09.09-Fortinet4.3.370.02011.09.09-GData222011.09.09-IkarusT3.1.1.107.02011.09.09-Jiangmin13.0.9002011.09.08-K7AntiVirus9.112.51082011.09.08-Kaspersky9.0.0.8372011.09.09-McAfee5.400.0.11582011.09.09-McAfee-GW-Edition2010.1D2011.09.08-Microsoft1.76042011.09.09-NOD3264482011.09.09-Norman6.07.112011.09.08-nProtect2011-09-09.012011.09.09-Panda10.0.3.52011.09.08-PCTools8.0.0.52011.09.09-Prevx3.02011.09.09-Rising23.74.03.032011.09.09-Sophos4.69.02011.09.09-SUPERAntiSpyware4.40.0.10062011.09.09-Symantec20111.2.0.822011.09.09-TheHacker6.7.0.1.2912011.09.08-TrendMicro9.500.0.10082011.09.06-TrendMicro-HouseCall9.500.0.10082011.09.09-VBA323.12.16.42011.09.08-VIPRE104172011.09.09-ViRobot2011.9.9.46642011.09.09-VirusBuster14.0.204.12011.09.08-Additional informationShow allMD5 : 02cd129ac83ce2c001abbfc01887dc73SHA1 : 7b833cab3a41c1878c52c88f55fdcfdf10911382SHA256: a946046239bc532dc415b4f6c0d8baf4d8c77a5e60248ac7d0d7a7cbcdc05defssdeep: 6:GHcimqQ0hFlc1tWZVLTqvFh226ALwPr0w2ZnRIyFT06pxJtAKCFWHWLLGAKCFWf1:cdm6lc1E
BclMPAlBvyStYcWLTCL6qFile size : 512 bytesFirst seen: 2011-09-09 08:18:17Last seen : 2011-09-09 08:18:17Magic: x86 boot sector; partition 1: ID=0x7, active, starthead 32, startsector 2048, 204800 sectors; partition 2: ID=0x7, starthead 223, startsector 206848, 976564224 sectorsTrID:
VirusTotal TeamAdd your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?
You can add basic styles to your comments using the following accepted bbcode tags:
text
You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for. GoodwareMalwareSpam attachment/link
P2P downloadPropagating via IMNetwork worm
Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.
Preview commentEdit commentPost comment Posting comment...
Comment successfully posted ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
VirusTotal © Hispasec Sistemas - Blog - Twitter - Contact: info@virustotal.com - TOS & Privacy Policy
-
Bonjour Bleuet,
Tu trouveras ci-joint le Rapport de VirusTotal
VT Community Sign in ▼ My account ▼ Sign outSigning out...
Languages ▼ VirusTotal's website has changed, we need new translations, do you feel like helping the community?info@virustotal.comSign in to VT CommunitySafety ratings and user comments (disinfection, in-the-wild locations, reverse engineering reports, etc.) on malware and URLs, free and easy.
emailpassword Keep me logged inSign in Signing in, please wait...
Login failed, please try againForgot your password?Create an accountEdit my profileVirustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware. File name: PhysicalDisk0_MBR.bin
Submission date: 2011-09-09 08:18:17 (UTC)
Current status: finished
Result: 0/44 (0.0%)
VT Community
not reviewed
Safety score: - CompactPrint resultsAntivirusVersionLast UpdateResultAhnLab-V32011.09.09.002011.09.09-AntiVir7.11.14.1522011.09.08-Antiy-AVL2.0.3.72011.09.09-Avast4.8.1351.02011.09.08-Avast55.0.677.02011.09.08-AVG10.0.0.11902011.09.09-BitDefender7.22011.09.09-ByteHero1.0.0.12011.09.01-CAT-QuickHealNone2011.09.09-ClamAV0.97.0.02011.09.09-Commtouch5.3.2.62011.09.09-Comodo100432011.09.08-DrWeb5.0.2.033002011.09.09-Emsisoft5.1.0.112011.09.09-eSafe7.0.17.02011.09.07-eTrust-Vet36.1.85472011.09.08-F-Prot4.6.2.1172011.09.09-F-Secure9.0.16440.02011.09.09-Fortinet4.3.370.02011.09.09-GData222011.09.09-IkarusT3.1.1.107.02011.09.09-Jiangmin13.0.9002011.09.08-K7AntiVirus9.112.51082011.09.08-Kaspersky9.0.0.8372011.09.09-McAfee5.400.0.11582011.09.09-McAfee-GW-Edition2010.1D2011.09.08-Microsoft1.76042011.09.09-NOD3264482011.09.09-Norman6.07.112011.09.08-nProtect2011-09-09.012011.09.09-Panda10.0.3.52011.09.08-PCTools8.0.0.52011.09.09-Prevx3.02011.09.09-Rising23.74.03.032011.09.09-Sophos4.69.02011.09.09-SUPERAntiSpyware4.40.0.10062011.09.09-Symantec20111.2.0.822011.09.09-TheHacker6.7.0.1.2912011.09.08-TrendMicro9.500.0.10082011.09.06-TrendMicro-HouseCall9.500.0.10082011.09.09-VBA323.12.16.42011.09.08-VIPRE104172011.09.09-ViRobot2011.9.9.46642011.09.09-VirusBuster14.0.204.12011.09.08-Additional informationShow allMD5 : 02cd129ac83ce2c001abbfc01887dc73SHA1 : 7b833cab3a41c1878c52c88f55fdcfdf10911382SHA256: a946046239bc532dc415b4f6c0d8baf4d8c77a5e60248ac7d0d7a7cbcdc05defssdeep: 6:GHcimqQ0hFlc1tWZVLTqvFh226ALwPr0w2ZnRIyFT06pxJtAKCFWHWLLGAKCFWf1:cdm6lc1E
BclMPAlBvyStYcWLTCL6qFile size : 512 bytesFirst seen: 2011-09-09 08:18:17Last seen : 2011-09-09 08:18:17Magic: x86 boot sector; partition 1: ID=0x7, active, starthead 32, startsector 2048, 204800 sectors; partition 2: ID=0x7, starthead 223, startsector 206848, 976564224 sectorsTrID:
Unknown!sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD: -Androguard:
-ExifTool:
-
VT Community
0
Thisfile hasnever been reviewed by any VT Community member. Be the first one to comment on it!VirusTotal TeamAdd your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?
You can add basic styles to your comments using the following accepted bbcode tags:
text -- bold
text -- italics
text -- underline
text -- strikethrough
text
- preformatted text
You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for. GoodwareMalwareSpam attachment/link
P2P downloadPropagating via IMNetwork worm
Drive-by-download
Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.
Preview commentEdit commentPost comment Posting comment...
Comment successfully posted ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
VirusTotal © Hispasec Sistemas - Blog - Twitter - Contact: info@virustotal.com - TOS & Privacy Policy
-
-
Salut !
Et bien déjà mets ici ton rapport DIAG complet pour son analyse.Car ma boule cristal me fait la gueule et s'est mise en grève !
Comme tu l'as déjà installé (DIAG !), mets le à jours (si nécessaire) par la grosse flèche verte.
Bonne journée. bleuet[07/09/2011) ;)Rapport de ZHPDiag v1.28.1321 par Nicolas Coolman, Update du 09/08/2011
Run by Utilisateur at 08/09/2011 15:52:45
Web site : ZHPDiag Outil de diagnostic
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
MFIE: Mozilla Firefox 6.0.1 v6.0.1
---\\ Windows Product Information
Windows XP Home Edition Service Pack 2 (Build 2600)
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Genuine Adventage : KO
---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2012 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 425 GB (91%) free of 466 GB
---\\ Logged in mode
~ Computer Name: UTILISATEUR-PC
~ User Name: Utilisateur
~ All Users Names: Utilisateur, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Utilisateur\AppData\Roaming\
~ %Desktop% : C:\Users\Utilisateur\Desktop\
~ %Favorites% : C:\Users\Utilisateur\Favorites\
~ %LocalAppData% : C:\Users\Utilisateur\AppData\Local\
~ %StartMenu% : C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 425 Go of 466 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.16/07/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (....) (.14/07/2009 - 02:14:31.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]
[MD5.2C7332C222D1FE1FC57D622699A8C001] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/08/2011 - 03:48:26.) -- C:\Windows\system32\wininet.dll [1126912]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 22:29:06.) -- C:\Windows\system32\Winlogon.exe [286720]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584]
[MD5.81189C3D7763838E55C397759D49007A] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.16/07/2011 - 06:39:00.) -- C:\Windows\system32\drivers\ntfs.sys [1211264]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 22:29:24.) -- C:\Windows\system32\sppcomapi.dll [193536]
[MD5.129F80D7868E30DF3E3DE33A1D3132B4] - (....) (.21/11/2010 - 01:30:19.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/3
~ Mes Favoris (My Favorites) : 3/45
~ Mes Documents (My Documents) : 7/786
~ Mon Bureau (My Desktop) : 1/10
~ Menu demarrer (Programs) : 6/28
~ Scan Hidden Files in 00mn 00s
---\\ Processus lancés
[MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3493720]
[MD5.C81BE1B951C36E97D3DA90DA745DA5F7] - (.Hewlett-Packard Company - KBD EXE.) -- C:\HP\KBD\kbd.exe [61440]
[MD5.A40432BB46793F3A2AD42E6D23A8290F] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [252136]
[MD5.51D0B663036D3B1E165DAEF3F3D9592E] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [138008]
[MD5.41512BE016A84B94874149EB801CAA99] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [171288]
[MD5.E43FD1EFDA88447AB96F9A4EBCDD2AD7] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [172824]
[MD5.C97AF00F76E085680AE2B1A8FB00527D] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208]
[MD5.3588AFA5623BB8844F71F271A7A96669] - (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe [634368]
[MD5.01199AE166E4621C51D9963FA82C86B6] - (.IObit - Advanced SystemCare 4 Tray.) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe [417112]
[MD5.72DE9723E5203A5C5D284C6D001A1D14] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\Launcher\Launcher.exe [717552]
[MD5.389D84BDF3DC1813B71D0400AFD75398] - (.Innovative Solutions - DriverMax.) -- C:\Program Files\Innovative Solutions\DriverMax\devices.exe [9250728]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [270336]
[MD5.8AC44F0E443974442B574E1DE77C8877] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe [272528]
[MD5.8E6C1915EDDD719C4BFE99ECCD7216A7] - (.Secunia - Secunia PSI Tray.) -- C:\Program Files\Secunia\PSI\psi_tray.exe [291896]
[MD5.0AA48AD92C63322C29F24F351C3F4F0D] - (.IObit - Smart Defrag v2.) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe [1584472]
[MD5.527F995C40417C0F4EBB74ACA98F915A] - (.France Telecom SA - Orange Connection Kit.) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [90112]
[MD5.ABC9091B6D438381DBACFD1A82E0C0EA] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\systray\systrayapp.exe [282624]
[MD5.682DB04704A74F228A080B31003B6FC6] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\connectivitymanager.exe [974848]
[MD5.CAF2CCB6E9F5FDBE99EE8904EB9DC506] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\CoreCom.exe [495616]
[MD5.8E884B0A19679340BFFF5C157075D6B5] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\OraConfigRecover.exe [53248]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [168960]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [559104]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [362496]
[MD5.461A87D7A4304BDA228CF1DBB86D3CE9] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10v_ActiveX.exe [243360]
[MD5.92AD41A429FFB04E0A0E5B871091D144] - (.Nicolas Coolman - Analyseur de rapports sécurité.) -- C:\Program Files\ZebHelpProcess\ZHP2.exe [912384]
[MD5.75DEC256FCEC374BE83C6486D9A7B850] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZebHelpProcess\ZHPDiag.exe [2106368]
~ Scan Processes Running in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\w7t5hi1r.default\prefs.js
M3 - MFPP: Plugins - [utilisateur] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [utilisateur] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [utilisateur] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [utilisateur] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [utilisateur] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [utilisateur] -- C:\Program Files\Mozilla FireFox\searchplugins\McSiteAdvisor.xml
M3 - MFPP: Plugins - [utilisateur] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [utilisateur] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [utilisateur - w7t5hi1r.default] Google
M2 - MFEP: prefs.js [utilisateur - w7t5hi1r.default\keyscrambler@qfx.software.corporation] [] KeyScrambler v2.8.1.0 (.QFX Software Corporation.)
M2 - MFEP: prefs.js [utilisateur - w7t5hi1r.default\vinceturk@gmail.com] [] KwiClick v2.7.2.884 (.KwiClick, LLC.)
M2 - MFEP: prefs.js [utilisateur - w7t5hi1r.default\{75623d5d-4683-402a-b610-ac4bab767c86}] [] Surf Canyon - Search Engine Assistant v3.3.3 (.Surf Canyon, Inc..)
M2 - MFEP: prefs.js [utilisateur - w7t5hi1r.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20110704 (.WOT Services Oy.)
M2 - MFEP: prefs.js [utilisateur - w7t5hi1r.default\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}] [] FoxLingo v2.7.2 (.Linkular LLC.)
