Aller au contenu

florent01

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    39

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par florent01

  1. florent01
    ok ie déjà reinitialisé hier a quoi sert le eset online?
  2. florent01
    Petites questions: comment voir quels logiciels sont lancés au démarrage et sont ils vraiment tous utiles? Cela ne ralentit il pas le démarrage?
  3. florent01
    bonjour voici le rapport zhpfix Rapport de ZHPFix 2013.11.4.1 par Nicolas Coolman, Update du 03/11/2013 Fichier d'export Registre : Run by Perso at 11/11/2013 09:04:11 High Elevated Privileges : OK Windows XP Professional Service Pack 3 (Build 2600) Corbeille vidée (00mn 56s) ========== Logiciels ========== SUPPRIMÉ: MyPDFConverter ========== Clés du Registre ========== SUPPRIMÉ: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D76557F-04F5-4CF9-AB20-6A621B0D52D7}] SUPPRIMÉ: CLSID DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} SUPPRIMÉ: HKCU\Software\LdShih SUPPRIMÉ: HKLM\Software\Europa Casino SUPPRIMÉ: HKLM\Software\StaterTV ========== Valeurs du Registre ========== SUPPRIMÉ RunValue: upstv_fr_8.exe SUPPRIMÉ RunValue: startertv_fr_13 SUPPRIMÉ RunValue: startertv_fr_15 SUPPRIMÉ RunValue: startertv_fr_8 SUPPRIMÉ: FirewallRaz (SP) : C:\WINDOWS\system32\rundll32.exe SUPPRIMÉ: FirewallRaz (SP) : %windir%\Network Diagnostic\xpnetdiag.exe SUPPRIMÉ: FirewallRaz (SP) : %windir%\system32\sessmgr.exe SUPPRIMÉ: FirewallRaz (SP) : E:\fscommand\CKSocketServer.exe SUPPRIMÉ: FirewallRaz (SP) : D:\fscommand\CKSocketServer.exe SUPPRIMÉ: FirewallRaz (DP) : %windir%\system32\sessmgr.exe SUPPRIMÉ: FirewallRaz (DP) : %windir%\Network Diagnostic\xpnetdiag.exe Aucune valeur présente dans la clé d'exception du registre (FirewallRaz) ========== Eléments de donnée du Registre ========== SUPPRIMÉ Pointeurs: cplfile(cpl) Default=%SystemRoot%\System32\control.exe "%1",%* ========== Dossiers ========== SUPPRIMÉ: C:\Documents and Settings\All Users\Application Data\PopCap SUPPRIMÉS Temporaires Windows (122) (0 octets) SUPPRIMÉS Flash Cookies (1) (0 octets) ========== Fichiers ========== SUPPRIMÉ: c:\documents and settings\perso\local settings\application data\google\chrome\user data\default\local storage\chrome-extension_ammjbfijeglcdlnlnhlkdhgjnlgmpehe_0.localstorage SUPPRIMÉS Temporaires Windows (0) (0 octets) SUPPRIMÉS Flash Cookies (0) (0 octets) ========== Récapitulatif ========== 5 : Clés du Registre 12 : Valeurs du Registre 1 : Eléments de donnée du Registre 3 : Dossiers 3 : Fichiers 1 : Logiciels End of clean in 11mn 15s ========== Chemin de fichier rapport ========== C:\Documents and Settings\Perso\Application Data\ZHP\ZHPFix[R1].txt - 11/11/2013 09:05:09 [2232]
  4. florent01
    scan avec ZHPdiag: ~ Rapport de ZHPDiag v2013.11.10.24 - Nicolas Coolman (10/11/2013) ~ Lancé par Perso (10/11/2013 21:33:12) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Not Found ---\\ Navigateurs Internet MSIE: Internet Explorer v8.0.6001.18702 (Defaut) GCIE: Google Chrome v30.0.1599.101 ---\\ Informations sur les produits Windows ~ Langage: Français Windows XP Professional Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : OK ---\\ Logiciels de protection du système AVG 2013 v13.0.3222 Malwarebytes Anti-Malware version 1.75.0.1300 Spybot - Search & Destroy v1.6.2 ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 11 ActiveX Adobe Reader XI ---\\ Informations sur le système ~ Processor: x86 Family 6 Model 4 Stepping 2, AuthenticAMD ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 495 MB (16% free) System Restore: Activé (Enable) System drive C: has 46 GB (60%) free of 76 GB ---\\ Mode de connexion au système ~ Computer Name: N-7UI4UUTJXN35X ~ User Name: Perso ~ All Users Names: SUPPORT_388945a0, Perso, HelpAssistant, ASPNET, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Documents and Settings\Perso\Application Data\ZHP\ ~ %AppData% : C:\Documents and Settings\Perso\Application Data\ ~ %Desktop% : C:\Documents and Settings\Perso\Bureau\ ~ %Favorites% : C:\Documents and Settings\Perso\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\Perso\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\Perso\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ Enumération des unités disques A: Floppy drive, Flash card reader, USB Key (Not Inserted) C: Hard drive, Flash drive, Thumb drive (Free 46 Go of 76 Go) D: CD-ROM drive (Not Inserted) E: CD-ROM drive (Not Inserted) F: Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 45 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.F8DD21FC65131E064FBF11F01E4F4BFD] - (.Microsoft Corporation - Internet Extensions for Win32.) (.23/09/2013 - 19:23:33.) -- C:\WINDOWS\system32\wininet.dll [920064] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 19:40:30.