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation - Next Generation Java Plug-in 10.0.0 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll
P2 - FPN: [HKLM] [@mcafee.com/SAFFPlugin] - (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com
R0 - HKUS\S-1-5-21-2021189960-399911290-484312088-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-2021189960-399911290-484312088-1000\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (...) (No version) -- C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) (3,4,0,135) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} . (.QFX Software Corporation - KeyScrambler Program DLL.) -- C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} . (...) -- C:\Program Files\WOT\WOT.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} . (.Orange - IE Toolbar Container.) -- C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- "C:\Program Files\Microsoft\BingBar\BingExt.dll"
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} . (...) -- C:\Program Files\WOT\WOT.dll
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] . (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [KBD] . (.Hewlett-Packard Company - KBD EXE.) -- C:\HP\KBD\KBD.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Argente Utilities] . (.Argente Software - Argente Utilities.) -- C:\Program Files\Argente Utilities\Argente Utilities.exe
O4 - HKCU\..\Run: [MailNotifier] . (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [Advanced SystemCare 4] . (.IObit - Advanced SystemCare 4 Tray.) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
O4 - HKCU\..\Run: [FileHippo.com] . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - HKCU\..\Run: [DriverMax] . (.Innovative Solutions - DriverMax.) -- C:\Program Files\Innovative Solutions\DriverMax\devices.exe
O4 - HKCU\..\Run: [DriverMax_RESTART] . (.Innovative Solutions - DriverMax.) -- C:\Program Files\Innovative Solutions\DriverMax\devices.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-2021189960-399911290-484312088-1000\..\Run: [MailNotifier] . (...) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
O4 - HKUS\S-1-5-21-2021189960-399911290-484312088-1000\..\Run: [Advanced SystemCare 4] . (.IObit - Advanced SystemCare 4 Tray.) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
O4 - HKUS\S-1-5-21-2021189960-399911290-484312088-1000\..\Run: [FileHippo.com] . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - HKUS\S-1-5-21-2021189960-399911290-484312088-1000\..\Run: [DriverMax] . (.Innovative Solutions - DriverMax.) -- C:\Program Files\Innovative Solutions\DriverMax\devices.exe
O4 - HKUS\S-1-5-21-2021189960-399911290-484312088-1000\..\Run: [DriverMax_RESTART] . (.Innovative Solutions - DriverMax.) -- C:\Program Files\Innovative Solutions\DriverMax\devices.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\Ad-Remover.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\DriverMax.lnk . (.Innovative Solutions.) -- C:\Program Files\Innovative Solutions\DriverMax\devices.exe
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\Easy For You.lnk . (.Baron sprl-bvba.) -- C:\Users\Utilisateur\AppData\Roaming\Easy For You\easywin.exe
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\Integrator.exe
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\HiJackThis.lnk . (.Trend Micro Inc..) -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\Revo Uninstaller.lnk . (.VS Revo Group.) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.revo.exe
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\Update Checker.lnk . (.FileHippo.com.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\VirusTotal Uploader 2.0.lnk . (...) -- C:\Program Files\VirusTotalUploader2\VirusTotalUpload2.exe
~ Scan Global Startup in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - (.not file.) - C:\Users\UTILIS~1\AppData\Local\Temp\cce26FC.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MIF5BA~1\OFFICE11\EXCEL.exe
O8 - Extra context menu item: traduire la page - (.not file.) - C:\Users\UTILIS~1\AppData\Local\Temp\cce26EB.html
O8 - Extra context menu item: traduire le texte sélectionné - (.not file.) - C:\Users\UTILIS~1\AppData\Local\Temp\cce26FB.html
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &KeyScrambler Options - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
~ Scan Winsock in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://config.zebulon.fr/mcsdkbase/plugins/MaConfig_4_6_0_1.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9BB0B25B-BF12-422B-939F-5FA1AC738A33}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9BB0B25B-BF12-422B-939F-5FA1AC738A33}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{9BB0B25B-BF12-422B-939F-5FA1AC738A33}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} . (...) -- C:\Program Files\WOT\WOT.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com - Core Service.) - C:\Program Files\SUPERAntiSpyware\SASCORE.exe
O23 - Service: Emsisoft Anti-Malware 5.1 - Service (a2AntiMalware) . (.Emsi Software GmbH - Emsisoft Anti-Malware Service.) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) . (.IObit - Advanced SystemCare Service.) - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: EBP Pervasive.SQL (EBP Pervasive.SQL) . (...) - C:\PVSW\Bin\WGE_SRV.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA - Orange Connection Kit.) - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.McAfee, Inc. - SiteAdvisor.) - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: Orange update Core Service (Orange update Core Service) . (.France Telecom SA - Orange Upd@te.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
O23 - Service: EBP - Pervasive.SQL Workgroup (Pervasive.SQL Workgroup) . (...) - C:\PVSW\bin\WGE_SRV.exe
O23 - Service: Secunia PSI Agent (Secunia PSI Agent) . (.Secunia - Secunia PSI Agent.) - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent (Secunia Update Agent) . (.Secunia - Secunia Update Agent.) - C:\Program Files\Secunia\PSI\sua.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job
[MD5.3F7D23CC704BF22E24A1EFFA82F73D3C] [APT] [ASC4_PerformanceMonitor] (.IObit.) -- C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
[MD5.0F22D547F5D2A6BA561698B0C8291809] [APT] [GlaryInitialize] (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\initialize.exe
[MD5.0AA48AD92C63322C29F24F351C3F4F0D] [APT] [smartDefrag_Startup] (.IObit.) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
[MD5.1E60C2B180925F84CE3F25D71D262F30] [APT] [{4477D4C4-9865-45D4-9F0B-020D6B0ADE50}] (.FileHippo.com.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
[MD5.92AD41A429FFB04E0A0E5B871091D144] [APT] [{51C0C0D7-93A7-4DD6-A466-5F579258A58B}] (.Nicolas Coolman.) -- C:\Program Files\ZebHelpProcess\ZHP2.exe
[MD5.1E60C2B180925F84CE3F25D71D262F30] [APT] [{571847FA-98B6-400E-B94C-1B0232E2D52B}] (.FileHippo.com.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
[MD5.92AD41A429FFB04E0A0E5B871091D144] [APT] [{87668A9F-1AE8-4389-85BE-BA6F4C206A46}] (.Nicolas Coolman.) -- C:\Program Files\ZebHelpProcess\ZHP2.exe
[MD5.92AD41A429FFB04E0A0E5B871091D144] [APT] [{D11B2019-4DAD-4E18-A34B-5F66A5C6A8C7}] (.Nicolas Coolman.) -- C:\Program Files\ZebHelpProcess\ZHP2.exe
~ Scan Scheduled Task in 00mn 10s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys
O41 - Driver: (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys
O41 - Driver: (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
O41 - Driver: (Serial) . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) - C:\Windows\system32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Advanced SystemCare 4 - (.IObit.) [HKLM] -- Advanced SystemCare 4_is1
O42 - Logiciel: Argente - Registry Cleaner 2.0.0.5 - (.Argente Software.) [HKLM] -- Argente - Registry Cleaner_is1
O42 - Logiciel: Argente Utilities 1.0.4.0 - (.Argente Software.) [HKLM] -- Argente Utilities_is1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Connexion Internet Orange - (.Pas de propriétaire.) [HKLM] -- {ORAHSS}.UninstallSuite
O42 - Logiciel: DriverMax 5 - (.Innovative Solutions.) [HKLM] -- DMX5_is1
O42 - Logiciel: EBP Btrieve 8.6 - (.EBP.) [HKLM] -- EBP Btrieve 8.6
O42 - Logiciel: EBP Btrieve 8.6 - (.EBP.) [HKLM] -- {747D0A04-5BDA-478D-A010-68CCCBE4D15A}
O42 - Logiciel: EBP Compta 13.0 - (.EBP.) [HKLM] -- EBP Compta 13.0
O42 - Logiciel: EBP Compta 13.0 - (.EBP.) [HKLM] -- {0FD11D04-13E8-4FE8-835A-7BAD688C3B9E}
O42 - Logiciel: EasyForYou version 10 - (.www.easyforyou.be.) [HKLM] -- Easy For You_is1
O42 - Logiciel: Emsisoft Anti-Malware 5.1 - (.Emsi Software GmbH.) [HKLM] -- Emsisoft Anti-Malware_is1
O42 - Logiciel: Enhanced Multimedia Keyboard Solution - (.Pas de propriétaire.) [HKLM] -- KBD
O42 - Logiciel: FileHippo.com Update Checker - (.Pas de propriétaire.) [HKLM] -- FileHippo.com
O42 - Logiciel: Glary Utilities 2.37.0.1260 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1
O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Photosmart All-In-One Driver Software 13.0 Rel. A - (.HP.) [HKLM] -- {17016DA1-F040-4032-BD36-34DD317BC9D5}
O42 - Logiciel: HP Photosmart Essential 3.5 - (.HP.) [HKLM] -- HP Photosmart Essential
O42 - Logiciel: HP Smart Web Printing 4.51 - (.HP.) [HKLM] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: KeyScrambler - (.QFX Software Corporation.) [HKLM] -- KeyScrambler
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Malwarebytes' RogueRemover - (.Malwarebytes.) [HKLM] -- Malwarebytes' RogueRemover FREE_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: McAfee SiteAdvisor - (.McAfee, Inc..) [HKLM] -- {35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 6.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0.1 (x86 fr)
O42 - Logiciel: Notification Mail - (.Orange.) [HKLM] -- MailNotifier
O42 - Logiciel: OCR Software by I.R.I.S. 13.0 - (.HP.) [HKLM] -- HPOCR
O42 - Logiciel: Orange update - (.Orange.) [HKLM] -- OrangeUpdateManager
O42 - Logiciel: Pervasive System Analyzer - (.Pas de propriétaire.) [HKLM] -- Pervasive System Analyzer
O42 - Logiciel: Quicksys RegDefrag 2.9 - (.Pas de propriétaire.) [HKLM] -- {5D26BF7B-BEF6-477D-8FC1-0C1C159B6364}_is1
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Revo Uninstaller 1.93 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
O42 - Logiciel: Secunia PSI (2.0.0.3003) - (.Pas de propriétaire.) [HKLM] -- Secunia PSI
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies
O42 - Logiciel: Smart Defrag 2 - (.IObit.) [HKLM] -- Smart Defrag 2_is1
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523
O42 - Logiciel: VirusTotal Uploader 2.0 - (.Pas de propriétaire.) [HKLM] -- VirusTotalUploader2.0
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: ZebHelpProcess 2.50 - (.Nicolas Coolman.) [HKLM] -- Zeb Help Process_is1
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: barre d'outils Orange - (.France Telecom SA.) [HKLM] -- OrangeToolbarFR
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Against Intuition]
[HKCU\Software\AppDataLow\Software\Against Intuition]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Borland]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\EBP]
[HKCU\Software\FileHippo.com]
[HKCU\Software\GlarySoft]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\I.R.I.S.]
[HKCU\Software\IM Providers]
[HKCU\Software\Innovative Solutions]
[HKCU\Software\Intel\Indeo\4.1]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Orange]
[HKCU\Software\Pervasive Software]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\QFX Software]
[HKCU\Software\Raxco]
[HKCU\Software\Realtek]
[HKCU\Software\SUPERAntiSpyware.com]
[HKCU\Software\Secunia]
[HKCU\Software\Softonic]
[HKCU\Software\Software FX, Inc]
[HKCU\Software\Sysinternals]
[HKCU\Software\TAdvCheckList]
[HKCU\Software\Trend Micro]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\cybelsoft]
[HKCU\Software\dclean]
[HKCU\Software\dskMetrics]
[HKCU\Software\kde.org]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\Borland]
[HKLM\Software\CBSTEST]
[HKLM\Software\Canneverbe Limited]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\EBP]