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512] [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 20:14:21.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744] [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 19:40:46.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976] [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 02:57:38.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672] [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 17:36:05.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384] [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 03:00:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144] [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 19:40:58.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112] [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 19:57:15.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832] [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 20:19:42.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264] [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320] [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 20:21:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 20:15:53.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976] [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 03:09:40.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384] [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 20:19:43.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328] [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 19:32:51.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224] [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.14/04/2008 - 02:57:34.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752] [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 02:56:04.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376] ~ Generic Processes: Scanned in 00mn 01s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/371 ~ Mes musiques (My Musics) : 1/5 ~ Mes Videos (My Videos) : 1/5 ~ Mes Favoris (My Favorites) : 1/31 ~ Mes Documents (My Documents) : 4/2085 ~ Mon Bureau (My Desktop) : 1/6386 ~ Menu demarrer (Programs) : 1/36 ~ Hidden Files: Scanned in 00mn 12s ---\\ Processus lancés [MD5.5C96C1ED05710A192B10241DC5C2BE30] - (.Ahead Software AG - incdsrv.) -- C:\Program Files\Ahead\InCD\InCDsrv.exe [1151090] [PID.1164] [MD5.4DB93F4DB7077801D2D82013506AC1D0] - (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312] [PID.1892] [MD5.48939D9F350AEF9370F03A1E49A49BE2] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136] [PID.1924] [MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1952] [MD5.9D519AAA21E622DF7DF27041E0917499] - (.Pas de propriétaire - DedicarzService.) -- C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe [1966960] [PID.356] [MD5.C88862F45AC3B447DF50E814BE2F6A13] - (.France Telecom SA - Pas de description.) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [65536] [PID.1008] [MD5.F2FD07BE3401FD6BFDF65716E72900C9] - (.AVG Technologies CZ, s.r.o. - AVG Online Shield Service.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe [1117744] [PID.1220] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648] [PID.1452] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [322120] [PID.1648] [MD5.CF7B0E597C1F34E528285495721DEEE9] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe [237960] [PID.1188] [MD5.9946F9F9B359B010E879D6FF0155D9B7] - (.PCtel, Inc. - PCTSPK.EXE.) -- C:\WINDOWS\system32\pctspk.exe [86016] [PID.2120] [MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [73728] [PID.2140] [MD5.0407143F2BBC1A5DD5B518AC0704FCBF] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [92632] [PID.2320] [MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.3996] [MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.244] [MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.488] [MD5.1F272ACBF9E17A0917524773DA8C9140] - (.THOMSON - SpeedTouch Statistics.) -- C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [878080] [PID.3352] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- ystem32\rundll32.exe [0] [PID.4068] [MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208] [PID.3716] [MD5.729FFD6B3EF92C499EEED25D504DC1DB] - (.Apple Computer, Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe [282624] [PID.372] [MD5.F6573F33A8BB3525ABECCD8DD00603FD] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2013\avgui.exe [4411952] [PID.1800] [MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.872] [MD5.373576844EE644449420AF296853C9A5] - (.Orange - Executable Orange Inside.) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\one\OrangeInside.exe [1514896] [PID.784] [MD5.4543367E50BD35E7D1269D42841B156E] - (.Hewlett-Packard Development Company, L.P. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [288472] [PID.1880] [MD5.5229F48A85879A9D256CBEFC23FC95B9] - (.TOSHIBA CORPORATION. - TosBtMng.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [483328] [PID.2148] [MD5.E3A2C0BCBE14A0116F80657079A19D25] - (.Matsushita Electric Industrial Co., Ltd. - LUMIX Simple Viewer.) -- C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [57344] [PID.2652] [MD5.6ED85DB2C3DBBF49C734A883FED21E0A] - (.TOSHIBA CORPORATION. - TosA2dp.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe [258048] [PID.2952] [MD5.57FD13E2544B2D0DA5BA20CAD438B7E2] - (.TOSHIBA CORPORATION. - TosBtHSP.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe [217088] [PID.3928] [MD5.87BCF7A6A70060A48F9F5E6F80228A3F] - (.Hewlett-Packard Development Company, L.P. - HP Photosmart Premier.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe [479232] [PID.3384] [MD5.C15B813F2FDB44F87F23312472C6E790] - (.Nokia - ServiceLayer Module.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [720936] [PID.3752] [MD5.B26F1872CC4407754FB5CFE9B4243D8E] - (.Nokia - USB Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe [174120] [PID.2436] [MD5.71E4926DB14593CC8EBCD7A991C57FA0] - (.Nokia - Microsoft Bluetooth Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe [142376] [PID.728] [MD5.3DF82A30D1C728CE53FC0D63666FF48C] - (.Nokia - Serial Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe [148008] [PID.3888] [MD5.88029974B1C9995CFA3BD9560BBA2EEF] - (.Hewlett-Packard Development Company, L.P. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [239320] [PID.2020] [MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816] [PID.5428] [MD5.5F4634A5F4629F2FC242C45F78F44668] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8201216] [PID.3056] ~ Processes Running: Scanned in 00mn 05s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Documents and Settings\Perso\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences ~ Google Browser: 0 Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\Perso\Application Data\Mozilla\Firefox\Profiles\2hqx91zn.default\prefs.js (.not file.) M2 - MFEP: prefs.js [Perso - 2hqx91zn.default\toolbar@Orange.fr] [] barre d'outils Orange v4.3.0.0 (..) P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll =>.Google Inc P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@nokia.com/EnablerPlugin] - (.Pas de propriétaire - Nokia Suite Enabler Plugin.) -- C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=14] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.05.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll P2 - FPN: [HKLM] [yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] - (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) -- C:\Program Files\Yahoo!\Common\npyaxmpb.dll ~ Firefox Browser: 11 Scanned in 00mn 01s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ IE Browser: 13 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local> R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 20 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Barre d'outils pour IE.) -- c:\program files\google\googletoolbar4.dll =>Toolbar.Google O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll =>Toolbar.Google O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ~ BHO: 12 Scanned in 00mn 01s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: &Google - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Barre d'outils pour IE.) -- c:\program files\google\googletoolbar4.dll =>Toolbar.Google O3 - Toolbar: (no name) - [HKLM]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline O3 - Toolbar: (no name) - [HKCU]{1E796980-9CC5-11D1-A83F-00C04FC99D61} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{F2CF5485-4E02-4F68-819C-B92DE9277049} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Program [AllUsers]: Adobe Reader XI.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico O4 - GS\Program [AllUsers]: Installation du Contrôle Parental.lnk . (.InstallShield Software Corporation - InstallShield ® Setup Launcher.) -- C:\Program Files\Securitoo\Controle Parental\Controle_parental.exe O4 - GS\Program [AllUsers]: Microsoft Access.lnk . (...) -- C:\WINDOWS\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\accicons.exe O4 - GS\Program [AllUsers]: Microsoft AutoRoute 2002.lnk . (...) -- C:\WINDOWS\Installer\{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}\_EEEB0DC6B9B4_49F0_BA10_A04D928A3C81.exe O4 - GS\Program [AllUsers]: Microsoft Excel.lnk . (...) -- C:\WINDOWS\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe O4 - GS\Program [AllUsers]: Microsoft FrontPage.lnk . (...) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\misc.exe O4 - GS\Program [AllUsers]: Microsoft Outlook.lnk . (...) -- C:\WINDOWS\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\outicon.exe O4 - GS\Program [AllUsers]: Microsoft PowerPoint.lnk . (...) -- C:\WINDOWS\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\pptico.exe O4 - GS\Program [AllUsers]: Microsoft Publisher.lnk . (...) -- C:\WINDOWS\Installer\{0004040C-78E1-11D2-B60F-006097C998E7}\pubs.exe O4 - GS\Program [AllUsers]: Microsoft Word.lnk . (...) -- C:\WINDOWS\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe O4 - GS\Program [AllUsers]: MSN Explorer.lnk . (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\msn6.exe O4 - GS\Program [AllUsers]: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - GS\Program [AllUsers]: Windows Search.lnk . (.Microsoft Corporation - Windows Search System Tray.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe O4 - GS\Program [Perso]: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe =>.Microsoft Corporation O4 - GS\Program [Perso]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Program [Perso]: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe =>.Microsoft Corporation O4 - GS\Program [Perso]: Pages Annuaire.lnk - Clé orpheline O4 - GS\Program [Perso]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation ~ Global Startup: 24 Scanned in 00mn 01s ---\\ Applications lancées au démarrage du sytème (O4) O4 - GS\Program [AllUsers]: Adobe Gamma Loader.exe.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.) -- C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - GS\Program [AllUsers]: Bluetooth Manager.lnk . (...) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe O4 - GS\Program [AllUsers]: Démarrage rapide de HP Photosmart Premier.lnk . (.Hewlett-Packard Development Company, L.P. - HP Photosmart Premier.) -- C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe =>.Hewlett-Packard Co O4 - GS\Program [AllUsers]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Development Company, L.P. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co O4 - GS\Program [AllUsers]: LUMIX Simple Viewer.lnk . (.Matsushita Electric Industrial Co., Ltd. - LUMIX Simple Viewer.) -- C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe O4 - GS\Program [AllUsers]: Windows Search.lnk . (.Microsoft Corporation - Windows Search System Tray.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] . (.THOMSON - SpeedTouch Statistics.) -- C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] Clé orpheline O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co O4 - HKLM\..\Run: [ORAHSSSessionManager] . (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [CamserviceHD] . (.Guillemot Corporation S.A. - CamService Application.) -- C:\Program Files\Hercules\Hercules DualPix HD Webcam\Camservice.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Computer, Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe O4 - HKLM\..\Run: [upstv_fr_8.exe] C:\Documents and Settings\Perso\Local Settings\Application Data\startertv_fr_8\upstv_fr_8.exe (.not file.) =>Adware.StarterTV O4 - HKLM\..\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2013\avgui.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Run: [startertv_fr_13] Clé orpheline =>Adware.StarterTV O4 - HKLM\..\Run: [startertv_fr_15] Clé orpheline =>Adware.StarterTV O4 - HKLM\..\Run: [startertv_fr_8] Clé orpheline =>Adware.StarterTV O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O4 - HKCU\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe O4 - HKCU\..\Run: [orangeinside] . (.Orange - Executable Orange Inside.) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\one\OrangeInside.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-21-1202660629-492894223-1343024091-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1202660629-492894223-1343024091-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKUS\S-1-5-21-1202660629-492894223-1343024091-1003\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O4 - HKUS\S-1-5-21-1202660629-492894223-1343024091-1003\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe O4 - HKUS\S-1-5-21-1202660629-492894223-1343024091-1003\..\Run: [orangeinside] . (.Orange - Executable Orange Inside.) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\one\OrangeInside.exe ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll ~ Winsock: 5 Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} ((no name)) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} ((no name)) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} ((no name)) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - ((no name)) - (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {49232000-16E4-426C-A231-62846947304B} ((no name)) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} ((no name)) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} ((no name)) - http://logicielsgratuits.orange.fr/download_service/Install/OrangeInstaller.