[HKLM\Software\Emsi Software GmbH]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\GlarySoft]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Hispasec]
[HKLM\Software\IObit]
[HKLM\Software\Innovative Solutions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfee]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Orange]
[HKLM\Software\Panda Software]
[HKLM\Software\Pervasive Software]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\QFX Software]
[HKLM\Software\Quicksys]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SUPERAntiSpyware.com]
[HKLM\Software\Secunia]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Sonic]
[HKLM\Software\Uniblue]
[HKLM\Software\Volatile]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25/08/2011 - 14:43:04 - [1552342] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 16/07/2011 - 15:31:12 - [116541972] ----D- C:\Program Files\Adobe
O43 - CFD: 02/09/2011 - 14:27:50 - [6302493] ----D- C:\Program Files\Argente - Registry Cleaner
O43 - CFD: 08/09/2011 - 14:08:22 - [20194761] ----D- C:\Program Files\Argente Utilities
O43 - CFD: 16/07/2011 - 15:39:52 - [160021248] ----D- C:\Program Files\AVAST Software
O43 - CFD: 30/08/2011 - 10:42:38 - [4118120] ----D- C:\Program Files\CCleaner
O43 - CFD: 13/08/2011 - 15:24:40 - [13191652] ----D- C:\Program Files\CDBurnerXP
O43 - CFD: 30/08/2011 - 11:54:18 - [731518091] ----D- C:\Program Files\Common Files
O43 - CFD: 21/11/2010 - 02:39:42 - [83226644] ----D- C:\Program Files\DVD Maker
O43 - CFD: 17/07/2011 - 12:01:48 - [70511379] ----D- C:\Program Files\EBP
O43 - CFD: 30/08/2011 - 14:12:22 - [140840486] ----D- C:\Program Files\Emsisoft Anti-Malware
O43 - CFD: 16/07/2011 - 15:00:56 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 03/08/2011 - 17:37:42 - [381086] ----D- C:\Program Files\FileHippo.com
O43 - CFD: 01/09/2011 - 12:44:34 - [23194562] ----D- C:\Program Files\Glary Utilities
O43 - CFD: 30/08/2011 - 12:20:14 - [314218650] ----D- C:\Program Files\HP
O43 - CFD: 22/07/2011 - 17:27:20 - [15556506] ----D- C:\Program Files\Innovative Solutions
O43 - CFD: 02/09/2011 - 12:29:54 - [9939945] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 29/08/2011 - 18:23:54 - [3936337] ----D- C:\Program Files\Intel
O43 - CFD: 10/08/2011 - 12:59:46 - [5214966] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 20/07/2011 - 17:37:36 - [81509112] ----D- C:\Program Files\IObit
O43 - CFD: 03/08/2011 - 17:44:56 - [188426554] ----D- C:\Program Files\Java
O43 - CFD: 01/09/2011 - 10:35:06 - [3636496] ----D- C:\Program Files\KeyScrambler
O43 - CFD: 26/08/2011 - 16:02:16 - [6511189] ----D- C:\Program Files\ma-config.com
O43 - CFD: 20/07/2011 - 16:50:44 - [6953093] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 25/08/2011 - 09:56:26 - [6650397] ----D- C:\Program Files\McAfee
O43 - CFD: 20/07/2011 - 18:20:46 - [10998069] ----D- C:\Program Files\McAfee Security Scan
O43 - CFD: 18/07/2011 - 11:07:56 - [20675330] ----D- C:\Program Files\Microsoft
O43 - CFD: 18/07/2011 - 12:34:04 - [2579221] ----D- C:\Program Files\Microsoft Baseline Security Analyzer 2
O43 - CFD: 21/11/2010 - 02:39:36 - [147813426] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 06/08/2011 - 00:38:44 - [412430804] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 16/07/2011 - 15:50:18 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 18/07/2011 - 11:10:34 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 19/07/2011 - 19:46:00 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 20/07/2011 - 00:38:58 - [4368271] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 19/07/2011 - 19:39:20 - [331107] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 03/09/2011 - 16:06:08 - [35679108] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 14/07/2009 - 06:52:32 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 06/08/2011 - 00:38:20 - [39944647] ----D- C:\Program Files\MSECache
O43 - CFD: 30/08/2011 - 12:25:30 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 17/07/2011 - 11:54:42 - [399829195] ----D- C:\Program Files\Orange
O43 - CFD: 31/08/2011 - 20:11:58 - [0] ----D- C:\Program Files\Phyxion.net
O43 - CFD: 20/07/2011 - 18:04:20 - [2627457] ----D- C:\Program Files\Quicksys
O43 - CFD: 22/08/2011 - 20:21:48 - [112956741] ----D- C:\Program Files\Raxco
O43 - CFD: 29/08/2011 - 18:16:06 - [20522190] ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 06:52:32 - [39159041] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 21/07/2011 - 19:21:12 - [1771915] ----D- C:\Program Files\RogueRemover FREE
O43 - CFD: 19/07/2011 - 00:01:22 - [5487507] ----D- C:\Program Files\Secunia
O43 - CFD: 24/08/2011 - 14:00:34 - [71164705] ----D- C:\Program Files\SUPERAntiSpyware
O43 - CFD: 29/08/2011 - 18:11:44 - [0] --H-D- C:\Program Files\Temp
O43 - CFD: 31/07/2011 - 19:33:08 - [388096] ----D- C:\Program Files\Trend Micro
O43 - CFD: 14/07/2009 - 06:53:24 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 19/07/2011 - 10:16:08 - [0] ----D- C:\Program Files\VideoLAN
O43 - CFD: 20/07/2011 - 18:14:56 - [205244] ----D- C:\Program Files\VirusTotalUploader2
O43 - CFD: 07/08/2011 - 10:48:42 - [6817825] ----D- C:\Program Files\VS Revo Group
O43 - CFD: 21/11/2010 - 02:30:46 - [3050496] ----D- C:\Program Files\Windows Defender
O43 - CFD: 21/11/2010 - 02:39:42 - [7013496] ----D- C:\Program Files\Windows Journal
O43 - CFD: 18/07/2011 - 11:14:18 - [192811711] ----D- C:\Program Files\Windows Live
O43 - CFD: 21/11/2010 - 02:30:46 - [6181376] ----D- C:\Program Files\Windows Mail
O43 - CFD: 21/11/2010 - 02:30:46 - [6604034] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 16/07/2011 - 15:00:56 - [12197556] ----D- C:\Program Files\Windows NT
O43 - CFD: 21/11/2010 - 02:30:46 - [4417800] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 20/11/2010 - 23:33:50 - [189952] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 21/11/2010 - 02:30:46 - [6683807] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 23/07/2011 - 18:04:34 - [1265824] ----D- C:\Program Files\WOT
O43 - CFD: 08/09/2011 - 15:53:00 - [106677868] ----D- C:\Program Files\ZebHelpProcess
O43 - CFD: 14/08/2011 - 12:12:10 - [2089812] ----D- C:\Program Files\ZHPFix
O43 - CFD: 16/07/2011 - 15:31:18 - [3606170] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 20/07/2011 - 21:34:18 - [7675513] ----D- C:\Program Files\Common Files\Borland Shared
O43 - CFD: 19/07/2011 - 19:46:06 - [86016] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 17/07/2011 - 12:01:50 - [1460840] ----D- C:\Program Files\Common Files\EBP
O43 - CFD: 17/07/2011 - 11:34:36 - [8113537] ----D- C:\Program Files\Common Files\France Telecom
O43 - CFD: 30/08/2011 - 11:54:18 - [531477] ----D- C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 30/08/2011 - 11:54:02 - [5665956] ----D- C:\Program Files\Common Files\HP
O43 - CFD: 29/08/2011 - 18:10:48 - [2031218] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 03/08/2011 - 17:45:26 - [1239723] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 20/07/2011 - 18:29:08 - [822048] ----D- C:\Program Files\Common Files\McAfee
O43 - CFD: 06/08/2011 - 00:38:42 - [352137772] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 17/07/2011 - 12:16:16 - [12005230] ----D- C:\Program Files\Common Files\Pervasive Software Shared
O43 - CFD: 14/07/2009 - 04:37:06 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:37:06 - [41103783] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 19/07/2011 - 19:45:56 - [25163721] ----D- C:\Program Files\Common Files\System
O43 - CFD: 18/07/2011 - 11:06:10 - [269872385] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 03/08/2011 - 17:54:42 - [23813] ----D- C:\ProgramData\!SASCORE
O43 - CFD: 19/07/2011 - 16:55:30 - [128654334] ----D- C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 16/07/2011 - 15:39:52 - [35539921] ----D- C:\ProgramData\AVAST Software
O43 - CFD: 16/07/2011 - 15:00:56 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 16/07/2011 - 16:08:56 - [0] ----D- C:\ProgramData\Canneverbe Limited
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 17/07/2011 - 12:04:58 - [3231] ----D- C:\ProgramData\EBP
O43 - CFD: 16/07/2011 - 15:00:56 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 18/07/2011 - 11:31:48 - [37050] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 30/08/2011 - 12:11:54 - [17537321] ----D- C:\ProgramData\HP
O43 - CFD: 30/08/2011 - 11:55:36 - [8988] ----D- C:\ProgramData\HP Product Assistant
O43 - CFD: 22/07/2011 - 17:27:26 - [15208448] ----D- C:\ProgramData\Innovative Solutions
O43 - CFD: 26/08/2011 - 16:02:16 - [1228251] ----D- C:\ProgramData\ma-config.com
O43 - CFD: 20/07/2011 - 16:05:08 - [7338625] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 20/07/2011 - 18:29:06 - [850519] ----D- C:\ProgramData\McAfee
O43 - CFD: 20/07/2011 - 18:20:56 - [871] ----D- C:\ProgramData\McAfee Security Scan
O43 - CFD: 16/07/2011 - 15:00:56 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 27/07/2011 - 19:07:32 - [219988024] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 16/07/2011 - 15:00:56 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 27/07/2011 - 09:18:36 - [2017234] ----D- C:\ProgramData\Orange
O43 - CFD: 01/09/2011 - 10:35:48 - [42] ----D- C:\ProgramData\QFX Software
O43 - CFD: 02/08/2011 - 18:37:44 - [2050686] ----D- C:\ProgramData\SecTaskMan
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 16/07/2011 - 15:26:34 - [187] ----D- C:\ProgramData\Sun
O43 - CFD: 20/07/2011 - 17:47:04 - [93059755] ----D- C:\ProgramData\SUPERAntiSpyware.com
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 30/08/2011 - 11:58:30 - [243] ----D- C:\ProgramData\WEBREG
O43 - CFD: 17/07/2011 - 12:02:24 - [20825255] --H-D- C:\ProgramData\{B33CBE2B-A739-401D-A5E0-041195C4A17B}
O43 - CFD: 17/07/2011 - 12:02:12 - [123093954] --H-D- C:\ProgramData\{DD02AF12-1A4B-45FE-A16C-7B8608E0B62E}
O43 - CFD: 16/07/2011 - 16:08:58 - [1465666] ----D- C:\Users\Utilisateur\AppData\Roaming\Adobe
O43 - CFD: 16/07/2011 - 16:08:56 - [1675] ----D- C:\Users\Utilisateur\AppData\Roaming\Canneverbe Limited
O43 - CFD: 23/07/2011 - 18:30:46 - [927] ----D- C:\Users\Utilisateur\AppData\Roaming\Disk Cleaner
O43 - CFD: 20/07/2011 - 19:31:36 - [32991473] ----D- C:\Users\Utilisateur\AppData\Roaming\Easy For You
O43 - CFD: 17/07/2011 - 12:02:12 - [45545] ----D- C:\Users\Utilisateur\AppData\Roaming\EBP
O43 - CFD: 28/08/2011 - 01:06:08 - [50914] ----D- C:\Users\Utilisateur\AppData\Roaming\GlarySoft
O43 - CFD: 30/08/2011 - 12:11:58 - [56160] ----D- C:\Users\Utilisateur\AppData\Roaming\HP
O43 - CFD: 07/09/2011 - 18:38:42 - [1892] ----D- C:\Users\Utilisateur\AppData\Roaming\HpUpdate
O43 - CFD: 16/07/2011 - 15:01:10 - [0] ----D- C:\Users\Utilisateur\AppData\Roaming\Identities
O43 - CFD: 31/07/2011 - 17:47:42 - [6454676] ----D- C:\Users\Utilisateur\AppData\Roaming\IObit
O43 - CFD: 22/07/2011 - 11:39:04 - [6630] ----D- C:\Users\Utilisateur\AppData\Roaming\KillSwitch 2
O43 - CFD: 02/09/2011 - 13:02:46 - [456] ----D- C:\Users\Utilisateur\AppData\Roaming\Macromedia
O43 - CFD: 20/07/2011 - 16:05:18 - [1062] ----D- C:\Users\Utilisateur\AppData\Roaming\Malwarebytes
O43 - CFD: 21/11/2010 - 02:39:18 - [0] ----D- C:\Users\Utilisateur\AppData\Roaming\Media Center Programs
O43 - CFD: 09/08/2011 - 00:03:20 - [2745494] -S--D- C:\Users\Utilisateur\AppData\Roaming\Microsoft
O43 - CFD: 17/07/2011 - 17:35:08 - [25379205] ----D- C:\Users\Utilisateur\AppData\Roaming\Mozilla
O43 - CFD: 16/07/2011 - 16:09:06 - [1494436] ----D- C:\Users\Utilisateur\AppData\Roaming\OpenOffice.org
O43 - CFD: 01/09/2011 - 10:35:48 - [87] ----D- C:\Users\Utilisateur\AppData\Roaming\QFX Software
O43 - CFD: 02/09/2011 - 10:06:26 - [0] ----D- C:\Users\Utilisateur\AppData\Roaming\RegistryKeys
O43 - CFD: 03/08/2011 - 17:55:32 - [12840] ----D- C:\Users\Utilisateur\AppData\Roaming\SUPERAntiSpyware.com
O43 - CFD: 21/07/2011 - 17:50:08 - [0] ----D- C:\Users\Utilisateur\AppData\Roaming\Windows Live Writer
O43 - CFD: 16/07/2011 - 16:08:58 - [15537516] ----D- C:\Users\Utilisateur\AppData\Local\Adobe
O43 - CFD: 16/07/2011 - 15:01:02 - [0] -SH-D- C:\Users\Utilisateur\AppData\Local\Application Data
O43 - CFD: 02/09/2011 - 12:32:14 - [566480] ----D- C:\Users\Utilisateur\AppData\Local\Diagnostics
O43 - CFD: 31/08/2011 - 12:32:10 - [640080] ----D- C:\Users\Utilisateur\AppData\Local\eSupport.com
O43 - CFD: 16/07/2011 - 15:01:02 - [0] -SH-D- C:\Users\Utilisateur\AppData\Local\Historique
O43 - CFD: 30/08/2011 - 12:15:14 - [219032] ----D- C:\Users\Utilisateur\AppData\Local\HP
O43 - CFD: 22/07/2011 - 17:27:26 - [74466360] ----D- C:\Users\Utilisateur\AppData\Local\Innovative Solutions
O43 - CFD: 24/08/2011 - 12:49:52 - [235119822] ----D- C:\Users\Utilisateur\AppData\Local\Microsoft
O43 - CFD: 17/07/2011 - 17:34:40 - [46239818] ----D- C:\Users\Utilisateur\AppData\Local\Mozilla
O43 - CFD: 17/07/2011 - 11:44:26 - [49] ----D- C:\Users\Utilisateur\AppData\Local\Orange
O43 - CFD: 18/07/2011 - 19:19:24 - [0] ----D- C:\Users\Utilisateur\AppData\Local\Secunia PSI
O43 - CFD: 08/09/2011 - 15:52:06 - [1344024] ----D- C:\Users\Utilisateur\AppData\Local\Temp
O43 - CFD: 16/07/2011 - 15:01:02 - [0] -SH-D- C:\Users\Utilisateur\AppData\Local\Temporary Internet Files
O43 - CFD: 02/09/2011 - 15:39:24 - [13149] ----D- C:\Users\Utilisateur\AppData\Local\VirtualStore
O43 - CFD: 07/09/2011 - 11:01:40 - [77824] ----D- C:\Users\Utilisateur\AppData\Local\Windows Live
O43 - CFD: 21/07/2011 - 17:50:18 - [648463] ----D- C:\Users\Utilisateur\AppData\Local\Windows Live Writer
O43 - CFD: 16/07/2011 - 15:33:42 - [6722] ----D- C:\Users\Utilisateur\AppData\Local\WindowsUpdate
O43 - CFD: 05/09/2011 - 17:58:00 - [0] ----D- C:\Users\Utilisateur\AppData\Local\{012198FB-EAED-4BAC-933A-71C27F2E719B}
O43 - CFD: 27/08/2011 - 16:47:46 - [0] ----D- C:\Users\Utilisateur\AppData\Local\{0D7CC08F-70D4-4CCE-95FF-E811E2CCA647}
O43 - CFD: 05/09/2011 - 17:58:14 - [0] ----D- C:\Users\Utilisateur\AppData\Local\{52873083-1BE9-44FC-BA40-CB72B43C6052}
O43 - CFD: 07/09/2011 - 11:01:26 - [0] ----D- C:\Users\Utilisateur\AppData\Local\{760D4199-3E02-402F-99E6-A83E0E63922F}
O43 - CFD: 27/08/2011 - 16:48:08 - [0] ----D- C:\Users\Utilisateur\AppData\Local\{7AD56696-EAE0-428D-8529-CB1872FB072E}
O43 - CFD: 07/09/2011 - 11:01:38 - [0] ----D- C:\Users\Utilisateur\AppData\Local\{8F3241B4-C5A5-4E10-9CE5-F38160D51FE1}
O43 - CFD: 28/08/2011 - 16:34:04 - [0] ----D- C:\Users\Utilisateur\AppData\Local\{BE4860CE-AF63-467C-8F01-490C4A6C3AF6}
O43 - CFD: 28/08/2011 - 16:33:50 - [0] ----D- C:\Users\Utilisateur\AppData\Local\{C423BCB1-22CD-4C0B-B8D2-96F6D1B91A26}
~ Scan Program Folder in 00mn 02s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.B0404C1A866894B55A5EDA4D7298D20C] - 08/09/2011 - 12:53:21 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.976584F898F5F2FA93B217A5F7C774C3] - 08/09/2011 - 12:52:02 ---A- . (...) -- C:\PDOXUSRS.NET [13030]
O44 - LFC:[MD5.C665FAB29F1164F924521E8AEF19FD5A] - 08/09/2011 - 12:51:06 ---A- . (...) -- C:\ZHPExportRegistry-08-09-2011-13-51-06.txt [310]
O44 - LFC:[MD5.02CD129AC83CE2C001ABBFC01887DC73] - 08/09/2011 - 11:34:06 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.B36565AEFE0D54D0FC4ED1BD18580FFB] - 04/09/2011 - 10:32:00 ---A- . (...) -- C:\Ad-Report-SCAN[3].txt [5191]
O44 - LFC:[MD5.6B643FBB7179A5E5EA6E3D9B75834902] - 04/09/2011 - 09:27:16 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1549700]
O44 - LFC:[MD5.B3A850E7BED9D9E7BA49A78C1F6C9508] - 04/09/2011 - 09:27:16 ---A- . (...) -- C:\Windows\system32\perfc009.dat [106190]
O44 - LFC:[MD5.AE75482688C46F3135CB2D2BAA3742A3] - 04/09/2011 - 09:27:16 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [130548]
O44 - LFC:[MD5.23A8FC3D95C988B36FFC22D23B8795E6] - 04/09/2011 - 09:27:16 ---A- . (...) -- C:\Windows\system32\perfh009.dat [615810]
O44 - LFC:[MD5.11C4B32D793C8C26AB3A563BCE203F91] - 04/09/2011 - 09:27:16 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [704242]
O44 - LFC:[MD5.F1DE08225F217DFBD0BD8517B84CC761] - 02/09/2011 - 14:51:10 ---A- . (...) -- C:\index.ini [100]
O44 - LFC:[MD5.8F1BB80D589AFFB9C5E9CD7544251B29] - 01/09/2011 - 09:35:03 ---A- . (.QFX Software Corporation - KeyScrambler Keyboard Encryption Driver.) -- C:\Windows\system32\drivers\keyscrambler.sys [225856]
O44 - LFC:[MD5.7C523E9A098B8BE7E8AE7A6529BD8067] - 30/08/2011 - 15:23:39 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [437264]
O44 - LFC:[MD5.5AB9982DF7D54553DD6DA1F38FE518B6] - 30/08/2011 - 10:58:03 ---A- . (...) -- C:\Windows\hpoins18.dat [227040]
O44 - LFC:[MD5.E1DB8F9DD7E89CEFD78DD3CCBC190C1A] - 30/08/2011 - 10:57:45 ---A- . (...) -- C:\Windows\win.ini [534]
O44 - LFC:[MD5.F2C1E8F33D3ED8527B940E3CADB35B4C] - 30/08/2011 - 10:46:35 ---A- . (.Hewlett-Packard - HP Installer Coinstaller.) -- C:\Windows\system32\hpzids01.dll [452408]
O44 - LFC:[MD5.1D31BD3DB9CCE5148CAD550AA6ABDBBF] - 29/08/2011 - 17:23:53 ---A- . (.Windows XP Bundled build C-Centric Single U - CSVer.) -- C:\Windows\system32\CSVer.dll [53248]
O44 - LFC:[MD5.7FD1956E221C3750E0532A48E8EDD305] - 29/08/2011 - 17:14:32 ---A- . (.Pas de propriétaire - About Page.) -- C:\Windows\system32\RtNicProp32.dll [80416]
O44 - LFC:[MD5.5283B9A27FF230F2FF70D92451FF409A] - 29/08/2011 - 17:14:32 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\Windows\system32\drivers\Rt86win7.sys [394856]
O44 - LFC:[MD5.65A5BD4A43ED3C029A514E7502CD804F] - 29/08/2011 - 17:14:32 ---A- . (.Realtek Semiconductor Corporation - RTNUninst.) -- C:\Windows\system32\RTNUninst32.dll [100896]
O44 - LFC:[MD5.272BF8E5DBDAF0614CC367A25EA3B256] - 29/08/2011 - 17:11:03 ---A- . (.SRS Labs, Inc. - COM object implementing SRS Headphone 360.) -- C:\Windows\system32\SRSHP360.dll [173296]
O44 - LFC:[MD5.029F36DE21AFBDD2865CC657E252EBA7] - 29/08/2011 - 17:11:03 ---A- . (.SRS Labs, Inc. - TruSurround HD and HD4 COM object for Windo.) -- C:\Windows\system32\SRSTSHD.dll [185584]
O44 - LFC:[MD5.8C83CED38F8CAC3E8D5A953C03BCF4B4] - 29/08/2011 - 17:11:03 ---A- . (.SRS Labs, Inc. - TruSurroundXT Module.) -- C:\Windows\system32\SRSTSXT.dll [345328]
O44 - LFC:[MD5.A258F7B2B84E88118369B0B2196CC257] - 29/08/2011 - 17:11:03 ---A- . (.SRS Labs, Inc. - WOW HD COM object for Windows.) -- C:\Windows\system32\SRSWOW.dll [140528]
O44 - LFC:[MD5.CE1E84AA03EE50362D3C69382DCFA294] - 29/08/2011 - 17:11:03 ---A- . (.Waves Audio Ltd. - General Library for Plug-Ins.) -- C:\Windows\system32\WavesLib.dll [1783056]
O44 - LFC:[MD5.8E51B890857CB7F90D2860FE29A43606] - 29/08/2011 - 17:11:02 ---A- . (.Creative Technology Ltd. - Audio Processing Object Chaining Module.) -- C:\Windows\system32\MBWrp32.dll [70232]
O44 - LFC:[MD5.8E60632456505F93A63368E27F19CF8E] - 29/08/2011 - 17:11:02 ---A- . (.Creative Technology Ltd. - Creative Chaining Property Page Loader Modu.) -- C:\Windows\system32\MBPPCn32.dll [50776]
O44 - LFC:[MD5.A6265311D4A87A3AD67D29C097EE2057] - 29/08/2011 - 17:11:02 ---A- . (.Creative Technology Ltd. - Creative Property Page Loader Module.) -- C:\Windows\system32\MBppld32.dll [53848]
O44 - LFC:[MD5.E232507C219A1957880D4EB6D022FAC7] - 29/08/2011 - 17:11:02 ---A- . (.Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x86.) -- C:\Windows\system32\RTEED32A.dll [170840]
O44 - LFC:[MD5.A6686775084244141483AEA0391508D2] - 29/08/2011 - 17:11:02 ---A- . (.Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x86.) -- C:\Windows\system32\RTEEP32A.dll [359768]
O44 - LFC:[MD5.3DE99987154319C901A6537BA8777CB9] - 29/08/2011 - 17:11:02 ---A- . (.Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x86.) -- C:\Windows\system32\RTEEG32A.dll [64856]
O44 - LFC:[MD5.5B18398DEDE4A4A78651CD34F0A217A5] - 29/08/2011 - 17:11:02 ---A- . (.Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x86.) -- C:\Windows\system32\RTEEL32A.dll [78680]
O44 - LFC:[MD5.C619CDFA5CDC5A346C89870010A2391C] - 29/08/2011 - 17:11:02 ---A- . (.Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x86.) -- C:\Windows\system32\RP3DAA32.dll [295768]
O44 - LFC:[MD5.4F92047498EFEA076E3745C291481975] - 29/08/2011 - 17:11:02 ---A- . (.Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x86.) -- C:\Windows\system32\RP3DHT32.dll [295768]
O44 - LFC:[MD5.B7365644A14701941B39D926489A29F2] - 29/08/2011 - 17:11:02 ---A- . (.Realtek Semiconductor Corp. - Realtek APO API.) -- C:\Windows\system32\RtkApoApi.dll [1256040]
O44 - LFC:[MD5.79CACBBCB67CF04CD896D776BB9D7956] - 29/08/2011 - 17:11:02 ---A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Coinstaller.) -- C:\Windows\system32\RtkCoInst.dll [75880]
O44 - LFC:[MD5.02E94AF0C802FAB0EC59C353EE7A16AA] - 29/08/2011 - 17:11:02 ---A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\Windows\system32\RTSndMgr.cpl [1497704]
O44 - LFC:[MD5.E0F8A0900BB909CF136F0651E2B90B5F] - 29/08/2011 - 17:11:02 ---A- . (.Realtek Semiconductor Corp. - Realtek LFX/GFX DSP UI component for Window.) -- C:\Windows\system32\RtkPgExt.dll [2170472]
O44 - LFC:[MD5.7E9FEE5F83C74BE2FD48D163952E3CAA] - 29/08/2011 - 17:11:02 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function D.) -- C:\Windows\system32\drivers\RTKVHDA.sys [3520168]
O44 - LFC:[MD5.10F0214F231B37459CB50D85E3DC5BC1] - 29/08/2011 - 17:11:02 ---A- . (.Realtek Semiconductor Corp. - Realtek® LFX/GFX DSP component.) -- C:\Windows\system32\RtkAPO.dll [4158568]
O44 - LFC:[MD5.D701ABD1D72A87D2F5295000DF5DC312] - 29/08/2011 - 17:11:01 ---A- . (.Creative Technology Ltd. - Creative Audio Processing Object Module.) -- C:\Windows\system32\MBAPO32.dll [738392]
O44 - LFC:[MD5.84AB243EBB8839C268BA45975BD6558C] - 29/08/2011 - 17:11:01 ---A- . (.Waves Audio Ltd. - MaxxAudio APO.) -- C:\Windows\system32\MaxxAudioAPO.dll [132368]
O44 - LFC:[MD5.57C588F098C811E9459AC7034349AF6F] - 29/08/2011 - 17:11:01 ---A- . (.Waves Audio Ltd. - MaxxAudio APO.) -- C:\Windows\system32\MaxxAudioAPO20.dll [232792]
O44 - LFC:[MD5.F678031A1EF7C96DB09AE9F0DDB7F88E] - 29/08/2011 - 17:11:01 ---A- . (.Waves Audio Ltd. - Pas de description.) -- C:\Windows\system32\MaxxAudioEQ.dll [1938704]
O44 - LFC:[MD5.BEB707543D3996C6185B1656F63CCF27] - 29/08/2011 - 17:11:00 ---A- . (.Fortemedia Corporation - Fortemedia SAMSoft sAPO.) -- C:\Windows\system32\FMAPO.dll [1740352]
O44 - LFC:[MD5.2CCEAF03E8AF4543171D236DF21DC29A] - 29/08/2011 - 17:10:59 ---A- . (.Andrea Electronics Corporation - Capture Noise Filters (32-bit).) -- C:\Windows\system32\AERTACap.dll [175200]
O44 - LFC:[MD5.6353994C972CB58EB01854C6FDFAC80D] - 29/08/2011 - 17:10:59 ---A- . (.Andrea Electronics Corporation - Render Noise Filters (32-bit).) -- C:\Windows\system32\AERTARen.dll [96160]
O44 - LFC:[MD5.0BF254F2A678F70237012A084B783CB7] - 29/08/2011 - 17:10:50 ---A- . (.Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) -- C:\Windows\RtlExUpd.dll [1284712]
O44 - LFC:[MD5.A3AF97F977EC8E5EA82B4BCBDA8B9C66] - 29/08/2011 - 17:09:29 ---A- . (...) -- C:\Windows\system32\results.xml [14796]
O44 - LFC:[MD5.DA5F446833C250558EF9435DF24D4AD9] - 22/08/2011 - 19:17:11 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\system32\FlashPlayerCPLApp.cpl [404640]
O44 - LFC:[MD5.A71636227279DABDC7FFD172F535D2C5] - 19/08/2011 - 15:33:16 ---A- . (...) -- C:\Windows\system32\SmartDefragBootTime.exe [25944]
O44 - LFC:[MD5.F5D7F94E7E56581098F412F6C85EB9D2] - 13/08/2011 - 17:14:14 ---A- . (...) -- C:\.rnd [1024]
O44 - LFC:[MD5.BF302072DC8374CF4E118FD88AA817A2] - 26/11/2010 - 17:02:20 ---A- . (...) -- C:\Windows\system32\drivers\SmartDefragDriver.sys [15672]
~ Scan Files in 00mn 04s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.89DD0AD0E31EF034224ECC178D0655B2] - 02/09/2011 - 11:27:13 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf
O45 - LFCP:[MD5.FB57E05C35356470646CF12C1436CAB3] - 02/09/2011 - 13:58:50 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf
O45 - LFCP:[MD5.02BA3260B1E2276CF1D64858AEBB306F] - 03/09/2011 - 12:56:14 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-40F9D24E.pf
O45 - LFCP:[MD5.CE303BDAF08E4B086B52B035BDCC2312] - 03/09/2011 - 12:57:43 ---A- - C:\Windows\Prefetch\ARGENTE UTILITIES.EXE-0A90BFCA.pf
O45 - LFCP:[MD5.6880B11DADC220D74E920651DC43D277] - 04/09/2011 - 09:59:53 ---A- - C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf
O45 - LFCP:[MD5.A83E34FE2C6A2E68E2E315987FF09456] - 04/09/2011 - 12:58:34 ---A- - C:\Windows\Prefetch\SDCLT.EXE-E10B972A.pf
O45 - LFCP:[MD5.F3F358FE4AEA7CAE32F5EBADA2A9E5F5] - 04/09/2011 - 18:19:40 ---A- - C:\Windows\Prefetch\MSDTC.EXE-CC1DEC77.pf
O45 - LFCP:[MD5.369FDFCE3C74334CD5FDF071491B00E1] - 04/09/2011 - 18:27:18 ---A- - C:\Windows\Prefetch\HELPPANE.EXE-FEDC965B.pf