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137401890549 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342519897194 O16 - DPF: {6EBC6744-5383-4213-AD5E-66434ECA1812} ((no name)) - http://download.sp.f-secure.com/ols/nordnet/orange/so-4.1/resources/fslauncher.cab O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} ((no name)) - https://www.vm-wl.com/DownloadManager/Release/Prod/DownMan.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} ((no name)) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} ((no name)) - http://game10.zylom.servicesalacarte.orange.fr/activex/zylomgamesplayer.cab O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} ((no name)) - http://jeuxentelechargement.orange.fr/orange2.0/OnlineHSS/zuma/Popcap.cab =>Adware.PopCap O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} ((no name)) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} ((no name)) - http://h30043.www3.hp.com/aio/fr/check/qdiagh.cab?326 O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} ((no name)) - http://jeuxentelechargement.orange.fr/online2/mahjong_escape_ancient/PTGameLauncher.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} ((no name)) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{EAE7325A-BFF2-4B7A-83DB-ECDAA65337E3}: NameServer = 10.71.250.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{37F0E4EF-CAC7-4349-978D-18C104F33364}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{EAE7325A-BFF2-4B7A-83DB-ECDAA65337E3}: NameServer = 10.71.250.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{37F0E4EF-CAC7-4349-978D-18C104F33364}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{EAE7325A-BFF2-4B7A-83DB-ECDAA65337E3}: NameServer = 10.71.250.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{37F0E4EF-CAC7-4349-978D-18C104F33364}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ~ SSODL: 5 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dedicarz Service (Dedicarz Service) . (.Pas de propriétaire - DedicarzService.) - C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA - Pas de description.) - C:\Program Files\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) . (.Ahead Software AG - incdsrv.) - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Orange update Core Service (Orange update Core Service) . (.Orange SA - Orange Upd@te.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe O23 - Service: PCTEL Speaker Phone (Pctspk) . (.PCtel, Inc. - PCTSPK.EXE.) - C:\WINDOWS\system32\pctspk.exe O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe ~ Services: 15 Scanned in 00mn 23s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Word.) - C:\Program Files\Microsoft Office\Office10\WINWORD.exe O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Wallpaper1.bmp ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart) (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Service.) -- C:\PROGRA~1\AVG\AVG2013\avgrsx.exe ~ BEX: 2 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Google Software Updater.job [952] [MD5.A283108E14F3970432C21AF4C0CB1BCE] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257416] [MD5.408DDD80EEDE47175F6844817B90213E] [APT] [Google Software Updater] (.Google.) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [194104] ~ Scheduled Task: 4 Scanned in 00mn 01s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Mise à jour de la version d’Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- C:\WINDOWS\system32\ieudinit.exe O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media de Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe =>.Microsoft Corporation O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\WINDOWS\system32\ie4uinit.exe.mui O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation O40 - ASIC: YInstStarterUpgrade Class - {0291E591-EA41-4c82-8106-3DC6CE7F7664} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\yinsthelper.dll O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll O40 - ASIC: Macromedia Shockwave Director 8.5.1 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Macromedia, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Macromed\Director\SwDir.dll O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll O40 - ASIC: YInstStarter Class - {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\yinsthelper.dll O40 - ASIC: YSearchSetting2 Class - {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\yinsthelper.dll O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp11.inf =>.Microsoft Corporation O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\WINDOWS\system32\ie4uinit.exe.mui O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- c:\WINDOWS\system32\mscories.dll O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe O40 - ASIC: Adobe Flash Player 9 ActiveX - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\WINDOWS\system32\Macromed\Flash\Flash32_11_9_900_117.ocx O40 - ASIC: Installed Component - S-1-5-21-1202660629-492894223-1343024091-1003 - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -- Not Hexadécimal CLSID ~ Active Setup: 24 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (AVGIDSDriver) . (.