O45 - LFCP:[MD5.C3BB7669785C1C9C0529F769E1200D19] - 05/09/2011 - 08:50:39 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B49E1152.pf
O45 - LFCP:[MD5.CE16889C5EF8E295A1FDC789288F271A] - 05/09/2011 - 08:50:42 ---A- - C:\Windows\Prefetch\CSC.EXE-A3B8D95D.pf
O45 - LFCP:[MD5.DA59677699F9EAC8CFADA3006B8E6873] - 05/09/2011 - 08:50:47 ---A- - C:\Windows\Prefetch\SDIAGNHOST.EXE-8D72177C.pf
O45 - LFCP:[MD5.11989E8F329FAE8D92F94AE1FF32C445] - 05/09/2011 - 08:50:48 ---A- - C:\Windows\Prefetch\W32TM.EXE-1101AF41.pf
O45 - LFCP:[MD5.DCAA088594252820BD9452485220E67C] - 05/09/2011 - 08:50:57 ---A- - C:\Windows\Prefetch\PING.EXE-7E94E73E.pf
O45 - LFCP:[MD5.83C43509256686AFE970E7D627363671] - 05/09/2011 - 09:15:27 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf
O45 - LFCP:[MD5.9000D8FE53EFDD158D2531A317B7F5B5] - 05/09/2011 - 09:28:38 ---A- - C:\Windows\Prefetch\CDBXPP.EXE-8DEAF9EC.pf
O45 - LFCP:[MD5.9A91CDAFE3B794CA08C5D8995CE1492B] - 05/09/2011 - 09:36:44 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-91E1AAD6.pf
O45 - LFCP:[MD5.EB494F9F68EEA18A4DDFDDB6E756CAD5] - 05/09/2011 - 09:37:09 ---A- - C:\Windows\Prefetch\ADOBEARM.EXE-719325FF.pf
O45 - LFCP:[MD5.0686CB9DA32BA80B1B835AD2A167E170] - 05/09/2011 - 10:00:40 ---A- - C:\Windows\Prefetch\WLMAIL.EXE-1507296E.pf
O45 - LFCP:[MD5.54E81A8D05F955EB6D8528AD0A189F50] - 05/09/2011 - 10:00:56 ---A- - C:\Windows\Prefetch\WLCOMM.EXE-272FF9F7.pf
O45 - LFCP:[MD5.E9D90D38EF7A46E0595EDD13552ADA7D] - 05/09/2011 - 11:25:54 ---A- - C:\Windows\Prefetch\SF.BIN-97F33699.pf
O45 - LFCP:[MD5.5716D57608B5598BB4DE13CF39426945] - 05/09/2011 - 11:31:11 ---A- - C:\Windows\Prefetch\CVTRES.EXE-069169FB.pf
O45 - LFCP:[MD5.6333CCAAD12938C4C8DBC6AA8EAD8DA8] - 05/09/2011 - 11:38:35 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-F401FBB4.pf
O45 - LFCP:[MD5.89A324907665A121A54BC0D57D939CBF] - 05/09/2011 - 12:38:57 ---A- - C:\Windows\Prefetch\SUPERANTISPYWARE.EXE-D7978FB2.pf
O45 - LFCP:[MD5.1864107F21E82A4B6D09CD79F492D9D1] - 05/09/2011 - 12:52:23 ---A- - C:\Windows\Prefetch\SUA.EXE-641B010B.pf
O45 - LFCP:[MD5.4740DAD64D958F390B7F2F2780ED0949] - 05/09/2011 - 12:52:31 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf
O45 - LFCP:[MD5.AEE5E9A26EC94380DBA71A5211121A94] - 05/09/2011 - 12:54:20 ---A- - C:\Windows\Prefetch\HPQBAM08.EXE-5B656772.pf
O45 - LFCP:[MD5.F38C85EDE2F9AADCBCCE427A3E557FB4] - 05/09/2011 - 12:54:20 ---A- - C:\Windows\Prefetch\HPQGPC01.EXE-92C87699.pf
O45 - LFCP:[MD5.DF6CFD9092BDC78C24997F18E909B954] - 05/09/2011 - 12:54:20 ---A- - C:\Windows\Prefetch\HPQSTE08.EXE-8FA26316.pf
O45 - LFCP:[MD5.C7D394279A949629BA3089FDEE18AA43] - 05/09/2011 - 12:54:20 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf
O45 - LFCP:[MD5.9CCCFFF400BC37AC61841670EB2CC92B] - 05/09/2011 - 12:55:41 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf
O45 - LFCP:[MD5.F9C58C0EF7F3B240EF66688574C91F38] - 05/09/2011 - 12:55:52 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-05F624AB.pf
O45 - LFCP:[MD5.974139639C94B849304C8D835A28164D] - 05/09/2011 - 12:56:40 ---A- - C:\Windows\Prefetch\CACLS.EXE-D332D70E.pf
O45 - LFCP:[MD5.5A46556BDD8A5A99B4261331CB95C1E0] - 05/09/2011 - 12:56:45 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf
O45 - LFCP:[MD5.FA9A2D6EA6E3EC28E1EFB2C2DC76D4E5] - 05/09/2011 - 12:57:40 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf
O45 - LFCP:[MD5.3BC9A3BD6CAAA1E9B4F417E0FC7DFC93] - 05/09/2011 - 12:58:43 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-E2C2633A.pf
O45 - LFCP:[MD5.5D38E726995E7A829BE97C49CAA2A395] - 05/09/2011 - 13:06:33 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-02CC9EFF.pf
O45 - LFCP:[MD5.9C4A8759153287D01095748A1F4D26F5] - 05/09/2011 - 13:08:12 ---A- - C:\Windows\Prefetch\REGEDIT.EXE-90FEEA06.pf
O45 - LFCP:[MD5.8FD6C660BC659145F9E0FAFDD5973BB6] - 05/09/2011 - 13:08:35 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-CF2B07FC.pf
O45 - LFCP:[MD5.DC28981BFF6324C2FAE3DB86BF297DD8] - 05/09/2011 - 13:48:50 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf
O45 - LFCP:[MD5.A8CE0EC0FA2C829810DA34DD82209225] - 05/09/2011 - 13:48:50 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7AC6742A.pf
O45 - LFCP:[MD5.1E0BE6042EB98603D6254D2153DA0CDD] - 05/09/2011 - 13:54:52 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-4A28B1CA.pf
O45 - LFCP:[MD5.E4C3C9CD010D0C6623A1BD4361B691EC] - 05/09/2011 - 13:54:56 ---A- - C:\Windows\Prefetch\IEINSTAL.EXE-E191F095.pf
O45 - LFCP:[MD5.7A231A8ABEB7BCEE87850A588B33B0EE] - 05/09/2011 - 14:05:50 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-DE9673F9.pf
O45 - LFCP:[MD5.5F64960A5D933F7877465D88A6E72FE8] - 05/09/2011 - 14:52:50 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf
O45 - LFCP:[MD5.D40FF6C7E4AF485A9057B75D3B15CC75] - 05/09/2011 - 15:08:13 ---A- - C:\Windows\Prefetch\AUTOUPDATE.EXE-20A4BBCB.pf
O45 - LFCP:[MD5.0C3A89442D0B83FC6734020386661236] - 05/09/2011 - 15:08:16 ---A- - C:\Windows\Prefetch\ASC.EXE-0B8E05E2.pf
O45 - LFCP:[MD5.207837C2DD50E619B55977CC83835110] - 05/09/2011 - 15:10:36 ---A- - C:\Windows\Prefetch\DISKSCAN.EXE-33476087.pf
O45 - LFCP:[MD5.FED793A825B05890002F4AD6A00087CF] - 05/09/2011 - 15:13:02 ---A- - C:\Windows\Prefetch\IOBITCOMMUNITIES.EXE-FE60AB83.pf
O45 - LFCP:[MD5.1DE8D613146637A23C98D6261588358E] - 05/09/2011 - 16:33:11 ---A- - C:\Windows\Prefetch\SF.BIN-B35534C9.pf
O45 - LFCP:[MD5.B27CCEA84870242F905A7528E154BB63] - 05/09/2011 - 16:59:22 ---A- - C:\Windows\Prefetch\WINDOWSLIVEPHOTOVIEWER.EXE-0A4CE29E.pf
O45 - LFCP:[MD5.3496F72633AF27C9481EAFC08A18F396] - 05/09/2011 - 20:40:10 ---A- - C:\Windows\Prefetch\SSUPDATE.EXE-DD5D0649.pf
O45 - LFCP:[MD5.662104A13029FB1EB861DCDB314775C0] - 05/09/2011 - 23:00:10 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf
O45 - LFCP:[MD5.899DCA421FEA37FF95D9F8ABB2D67299] - 05/09/2011 - 23:30:03 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf
O45 - LFCP:[MD5.AEA5E5A48E572C403DBCCA5A4F12CA64] - 06/09/2011 - 08:14:25 ---A- - C:\Windows\Prefetch\LIVEBOXUTILITIES.EXE-4D2E0CDA.pf
O45 - LFCP:[MD5.5FDA15ADD5E1475A9DB1E228D0BDF422] - 06/09/2011 - 08:18:59 ---A- - C:\Windows\Prefetch\MPAS-D_BD2.EXE-AB3856C5.pf
O45 - LFCP:[MD5.627AB6E08FC9903B1A1E01AAF88815DD] - 06/09/2011 - 08:18:59 ---A- - C:\Windows\Prefetch\MPMINISIGSTUB.EXE-6676DF4F.pf
O45 - LFCP:[MD5.D2B032A95A74EA93D05E77A9E1281D57] - 06/09/2011 - 08:18:59 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-6CB27A06.pf
O45 - LFCP:[MD5.F292F65C94E6C67155DB0722D15CB54E] - 06/09/2011 - 09:48:19 ---A- - C:\Windows\Prefetch\BBSVC.EXE-637F2DF1.pf
O45 - LFCP:[MD5.C2B8AD9E2C190FB908A46E171BA33446] - 06/09/2011 - 10:00:06 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf
O45 - LFCP:[MD5.8E1ACC0D6EBFE2C45AADA2AFF872D08A] - 06/09/2011 - 10:14:17 ---A- - C:\Windows\Prefetch\INTEGRATOR.EXE-84638148.pf
O45 - LFCP:[MD5.45C299F26B6B20A6E2457BF27592EFC3] - 06/09/2011 - 12:54:20 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-C871F054.pf
O45 - LFCP:[MD5.6A7078E69D417DA0E08AFB6759A910E0] - 06/09/2011 - 13:09:52 ---A- - C:\Windows\Prefetch\MBAM.EXE-305FF92C.pf
O45 - LFCP:[MD5.3B5F27C793BACA8BAA288212954E40B3] - 06/09/2011 - 14:23:38 ---A- - C:\Windows\Prefetch\DEVICES.EXE-1139B1AA.pf
O45 - LFCP:[MD5.C29C902EA87D7721F06F3C08004A5CD6] - 06/09/2011 - 14:25:19 ---A- - C:\Windows\Prefetch\CCLEANER.EXE-D4D76A60.pf
O45 - LFCP:[MD5.202C7F441650E6968C06F8F3E15B7FA8] - 06/09/2011 - 14:43:05 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-96A493A4.pf
O45 - LFCP:[MD5.92D8E62AC4D7CBF4ABFCD8C014EC7A79] - 06/09/2011 - 14:44:41 ---A- - C:\Windows\Prefetch\FLASHUTIL10V_ACTIVEX.EXE-06CDFF8C.pf
O45 - LFCP:[MD5.E7E4298FA34AF26BDD4757BA7155F18A] - 06/09/2011 - 14:47:40 ---A- - C:\Windows\Prefetch\UPDATECHECKER.EXE-DF356CBF.pf
O45 - LFCP:[MD5.E61A1D01A0AA7D0EA936EDD7438113FB] - 06/09/2011 - 14:51:49 ---A- - C:\Windows\Prefetch\COMPANIONUSER.EXE-B600D0B4.pf
O45 - LFCP:[MD5.76A77A63A7B48F45FEDE84385DB57083] - 06/09/2011 - 14:57:16 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1304AE86.pf
O45 - LFCP:[MD5.F47952A434307B430A3DF9F99256695F] - 06/09/2011 - 16:04:04 ---A- - C:\Windows\Prefetch\COMPTA.EXE-1D798CAF.pf
O45 - LFCP:[MD5.BFABE59B66A35299A32BA6082720D8FA] - 06/09/2011 - 16:04:05 ---A- - C:\Windows\Prefetch\PRINTISOLATIONHOST.EXE-E0CD10A9.pf
O45 - LFCP:[MD5.4E411F42BD16A0C597B5B9113F02355E] - 06/09/2011 - 17:04:11 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-86E0E9B9.pf
O45 - LFCP:[MD5.305012781A83329428764E61443296D9] - 06/09/2011 - 17:38:33 ---A- - C:\Windows\Prefetch\HPWUCLI.EXE-5427BA4C.pf
O45 - LFCP:[MD5.EA579DECBA69754077FE10E4587CEDAC] - 06/09/2011 - 23:31:42 ---A- - C:\Windows\Prefetch\SF.BIN-89FA0736.pf
O45 - LFCP:[MD5.16CCA525E46A79DFBB4BD5480A37E876] - 07/09/2011 - 08:22:59 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.8DB1E246203059E02CE08DB9EB35E134] - 07/09/2011 - 08:22:59 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-007FEA55.pf
O45 - LFCP:[MD5.F22DD4BE466A51DB151BBB1CDEB443DE] - 07/09/2011 - 09:05:29 ---A- - C:\Windows\Prefetch\SF.BIN-7C00D7D3.pf
O45 - LFCP:[MD5.E52D10A86F6762F6C12B7AA65556A999] - 07/09/2011 - 12:57:20 ---A- - C:\Windows\Prefetch\WUAPP.EXE-C6167071.pf
O45 - LFCP:[MD5.A1E3A1390553C9CE85B6081FC6FE6A6F] - 07/09/2011 - 14:48:58 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-EEE13F6D.pf
O45 - LFCP:[MD5.C18563C40A1C1008EE952C4A5D54E291] - 07/09/2011 - 16:39:41 ---A- - C:\Windows\Prefetch\JAVA.EXE-633ED9BF.pf
O45 - LFCP:[MD5.55BFBE390CD54A23149608ECACB93325] - 07/09/2011 - 16:39:41 ---A- - C:\Windows\Prefetch\JP2LAUNCHER.EXE-C5D4FDC6.pf
O45 - LFCP:[MD5.E5B72F28F348897ED3AB6132050BCA97] - 07/09/2011 - 17:05:47 ---A- - C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf
O45 - LFCP:[MD5.D14CB60CFA0838FDF452E655BED875B9] - 07/09/2011 - 17:40:00 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-E066850A.pf
O45 - LFCP:[MD5.F2954E377C34C28126DA08669D81751E] - 08/09/2011 - 08:29:59 ---A- - C:\Windows\Prefetch\JAVAW.EXE-2699CD1A.pf
O45 - LFCP:[MD5.96214CEB0749125E7D6231FAE5B712A2] - 08/09/2011 - 08:29:59 ---A- - C:\Windows\Prefetch\JAVAWS.EXE-8AA244A9.pf
O45 - LFCP:[MD5.265ADC7E639865C8817826D07DC5D584] - 08/09/2011 - 10:44:22 ---A- - C:\Windows\Prefetch\SF.BIN-8969A6A0.pf
O45 - LFCP:[MD5.7001D7DB124633145233292A6751CE21] - 08/09/2011 - 11:27:02 ---A- - C:\Windows\Prefetch\LADS.EXE-2D05CA17.pf
O45 - LFCP:[MD5.1BB814240FDFD55E8DE68C552E905EDC] - 08/09/2011 - 11:27:27 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-DBC67E68.pf
O45 - LFCP:[MD5.CEDE00314C98EAF30A0EBEDB793E3794] - 08/09/2011 - 11:33:13 ---A- - C:\Windows\Prefetch\SIGCHECK.EXE-24E954E0.pf
O45 - LFCP:[MD5.5CBB12CA78279342396DF80DB4BE95B2] - 08/09/2011 - 11:34:01 ---A- - C:\Windows\Prefetch\NSLOOKUP.EXE-3D06E09F.pf
O45 - LFCP:[MD5.90BAC00284950F23238115FAAB09263E] - 08/09/2011 - 11:34:04 ---A- - C:\Windows\Prefetch\MBR.EXE-4D386DF0.pf
O45 - LFCP:[MD5.B4F28BC023B1444B5AB56B25A31F707C] - 08/09/2011 - 11:34:06 ---A- - C:\Windows\Prefetch\MBRCHECK.EXE-5D637FBE.pf
O45 - LFCP:[MD5.4365AAABFAE55B45BD99B09C77FFD145] - 08/09/2011 - 12:49:16 ---A- - C:\Windows\Prefetch\ZHPFIX.EXE-530DDD28.pf
O45 - LFCP:[MD5.D7F8DCD02A4E0310D0290F80995E2016] - 08/09/2011 - 12:51:06 ---A- - C:\Windows\Prefetch\REG.EXE-E7E8BD26.pf
O45 - LFCP:[MD5.B957024C802BD34BC25F3F0E2477A580] - 08/09/2011 - 12:51:16 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
O45 - LFCP:[MD5.3D2585661B4154CFD85DBF33863DED3C] - 08/09/2011 - 13:28:23 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf
O45 - LFCP:[MD5.0F18054850F45D8B23CC84B0DF3E06AB] - 08/09/2011 - 14:43:18 ---A- - C:\Windows\Prefetch\BINGBAR.EXE-B7F52632.pf
O45 - LFCP:[MD5.2FF77D93A2E516C65964AD6B36478D7C] - 08/09/2011 - 14:43:19 ---A- - C:\Windows\Prefetch\BINGAPP.EXE-01FEC486.pf
O45 - LFCP:[MD5.5740119747DAA7C8B854A7651A25FE75] - 08/09/2011 - 14:52:02 ---A- - C:\Windows\Prefetch\SF.BIN-600E790D.pf
O45 - LFCP:[MD5.DEB91F8A3307FDD44F0C8F9FD1A0C96B] - 08/09/2011 - 14:52:13 ---A- - C:\Windows\Prefetch\ZHP2.EXE-B4567A37.pf
O45 - LFCP:[MD5.277CB5217033F100632F7AF24FD9D7BA] - 08/09/2011 - 14:52:29 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-A283E0D6.pf
O45 - LFCP:[MD5.35F09847B504FA9843AAAF9B6D680F35] - 08/09/2011 - 14:52:50 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-D1EF4768.pf
O45 - LFCP:[MD5.91B4AAA6BD1082040CF7A35839ECC2D6] - 08/09/2011 - 14:52:56 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf
O45 - LFCP:[MD5.60BC211C516D188E41EA158AA239A871] - 08/09/2011 - 14:53:11 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf
O45 - LFCP:[MD5.E5C2B57DE1D042AC8AAC1CC433740D76] - 16/07/2011 - 12:52:35 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.F88259426CB881E2C7FF22D885B05BD7] - 16/07/2011 - 14:49:32 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.C3464A5C67855562EF6C7A056099B5F9] - 16/07/2011 - 14:49:32 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.544E617F015D2DB75AAD0CBE48D546B2] - 16/07/2011 - 14:49:32 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.9F88B6788D81958811F2C6498C5A83E8] - 16/07/2011 - 14:49:32 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.91D26D27694DA871D25FD94783E15474] - 17/07/2011 - 13:48:40 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.2041BB5625AB45D0B9C6B181E1ACF875] - 17/07/2011 - 14:47:10 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2021189960-399911290-484312088-1000.db
O45 - LFCP:[MD5.8AA49C7D12DA69A87AED3300DC135460] - 17/07/2011 - 14:47:10 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2021189960-399911290-484312088-1000.db
O45 - LFCP:[MD5.89C5809B9E435D3339C6F1B1EA1540F1] - 26/08/2011 - 13:58:51 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf
O45 - LFCP:[MD5.690F3C66A472F7BAEC91E49F3CC7C783] - 26/08/2011 - 14:43:08 ---A- - C:\Windows\Prefetch\TOOLBARHELPER.EXE-3F7812C4.pf
O45 - LFCP:[MD5.1E0FA7ABD0EEF36F895E9FCE3847E418] - 30/08/2011 - 11:27:13 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf
O45 - LFCP:[MD5.CF1EE510DBB178777D8A76BCDB9BF01D] - 30/08/2011 - 12:54:20 ---A- - C:\Windows\Prefetch\AVAST.SETUP-B1D66586.pf
O45 - LFCP:[MD5.2F73D6A217A6A9BFB24635298933F4A7] - 30/08/2011 - 14:03:54 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf
O45 - LFCP:[MD5.F4CBE3DC7554DBF1583A811F3F69E3CD] - 30/08/2011 - 14:43:04 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
O45 - LFCP:[MD5.135BDF0C75B5F206710EE1B04BA25454] - 30/08/2011 - 14:43:15 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf
O45 - LFCP:[MD5.1A5FB8228AF6A51D84EFD0082E2B065F] - 30/08/2011 - 14:50:49 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
O45 - LFCP:[MD5.5DC29325C05A3F0B1C8EE89616ACCF8B] - 30/08/2011 - 14:50:49 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
O45 - LFCP:[MD5.1DE5E6E8E685AB84BAA5B2BDD3599419] - 30/08/2011 - 14:52:00 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf
O45 - LFCP:[MD5.4EDE223CEDF3C0F550045834643611F0] - 30/08/2011 - 14:52:05 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf
O45 - LFCP:[MD5.EAE2ED41F1919EE8F2E8B46BBA4532FF] - 30/08/2011 - 14:52:50 ---A- - C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf
O45 - LFCP:[MD5.5792763B6213803E25BB5366373ACC86] - 30/08/2011 - 14:52:56 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf
~ Scan Prefetcher in 00mn 00s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA.) -- C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe
~ Scan Keys in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Intel® Corporation - Pas de description.) -- C:\Windows\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Intel® Corporation - Pas de description.) -- C:\Windows\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\Windows\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\Windows\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\Windows\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\Windows\system32\iac25_32.ax
~ Scan Keys in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=1
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 10/06/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297552]
O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [146512]
O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14400]
O58 - SDL:[MD5.D320BF87125326F996D4904FE24300FC] - 16/07/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [80256]
O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 10/06/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys [159312]
O58 - SDL:[MD5.46387FB17B086D16DEA267D5BE23A2F2] - 16/07/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [22400]
O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [76368]
O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [86608]
O58 - SDL:[MD5.861CB512E4E850E87DD2316F88D69330] - 16/07/2011 - 12:32:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [19544]
O58 - SDL:[MD5.FF83C93AEEE8B0CF4B464CA667A67ACD] - 16/07/2011 - 12:32:20 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [54104]
O58 - SDL:[MD5.8DB043BF96BB6D334E5B4888E709E1C7] - 16/07/2011 - 12:32:32 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [25432]
O58 - SDL:[MD5.17230708A2028CD995656DF455F2E303] - 16/07/2011 - 12:36:43 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [441176]
O58 - SDL:[MD5.DBEDD9D43B00630966EF05D2D8D04CEE] - 16/07/2011 - 12:36:32 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [309848]
O58 - SDL:[MD5.984CFCE2168286C2511695C2F9621475] - 16/07/2011 - 12:35:23 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [43608]
O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 14/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\system32\drivers\b57nd60x.sys [229888]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [272128]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 14/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 10/06/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys [430080]
O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 14/07/2009 - 02:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [15952]
O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 10/06/2009 - 02:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [70720]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 10/06/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [453712]
O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 10/06/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys [3100160]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 14/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 14/07/2009 - 02:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [67152]
O58 - SDL:[MD5.5CD5F9A5444E6CDCB0AC89BD62D8B76E] - 16/07/2011 - 06:38:51 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys [332160]
O58 - SDL:[MD5.37F7E45253000AC41A1F520A62D4EBE2] - 29/08/2011 - 12:28:28 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [9036800]
O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41040]
O58 - SDL:[MD5.8F1BB80D589AFFB9C5E9CD7544251B29] - 01/09/2011 - 23:14:38 ---A- . (.QFX Software Corporation - KeyScrambler Keyboard Encryption Driver.) -- C:\Windows\system32\drivers\keyscrambler.sys [225856]
O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [95824]
O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 14/07/2009 - 02:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89168]
O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [54864]
O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96848]
O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 20/07/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22712]
O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 20/07/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [41272]
O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 10/06/2009 - 02:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys [30800]
O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [235584]
O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 14/07/2009 - 02:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [44624]
O58 - SDL:[MD5.B3E25EE28883877076E0E1FF877D02E0] - 16/07/2011 - 06:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [117120]
O58 - SDL:[MD5.4380E59A170D88C4F1022EFF6719A8A4] - 16/07/2011 - 06:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [143744]
O58 - SDL:[MD5.1BF91F352D746AD7469FA71783B5FAE8] - 17/07/2011 - 11:22:32 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\Windows\system32\drivers\PCAMp50.sys [28224]
O58 - SDL:[MD5.1961590AA191B6B7DCF18A6A693AF7B8] - 17/07/2011 - 11:22:32 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\Windows\system32\drivers\PCASp50.sys [27072]
O58 - SDL:[MD5.390C204CED3785609AB24E9C52054A84] - 20/07/2011 - 16:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\Windows\system32\drivers\PS2.sys [19072]
O58 - SDL:[MD5.D24DFD16A1E2A76034DF5AA18125C35D] - 19/07/2011 - 09:30:58 ---A- . (.Secunia - Secunia PSI Driver.) -- C:\Windows\system32\drivers\psi_mf.sys [15544]
O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 10/06/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1383488]
O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106064]
O58 - SDL:[MD5.5283B9A27FF230F2FF70D92451FF409A] - 29/08/2011 - 17:14:32 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\Windows\system32\drivers\Rt86win7.sys [394856]
O58 - SDL:[MD5.7E9FEE5F83C74BE2FD48D163952E3CAA] - 29/08/2011 - 18:38:12 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [3520168]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 14/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.5FB7FCEA0490D821F26F39CC5EA3D1E2] - 14/07/2009 - 00:45:33 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\serial.sys [83456]
O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 10/06/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [40016]
O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [77888]
O58 - SDL:[MD5.BF302072DC8374CF4E118FD88AA817A2] - 31/08/2011 - 17:02:20 ---A- . (...) -- C:\Windows\system32\drivers\SmartDefragDriver.sys [15672]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [21072]
O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 14/07/2009 - 02:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [16976]
O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 10/06/2009 - 02:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [141904]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]
O58 - SDL:[MD5.BF8F6E312A7D1B267C2CB8A2DB3FF78E] - 16/05/2011 - 08:45:30 ---A- . (.SuperAdBlocker.com - Pas de description.) -- C:\Windows\system32\sabprocenum.sys [7040]
~ Scan Drivers in 00mn 02s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC:Last File Created 03/08/2011 - 12:39:20 ---A- C:\Users\All Users\SUPERAntiSpyware.com\SUPERAntiSpyware\DEFINITIONS.SAS [6231520]
O61 - LFC:Last File Created 03/08/2011 - 12:39:25 ---A- C:\Users\All Users\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll [52736]
O61 - LFC:Last File Created 03/08/2011 - 23:33:26 ---A- C:\Users\All Users\SUPERAntiSpyware.com\SUPERAntiSpyware\SAS_ALLUSER.DB3 [2048]
O61 - LFC:Last File Created 03/08/2011 - 23:33:26 ---A- C:\Users\Utilisateur\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SAS_CURRENTUSER.DB3 [7168]
O61 - LFC:Last File Created 04/06/2011 - 15:44:29 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\CREATIVEDESIGN\Compta.4\Ecriture.btr [9904128]
O61 - LFC:Last File Created 04/06/2011 - 15:51:20 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\CREATIVEDESIGN\Compta.4\Codejal.btr [79360]
O61 - LFC:Last File Created 04/06/2011 - 15:51:20 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\CREATIVEDESIGN\Compta.4\Dossier.btr [102400]
O61 - LFC:Last File Created 04/06/2011 - 15:53:26 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\CREATIVEDESIGN\CREATIVEDESIGN.ECP [517]
O61 - LFC:Last File Created 05/09/2011 - 09:33:04 ---A- C:\Users\Utilisateur\AppData\Roaming\IObit\Advanced SystemCare V4\Backup\ASCBackup-2011-09-05(10-33-04).reg [747]
O61 - LFC:Last File Created 05/09/2011 - 09:33:04 ---A- C:\Users\Utilisateur\AppData\Roaming\IObit\Advanced SystemCare V4\Log\ASCLog-2011-09-05(10-33-04).txt [253496]
O61 - LFC:Last File Created 05/09/2011 - 17:08:43 ---A- C:\Users\Utilisateur\Documents\DEVIS - FAC SERVICES.pdf [1115214]
O61 - LFC:Last File Created 06/01/2011 - 16:05:39 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\PLOMB DEPANNAGE\Compta.0\ErrRep.txt [1074]
O61 - LFC:Last File Created 06/09/2011 - 10:10:08 ---A- C:\Users\Utilisateur\Documents\pcastuces.pdf [2972199]
O61 - LFC:Last File Created 06/09/2011 - 14:46:49 ---A- C:\Users\Utilisateur\AppData\Roaming\IObit\Advanced SystemCare V4\Backup\ASCBackup-2011-09-06(15-46-49).reg [21318]
O61 - LFC:Last File Created 06/09/2011 - 14:46:49 ---A- C:\Users\Utilisateur\AppData\Roaming\IObit\Advanced SystemCare V4\Log\ASCLog-2011-09-06(15-46-49).txt [176998]
O61 - LFC:Last File Created 06/09/2011 - 14:52:19 -SH-- C:\Users\Utilisateur\AppData\Local\Temp\Cookies\index.dat [32768]
O61 - LFC:Last File Created 06/09/2011 - 14:52:19 -SH-- C:\Users\Utilisateur\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\index.dat [98304]
O61 - LFC:Last File Created 06/09/2011 - 14:52:19 -SH-- C:\Users\Utilisateur\AppData\Local\Temp\History\History.IE5\index.dat [98304]
O61 - LFC:Last File Created 06/09/2011 - 17:55:58 ---A- C:\Users\All Users\SUPERAntiSpyware.com\SUPERAntiSpyware\PROCESSLIST.DB [56937610]
O61 - LFC:Last File Created 06/09/2011 - 17:56:33 ---A- C:\Users\All Users\SUPERAntiSpyware.com\SUPERAntiSpyware\PROCESSLISTRELATED.DB [1403723]
O61 - LFC:Last File Created 06/09/2011 - 23:33:51 ---A- C:\Users\All Users\AVAST Software\Avast\log\AshWebSv.ws.ori [6805]
O61 - LFC:Last File Created 07/09/2011 - 12:39:24 ---A- C:\Users\All Users\SUPERAntiSpyware.com\SUPERAntiSpyware\PROCESSLIST.BIN [26485606]
O61 - LFC:Last File Created 07/09/2011 - 14:39:41 ---A- C:\Users\Utilisateur\AppData\Roaming\Adobe\Flash Player\AssetCache\EDH62JWS\381814F6F5270FFBB27E244D6138BC023AF911D5.swz [157002]
O61 - LFC:Last File Created 07/09/2011 - 14:39:42 ---A- C:\Users\Utilisateur\AppData\Roaming\Adobe\Flash Player\AssetCache\EDH62JWS\871F12AF0853C06E4EB80A1CCAB295CEADBB817A.swz [627102]
O61 - LFC:Last File Created 07/09/2011 - 14:39:42 ---A- C:\Users\Utilisateur\AppData\Roaming\Adobe\Flash Player\AssetCache\EDH62JWS\C3306B26751D6A80EB1FCB651912469AE18819AB.swz [98077]
O61 - LFC:Last File Created 07/09/2011 - 14:39:43 ---A- C:\Users\Utilisateur\AppData\Roaming\Adobe\Flash Player\AssetCache\EDH62JWS\440AE73B017A477382DEFF7C0DBE4896FED21079.swz [54532]
O61 - LFC:Last File Created 07/09/2011 - 14:39:43 ---A- C:\Users\Utilisateur\AppData\Roaming\Adobe\Flash Player\AssetCache\EDH62JWS\6344DCC80A9A6A3676DCEA0C92C8C45EFD2F3220.swz [319300]
O61 - LFC:Last File Created 07/09/2011 - 14:39:44 ---A- C:\Users\Utilisateur\AppData\Roaming\Adobe\Flash Player\AssetCache\EDH62JWS\6DDB94AE3365798230849FA0F931AC132FE417D1.swz [131925]
O61 - LFC:Last File Created 07/09/2011 - 14:39:44 ---A- C:\Users\Utilisateur\AppData\Roaming\Adobe\Flash Player\AssetCache\EDH62JWS\cacheSize.txt [8]
O61 - LFC:Last File Created 07/09/2011 - 14:43:24 ---A- C:\Users\Utilisateur\AppData\Roaming\Adobe\Flash Player\AssetCache\EDH62JWS\381814F6F5270FFBB27E244D6138BC023AF911D5.heu [148]
O61 - LFC:Last File Created 07/09/2011 - 14:43:25 ---A- C:\Users\Utilisateur\AppData\Roaming\Adobe\Flash Player\AssetCache\EDH62JWS\871F12AF0853C06E4EB80A1CCAB295CEADBB817A.heu [148]
O61 - LFC:Last File Created 07/09/2011 - 14:43:25 ---A- C:\Users\Utilisateur\AppData\Roaming\Adobe\Flash Player\AssetCache\EDH62JWS\C3306B26751D6A80EB1FCB651912469AE18819AB.heu [148]
O61 - LFC:Last File Created 07/09/2011 - 14:43:26 ---A- C:\Users\Utilisateur\AppData\Roaming\Adobe\Flash Player\AssetCache\EDH62JWS\440AE73B017A477382DEFF7C0DBE4896FED21079.heu [148]
O61 - LFC:Last File Created 07/09/2011 - 14:43:26 ---A- C:\Users\Utilisateur\AppData\Roaming\Adobe\Flash Player\AssetCache\EDH62JWS\6344DCC80A9A6A3676DCEA0C92C8C45EFD2F3220.heu [148]
O61 - LFC:Last File Created 07/09/2011 - 14:43:27 ---A- C:\Users\Utilisateur\AppData\Roaming\Adobe\Flash Player\AssetCache\EDH62JWS\6DDB94AE3365798230849FA0F931AC132FE417D1.heu [148]
O61 - LFC:Last File Created 07/09/2011 - 15:13:02 ---A- C:\Users\Utilisateur\AppData\Roaming\IObit\Advanced SystemCare V4\Backup\ASCBackup-2011-09-07(16-13-02).reg [995]
O61 - LFC:Last File Created 07/09/2011 - 15:13:02 ---A- C:\Users\Utilisateur\AppData\Roaming\IObit\Advanced SystemCare V4\Log\ASCLog-2011-09-07(16-13-02).txt [366056]
O61 - LFC:Last File Created 07/09/2011 - 17:38:41 ---A- C:\Users\Utilisateur\AppData\Roaming\HpUpdate\HpUpdate.hidden [0]
O61 - LFC:Last File Created 07/09/2011 - 17:38:41 ---A- C:\Users\Utilisateur\AppData\Roaming\HpUpdate\HpUpdate.session [378]
O61 - LFC:Last File Created 07/09/2011 - 17:38:41 ---A- C:\Users\Utilisateur\AppData\Roaming\HpUpdate\rpspackages.cache [4]
O61 - LFC:Last File Created 08/09/2011 - 08:24:52 ---A- C:\Users\All Users\AVAST Software\Avast\log\AshWebSv.ws [0]
O61 - LFC:Last File Created 08/09/2011 - 09:49:44 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Low\Messenger Companion\compo000.sqm [380]
O61 - LFC:Last File Created 08/09/2011 - 09:56:28 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Low\Messenger Companion\compo001.sqm [380]
O61 - LFC:Last File Created 08/09/2011 - 10:04:05 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Low\Messenger Companion\compo002.sqm [380]
O61 - LFC:Last File Created 08/09/2011 - 10:04:31 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Low\Messenger Companion\compo003.sqm [380]
O61 - LFC:Last File Created 08/09/2011 - 10:13:44 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Low\Messenger Companion\compo004.sqm [380]
O61 - LFC:Last File Created 08/09/2011 - 11:02:00 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Low\Messenger Companion\compo005.sqm [380]
O61 - LFC:Last File Created 08/09/2011 - 11:02:02 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Low\Messenger Companion\compo006.sqm [380]
O61 - LFC:Last File Created 08/09/2011 - 11:25:11 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Low\Messenger Companion\compo007.sqm [380]
O61 - LFC:Last File Created 08/09/2011 - 12:57:48 ---A- C:\Users\Utilisateur\AppData\Local\Temp\_ir_tmpfnt_1\Arial_1.TFT [367112]
O61 - LFC:Last File Created 08/09/2011 - 13:09:43 ---A- C:\Users\Utilisateur\AppData\Local\Temp\~DF21CCF2589B933979.TMP [147456]
O61 - LFC:Last File Created 08/09/2011 - 13:28:13 ---A- C:\Users\Utilisateur\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2011-09-08 (14-28-13).txt [1062]
O61 - LFC:Last File Created 08/09/2011 - 14:06:20 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Low\~DFFD3C6184D60E792C.TMP [16384]
O61 - LFC:Last File Created 08/09/2011 - 14:24:57 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Low\Messenger Companion\compo008.sqm [380]
O61 - LFC:Last File Created 08/09/2011 - 14:43:05 -SHA- C:\Users\Utilisateur\AppData\Local\Temp\History\History.IE5\MSHist012011090820110909\index.dat [32768]
O61 - LFC:Last File Created 08/09/2011 - 14:43:11 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\UVI9IF1D\favicon[1].ico [1150]
O61 - LFC:Last File Created 08/09/2011 - 14:43:12 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Cookies\NQ7IJHV0.txt [101]
O61 - LFC:Last File Created 08/09/2011 - 14:43:14 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\0L70V6EA\getflightassignment[1] [117]
O61 - LFC:Last File Created 08/09/2011 - 14:44:06 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\S4EGE6ZN\easy[1].htm [2353]
O61 - LFC:Last File Created 08/09/2011 - 14:44:38 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\UVI9IF1D\favicon[1].bmp [796]
O61 - LFC:Last File Created 08/09/2011 - 14:46:40 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\0L70V6EA\favicon[1].bmp [796]
O61 - LFC:Last File Created 08/09/2011 - 14:49:11 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\OWCCKINL\favicon[1].ico [16958]
O61 - LFC:Last File Created 08/09/2011 - 14:51:43 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Low\Messenger Companion\compo009.sqm [380]
O61 - LFC:Last File Created 08/09/2011 - 14:52:04 ---A- C:\Users\Utilisateur\AppData\Local\Temp\INMEM000.REM [0]
O61 - LFC:Last File Created 08/09/2011 - 14:52:23 ---A- C:\Users\Utilisateur\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\S4EGE6ZN\ZHPScan[1].txt [393305]
O61 - LFC:Last File Created 08/09/2011 - 23:33:27 ---A- C:\Users\Utilisateur\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SAS_CURRENTUSER.DB3-journal [5672]
O61 - LFC:Last File Created 10/08/2011 - 10:01:01 ---A- C:\Users\Utilisateur\AppData\Local\Windows Live Writer\ResourceCache\live\Writer_Config.cab [26240]
O61 - LFC:Last File Created 10/08/2011 - 14:48:59 ---A- C:\Users\All Users\McAfee\SiteAdvisor\SACore\sacore.db [250880]
O61 - LFC:Last File Created 13/01/2011 - 16:06:50 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\PLOMB DEPANNAGE\Compta.0\VENTANA.BTR [308224]
O61 - LFC:Last File Created 15/05/2011 - 15:14:54 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\FACSERVICES\Compta.2\NOTES.NTS [6]
O61 - LFC:Last File Created 15/05/2011 - 15:16:00 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\FACSERVICES\Compta.2\CODEJAL.BTR [66560]
O61 - LFC:Last File Created 15/05/2011 - 15:16:00 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\FACSERVICES\Compta.2\DOSSIER.BTR [65536]
O61 - LFC:Last File Created 15/05/2011 - 15:27:22 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\FACSERVICES\Compta.2\ECRITURE.BTR [5722112]
O61 - LFC:Last File Created 15/05/2011 - 15:28:09 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\FACSERVICES\FACSERVICES2.ECP [415]
O61 - LFC:Last File Created 15/05/2011 - 15:28:10 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\FACSERVICES\Compta.2\HISTORAP.BTR [15360]
O61 - LFC:Last File Created 16/07/2011 - 12:52:29 ---A- C:\Users\All Users\AVAST Software\Avast\URL.db [1473536]
O61 - LFC:Last File Created 16/07/2011 - 12:53:16 ---A- C:\Users\All Users\AVAST Software\Avast\snx_lconfig.xml [446]
O61 - LFC:Last File Created 16/07/2011 - 12:53:28 ---A- C:\Users\All Users\AVAST Software\Avast\chest\index.xml [114]
O61 - LFC:Last File Created 16/07/2011 - 12:53:29 ---A- C:\Users\All Users\AVAST Software\Avast\report\EmailShield.txt [14804]
O61 - LFC:Last File Created 16/07/2011 - 12:53:29 ---A- C:\Users\All Users\AVAST Software\Avast\report\FileSystemShield.txt [15080]
O61 - LFC:Last File Created 16/07/2011 - 12:53:29 ---A- C:\Users\All Users\AVAST Software\Avast\report\IMShield.txt [14804]
O61 - LFC:Last File Created 16/07/2011 - 12:53:29 ---A- C:\Users\All Users\AVAST Software\Avast\report\NetworkShield.txt [14804]
O61 - LFC:Last File Created 16/07/2011 - 12:53:29 ---A- C:\Users\All Users\AVAST Software\Avast\report\P2PShield.txt [14804]
O61 - LFC:Last File Created 16/07/2011 - 12:53:29 ---A- C:\Users\All Users\AVAST Software\Avast\report\ScriptShield.txt [14804]
O61 - LFC:Last File Created 16/07/2011 - 12:53:29 ---A- C:\Users\All Users\AVAST Software\Avast\report\WebShield.txt [14888]
O61 - LFC:Last File Created 16/07/2011 - 13:15:03 ---A- C:\Users\All Users\AVAST Software\Avast\Log.db [65536]
O61 - LFC:Last File Created 16/07/2011 - 14:06:36 ---A- C:\Users\All Users\AVAST Software\Avast\report\BehaviorShield.txt [104219]
O61 - LFC:Last File Created 16/07/2011 - 14:53:16 ---A- C:\Users\All Users\AVAST Software\Avast\db1cc43b6dd4a7c58-24a27017.dat [1953744]
O61 - LFC:Last File Created 16/07/2011 - 23:33:24 --HA- C:\Users\Utilisateur\AppData\Local\IconCache.db [2459896]
O61 - LFC:Last File Created 17/07/2011 - 12:53:39 ---A- C:\Users\All Users\Orange\Orange update\OUCore\LocalCatalog.xml [3775]
O61 - LFC:Last File Created 17/07/2011 - 12:53:46 ---A- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Network\Connections\Pbk\rasphone.pbk [2069]
O61 - LFC:Last File Created 17/07/2011 - 16:03:58 ---A- C:\Users\Public\Documents\EBP\Partage\Inet\ConfigWatch.xml [1356]
O61 - LFC:Last File Created 17/07/2011 - 16:03:58 ---A- C:\Users\Utilisateur\AppData\Roaming\EBP\Compta\Common\Subscriptions.xml [74]
O61 - LFC:Last File Created 17/07/2011 - 16:05:10 ---A- C:\Users\Public\Documents\EBP\Partage\Common\Devises.btr [73728]
O61 - LFC:Last File Created 17/07/2011 - 16:08:09 ---A- C:\Users\Utilisateur\AppData\Roaming\EBP\Compta\ToolBars00 [45298]
O61 - LFC:Last File Created 17/07/2011 - 16:08:10 ---A- C:\Users\Utilisateur\AppData\Roaming\EBP\Compta\Compta.bdata [173]
O61 - LFC:Last File Created 18/07/2011 - 10:49:59 ---A- C:\Users\Utilisateur\AppData\Roaming\Microsoft\HTML Help\hh.dat [8942]
O61 - LFC:Last File Created 18/07/2011 - 14:50:22 ---A- C:\Users\Utilisateur\AppData\Local\Windows Live\uxcore_iexplore_00.etl [8192]
O61 - LFC:Last File Created 18/07/2011 - 16:59:22 ---A- C:\Users\Utilisateur\AppData\Local\Windows Live\uxcore_WindowsLivePhotoViewer_00.etl [8192]
O61 - LFC:Last File Created 20/07/2011 - 13:09:58 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\build.conf [260]
O61 - LFC:Last File Created 20/07/2011 - 13:09:58 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref [7335388]
O61 - LFC:Last File Created 20/07/2011 - 14:07:30 ---A- C:\Users\All Users\McAfee\SiteAdvisor\SACore\sacore_cache.db [279552]
O61 - LFC:Last File Created 20/07/2011 - 14:51:32 ---A- C:\Users\All Users\McAfee\SiteAdvisor\SA.dat [21504]
O61 - LFC:Last File Created 20/07/2011 - 14:51:32 ---A- C:\Users\All Users\McAfee\SiteAdvisor\sasshmod.dll\log.txt [293348]
O61 - LFC:Last File Created 20/07/2011 - 16:06:28 ---A- C:\Users\Public\Documents\EBP\Partage\Common\REV_BCPT.BTR [57344]
O61 - LFC:Last File Created 20/07/2011 - 16:06:28 ---A- C:\Users\Public\Documents\EBP\Partage\Common\REV_BCYC.BTR [71680]
O61 - LFC:Last File Created 20/07/2011 - 16:06:28 ---A- C:\Users\Public\Documents\EBP\Partage\Common\REV_BMOD.BTR [6656]
O61 - LFC:Last File Created 21/07/2011 - 10:04:29 ---A- C:\Users\Utilisateur\AppData\Local\Windows Live\uxcore_wlmail_00.etl [8192]
O61 - LFC:Last File Created 22/07/2011 - 15:14:06 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\AWA NETTOYAGE ET SERVICES\Compta.0\NOTES.NTS [6]
O61 - LFC:Last File Created 22/07/2011 - 15:15:13 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\AWA NETTOYAGE ET SERVICES\Compta.0\DOSSIER.BTR [65536]
O61 - LFC:Last File Created 22/07/2011 - 15:34:44 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\AWA NETTOYAGE ET SERVICES\Compta.0\VENTANA.BTR [175616]
O61 - LFC:Last File Created 22/07/2011 - 15:54:42 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\AWA NETTOYAGE ET SERVICES\Compta.0\HISTORAP.BTR [15360]
O61 - LFC:Last File Created 22/07/2011 - 16:00:00 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\AWA NETTOYAGE ET SERVICES\Compta.0\CODEJAL.BTR [69120]
O61 - LFC:Last File Created 22/07/2011 - 16:00:00 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\AWA NETTOYAGE ET SERVICES\Compta.0\COMPTE.BTR [371712]
O61 - LFC:Last File Created 22/07/2011 - 16:00:00 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\AWA NETTOYAGE ET SERVICES\Compta.0\CUMUL.BTR [73728]
O61 - LFC:Last File Created 22/07/2011 - 16:00:23 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\AWA NETTOYAGE ET SERVICES\AWA NETTOYAGE ET SERVICES.ECP [301]
O61 - LFC:Last File Created 22/07/2011 - 16:00:23 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\AWA NETTOYAGE ET SERVICES\Compta.0\ECRITURE.BTR [425984]
O61 - LFC:Last File Created 26/01/2011 - 16:06:30 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\PLOMB DEPANNAGE\Compta.0\CODEJAL.BTR [74240]
O61 - LFC:Last File Created 26/01/2011 - 16:06:32 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\PLOMB DEPANNAGE\Compta.0\DOSSIER.BTR [65536]
O61 - LFC:Last File Created 26/01/2011 - 16:06:50 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\PLOMB DEPANNAGE\Compta.0\COMPTE.BTR [399360]
O61 - LFC:Last File Created 26/01/2011 - 16:06:50 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\PLOMB DEPANNAGE\Compta.0\ECRITURE.BTR [741376]
O61 - LFC:Last File Created 26/01/2011 - 16:07:30 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\PLOMB DEPANNAGE\Compta.0\CUMUL.BTR [106496]
O61 - LFC:Last File Created 27/01/2011 - 16:08:09 ---A- C:\Users\Public\Documents\EBP\Partage\Dossiers\PLOMB DEPANNAGE\PLOMB DEPANNAGE.ECP [335]
O61 - LFC:Last File Created 27/07/2011 - 08:22:20 ---A- C:\Users\All Users\Orange\Orange update\OUCore\Logos\Logos.xml [1098]
O61 - LFC:Last File Created 27/07/2011 - 08:22:20 ---A- C:\Users\All Users\Orange\Orange update\OUCore\Logos\internetexplorer.png [5219]
O61 - LFC:Last File Created 31/07/2011 - 12:52:02 ---A- C:\Users\Utilisateur\AppData\Local\PDOXUSRS.NET [13030]
~ Scan Files in 00mn 41s
---\\ Alternate Data Stream File (O62)
O62 - ADS:Alternate Data Stream File - C:\Windows\system32\Msvbvm50.dll:Zone.Identifier
~ Scan ADS in 00mn 01s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPFix 1.12 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1
O63 - Logiciel: Ad-Remover - (.Pas de propriétaire.) [HKCU] -- Ad-Remover
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 04/07/2011 - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt(aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 21/07/2011 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys - driverhardwarev2(driverhardwarev2) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2
O64 - Services: CurCS - 11/03/2011 - C:\Windows\system32\drivers\iaStorV.sys - Contrôleur RAID Intel Windows 7(iaStorV) .(.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) - LEGACY_IASTORV
O64 - Services: CurCS - 01/09/2010 - C:\Windows\system32\DRIVERS\psi_mf.sys - PSI(PSI) .(.Secunia - Secunia PSI Driver.) - LEGACY_PSI
O64 - Services: CurCS - 22/07/2011 - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys - SASDIFSV(SASDIFSV) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - LEGACY_SASDIFSV
O64 - Services: CurCS - 12/07/2011 - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys - SASKUTIL(SASKUTIL) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - LEGACY_SASKUTIL
O64 - Services: CurCS - 26/11/2010 - C:\Windows\system32\Drivers\SmartDefragDriver.sys - SmartDefragDriver (SmartDefragDriver) .(...) - LEGACY_SMARTDEFRAGDRIVER
~ Scan Services in 00mn 25s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing
O69 - SBI: SearchScopes [HKCU] {36BCD862-7E7B-4D71-9541-F7C2552D1527} - (Recherche sécurisée) - Yahoo! Search - Recherche Web
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} [DefaultScope] - (Orange) - http://r.orange.fr
~ Scan Keys in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.37823FCAFFB40D7A3B3724A9B8250D6D] [sPRF][16/05/2011] (.SuperAdBlocker.com - Process Scanner for FileResearchCenter.com.) -- C:\Windows\Downloaded Program Files\sabspx.dll [379776]
~ Scan Files in 00mn 00s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{B53B35E7-B05D-4FBF-A65A-3A2CCE4F84E8}" | In - Domain - P6 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
O87 - FAEL: "{0D56C05D-D5D8-496C-8BA8-12DA843E4846}" | In - Domain - P17 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
O87 - FAEL: "{CC02197B-146C-4F7B-B81B-C134FCDA85EF}" | In - Private - P6 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
O87 - FAEL: "{68ADDDB0-7450-41C4-92CB-0DC4204B7299}" | In - Private - P17 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
O87 - FAEL: "TCP Query User{13733F90-89D8-4513-86FC-E276C6143108}C:\program files\ebp\compta13.0\compta.exe" | In - Private - P6 - TRUE | .(.EBP - Compta.) -- C:\program files\ebp\compta13.0\compta.exe
O87 - FAEL: "UDP Query User{8A9FF3CB-8810-4E30-AEF1-44D1EA0F81BB}C:\program files\ebp\compta13.0\compta.exe" | In - Private - P17 - TRUE | .(.EBP - Compta.) -- C:\program files\ebp\compta13.0\compta.exe
O87 - FAEL: "{8FC0557F-042F-435D-A3B4-9AA000E6F158}" | In - Private - P6 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
O87 - FAEL: "{8D27F8CE-3C23-4FB8-B4E5-1C90DF169E53}" | In - Private - P17 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
O87 - FAEL: "TCP Query User{0199AFD3-843B-4BF2-A55E-E138D0A8BF0F}C:\program files\java\jre7\bin\java.exe" | In - Private - P6 - TRUE | .(.Oracle Corporation - Java Platform SE binary.) -- C:\program files\java\jre7\bin\java.exe
O87 - FAEL: "UDP Query User{B511B7F0-A17E-4845-BD3C-E7C7AC970769}C:\program files\java\jre7\bin\java.exe" | In - Private - P17 - TRUE | .(.Oracle Corporation - Java Platform SE binary.) -- C:\program files\java\jre7\bin\java.exe
O87 - FAEL: "{78C8E8D2-2B60-4A15-8BF9-1677D486182F}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe
O87 - FAEL: "{E2FD099D-91C8-4C24-B753-5F5BD31918C5}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe
O87 - FAEL: "{EED50CBD-8B3C-4935-A563-48FFAC37ED21}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Update Client.) -- C:\Program Files\HP\hp software update\hpwucli.exe
~ Scan Firewall in 00mn 01s
---\\ Recherche détournement de DNS routeur (O89)
Serveur : livebox.home
Address: 192.168.1.1
Nom : www.l.google.com
Addresses: 209.85.148.104
209.85.148.99
209.85.148.105
209.85.148.103
209.85.148.147
209.85.148.106
Aliases: www.google.fr
~ Scan DNS in 00mn 02s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 24/08/2011 116608 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE.exe
SR - | Auto 20/07/2011 3029208 | C:\Program Files\Emsisoft Anti-Malware\a2service.exe (a2AntiMalware) . (.Emsi Software GmbH.) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
SR - | Auto 16/07/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 22/08/2011 328536 | (AdvancedSystemCareService) . (.IObit.) - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
SR - | Auto 04/07/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 18/07/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe
SR - | Auto 22/07/2011 32768 | EBP Pervasive.SQL (EBP Pervasive.SQL) . (...) - C:\PVSW\Bin\WGE_SRV.exe
SR - | Auto 17/07/2011 69632 | (FTRTSVC) . (.France Telecom SA.) - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
SS - | Demand 26/08/2011 311928 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
SR - | Auto 10/08/2011 94880 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
SS - | Demand 20/07/2011 237008 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
SS - | Auto 17/07/2011 1055872 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
SR - | Auto 22/07/2011 32768 | EBP - Pervasive.SQL Workgroup (Pervasive.SQL Workgroup) . (...) - C:\PVSW\bin\WGE_SRV.exe
SR - | Auto 19/07/2011 993848 | (Secunia PSI Agent) . (.Secunia.) - C:\Program Files\Secunia\PSI\PSIA.exe
SR - | Auto 19/07/2011 399416 | (Secunia Update Agent) . (.Secunia.) - C:\Program Files\Secunia\PSI\sua.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe
~ Scan Services in 00mn 03s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover
Run by Utilisateur at 08/09/2011 16:01:26
device: opened successfully
user: error reading MBR
Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ Scan MBR in 00mn 07s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Utilisateur at 08/09/2011 16:01:29
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 09s
End of the scan (1364 lines in 08mn 43s)(0)
Bonjour Bleuet,
Comme tu me l'as demandé tu trouveras ci-joint le rapport DIAG mis à jour aujourd'hui.
Merci d'avance pour ton aide.
Arnold30
-
Bonjour,
Dans mon Rapport, je constate plusieurs anomalies. Le système d'exploitation recensé est windows xp Home service Pack 2 alors que je possède le système d'exploitation Windows 7 édition familiale premium service pack 1. Mon OS est authentique et a bien été activé.
D'autre part, dans la partie "Info" du rapport, les messages suivants sont indiqués : Windows Genuine Advantage KO => Windows Genuine Advantage Désactivé.
R5 HKCU\oftware\Microsoft\Windows \urrentVersion\nternet Settings MigrateProxy = 1 => Internet Explorer Allows Proxy Settings Remotely
05 control.iniHKLM\. \Control Panel inetcpl.cpl=no =>Panneau de controle Internet Explorer désactivé.
user: error reading MBR
error: Read Descripteur non valide
kernel:error reading MBR => OS not supported by MBR.
Me contacter S.V.P.
Pourriez-vous m'indiquer les actions à effectuer pour résoudre ces problèmes?
Merci d'avance.
[Résolu] Modules complémentaires IE 10
dans Analyses et éradication malwares
Posté(e)
Bonjour Dylav,
Je n'arrive pas à indiquer que mon problème est résolu. La fenêtre "enregistrer les modifications" "utiliser l'éditeur complet" s'ouvre furtivement et disparait aussitôt sans que j'ai le temps de faire le nécessaire.
Merci de bien vouloir résoudre ce problème.