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Driver..) - C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys O41 - Driver: (AVGIDSShim) . (.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Loader Dri.) - C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys O41 - Driver: (Avgldx86) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\WINDOWS\system32\DRIVERS\avgldx86.sys O41 - Driver: (Avgtdix) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\WINDOWS\system32\DRIVERS\avgtdix.sys O41 - Driver: (avgtp) . (.AVG Technologies - Pas de description.) - C:\WINDOWS\system32\drivers\avgtpx86.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys O41 - Driver: (InCDPass) . (.Ahead Software AG - Ahead RW Filter Driver.) - C:\WINDOWS\system32\DRIVERS\InCDPass.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys O41 - Driver: (Tosrfcom) . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) - C:\WINDOWS\system32\Drivers\tosrfcom.sys O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys ~ Drivers: 81 Scanned in 00mn 02s ---\\ Logiciels installés (O42) O42 - Logiciel: AVG 2013 - (.AVG Technologies.) [HKLM] -- AVG O42 - Logiciel: AVG 2013 - (.AVG Technologies.) [HKLM] -- {6280C3D1-00A3-4E79-BDF6-98332A29B706} O42 - Logiciel: AVG 2013 - (.AVG Technologies.) [HKLM] -- {631E66F3-5BCC-4FF8-9F42-95AF0BFA38B7} O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {52E225FC-FCB4-41F7-837B-6E37FB05BD7B} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Photoshop 6.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop 6.0 O42 - Logiciel: Adobe Reader XI (11.0.05) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001} O42 - Logiciel: Adobe SVG Viewer - (.Adobe Systems, Inc..) [HKLM] -- Adobe SVG Viewer O42 - Logiciel: Assistance Livebox - (.Orange.) [HKLM] -- Assistance Livebox O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B} O42 - Logiciel: Connexion Internet Orange - (...) [HKLM] -- {ORAHSS}.UninstallSuite O42 - Logiciel: Dongle Sagem 760N - (...) [HKLM] -- LIVEBOX_SAGEM_760N O42 - Logiciel: Encyclopédie Microsoft Encarta 2003 - (.Microsoft Corporation.) [HKLM] -- {03460010-3975-4267-9F39-1DC4745090B7} O42 - Logiciel: Free Tarot - (...) [HKLM] -- Free Tarot O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3} O42 - Logiciel: HP Product Assistant - (.Hewlett-Packard.) [HKLM] -- {36FDBE6E-6684-462B-AE98-9A39A1B200CC} O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3} O42 - Logiciel: Hercules DualPix HD Webcam - (.Hercules.) [HKLM] -- {F0CFDC72-63D2-4086-A54F-1514494394A0} O42 - Logiciel: InstantShareAlert - (.HP.) [HKLM] -- {069730C2-755A-485B-A205-27A1AAFA836A} O42 - Logiciel: J2SE Runtime Environment 5.0 Update 6 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150060} O42 - Logiciel: Java 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216015FF} O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5} O42 - Logiciel: LUMIX Simple Viewer - (...) [HKLM] -- {2CDCCE7E-55D5-40CC-AEA0-ABA54713501F} O42 - Logiciel: Lecteur Windows Media 11 - (...) [HKLM] -- Windows Media Player =>.Microsoft Corporation O42 - Logiciel: MSVC80_x86 - (.Nokia.) [HKLM] -- {212748BB-0DA5-46DE-82A1-403736DC9F27} O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F} O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Mah-Jong IV - (...) [HKLM] -- Micro Application - Mah-Jong IV O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Messager Wanadoo - (...) [HKLM] -- Messager Wanadoo.exe O42 - Logiciel: Micro Application - Patiences et Réussites - (...) [HKLM] -- Patiences et Réussites O42 - Logiciel: Microsoft AutoRoute 2002 - (.Microsoft.) [HKLM] -- {F7F2DC0A-C22E-49AD-AD37-797309A54E7B} O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009 O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5} O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB} O42 - Logiciel: MyPDFConverter - (.Secure Digital Services.) [HKLM] -- {1D76557F-04F5-4CF9-AB20-6A621B0D52D7} =>Adware.SPointer O42 - Logiciel: Nero Suite - (...) [HKLM] -- NeroMultiInstaller!UninstallKey O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {A57025CC-5F2E-4D01-B387-06DB10500D43} O42 - Logiciel: Nokia Suite - (.Nokia.) [HKLM] -- Nokia Suite O42 - Logiciel: Nokia Suite - (.Nokia.) [HKLM] -- {7964AE02-9127-42C0-A917-2CE4CD4EFE3B} O42 - Logiciel: Notification Mail - (.Orange.) [HKLM] -- MailNotifier O42 - Logiciel: Orange Inside - (.Orange.) [HKCU] -- Orange Inside O42 - Logiciel: Orange Installeur version 1.2.5.0 - (.Orange.) [HKLM] -- {D13FE823-C575-4451-AC37-E645A67AA581}_1.2.5.0 O42 - Logiciel: Orange update - (.Orange.) [HKLM] -- OrangeUpdateManager O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {DA5B2BDC-F654-4A88-A669-4D34BC7846A1} O42 - Logiciel: Package de pilotes Windows - Nokia Modem (03/05/2008 3.7) - (.Nokia.) [HKLM] -- CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A O42 - Logiciel: Package de pilotes Windows - Nokia Modem (03/13/2008 6.86.0.1) - (.Nokia.) [HKLM] -- E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693 O42 - Logiciel: QuickTime - (.Apple Computer, Inc..) [HKLM] -- {50D8FFDD-90CD-4859-841F-AA1961C7767A} O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (...) [HKLM] -- SAMSUNG Mobile Modem O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem 1.0 O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem O42 - Logiciel: Samsung Mobile phone USB driver Software - (...) [HKLM] -- Samsung Mobile phone USB driver O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {C4A4722E-79F9-417C-BD72-8D359A090C97} O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A} O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} O42 - Logiciel: Shockwave - (...) [HKLM] -- Shockwave O42 - Logiciel: Skype™ 5.10 - (.Skype Technologies S.A..) [HKLM] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8} O42 - Logiciel: SpeedTouch USB Software - (...) [HKLM] -- {D41FAAA9-8048-4906-86B2-9AADEA1FA0B7} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: System Checkup 3.4 - (.iolo technologies, LLC.) [HKLM] -- {4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1 O42 - Logiciel: Sélecteur d'installation de Microsoft Works Suite 2003 - (...) [HKLM] -- Works2003Setup O42 - Logiciel: TOSHIBA Bluetooth Stack for Windows by CSR and Apache - (...) [HKLM] -- {CEBB6BFB-D708-4F99-A633-BC2600E01EF6} O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM] -- {9017CEAF-BE5A-4F73-8A0E-C87E26971E55} O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} O42 - Logiciel: Unknown Device Identifier 7.00 - (.Huntersoft.) [HKLM] -- Unknown Device Identifier_is1 O42 - Logiciel: VideoLAN VLC media player 0.8.6d - (.VideoLAN Team.) [HKLM] -- VLC media player =>.VideoLAN O42 - Logiciel: VirginMega DownloadManager - (.VirginMega.) [HKLM] -- VirginMega DownloadManager O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Media Format 11 runtime - (...) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 =>.Microsoft Corporation O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP O42 - Logiciel: msvcrt_installer - (.SAH.) [HKLM] -- {6068A42A-C1CF-45F2-9859-5DB16287FE5D} ~ Logic: 152 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\Alcatel] [HKCU\Software\AppDataLow\Avg] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Auslogics] [HKCU\Software\Avg] [HKCU\Software\Bugsplat] [HKCU\Software\CDDB] [HKCU\Software\Casino Solei] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CodeGear] [HKCU\Software\CyberLink] [HKCU\Software\DevNet] [HKCU\Software\Digital River] [HKCU\Software\EasyBits] [HKCU\Software\FIXIO PC Utilities] [HKCU\Software\Free Tarot] [HKCU\Software\GTek] [HKCU\Software\Google] [HKCU\Software\HP] [HKCU\Software\Hercules] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\JollyBear] [HKCU\Software\LdShih] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\MUSICMATCH] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Monitored] [HKCU\Software\MozillaPlugins] [HKCU\Software\Netscape] [HKCU\Software\Nokia] [HKCU\Software\NukeNabber 2.0] [HKCU\Software\ODBC] [HKCU\Software\Olympus Japan] [HKCU\Software\OrangeInside] [HKCU\Software\Orange] [HKCU\Software\PDF Suite 2012] [HKCU\Software\PMC] [HKCU\Software\Policies] [HKCU\Software\Recreasoft] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SampleView] [HKCU\Software\Samsung PC Studio] [HKCU\Software\Samsung] [HKCU\Software\SignupShield] [HKCU\Software\SkypeApps] [HKCU\Software\Skype] [HKCU\Software\Soft Enterprises] [HKCU\Software\Software] [HKCU\Software\SysMech] [HKCU\Software\TomTom] [HKCU\Software\Toshiba] [HKCU\Software\Trolltech] [HKCU\Software\TuneUp] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VB6Dock] [HKCU\Software\VirginMega] [HKCU\Software\Yahoo] [HKCU\Software\Zylom] [HKCU\Software\iolo] [HKCU\Software\kde.org] [HKCU\Software\keyhole.com] [HKCU\Software\mozilla] [HKCU\Software\settings] [HKCU\Software\로컬 응용 프로그램 마법사에서 생성된 응용 프로그램] [HKLM\Software\457] [HKLM\Software\781] [HKLM\Software\Adobe] [HKLM\Software\AdwCleaner] [HKLM\Software\Ahead] [HKLM\Software\Alcatel] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\CUSTPDF Writer] [HKLM\Software\Casino Solei] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\DevNet] [HKLM\Software\Europa Casino] [HKLM\Software\FRANCE TELECOM] [HKLM\Software\GPL Ghostscript] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\Hercules Technologies] [HKLM\Software\Hercules] [HKLM\Software\Hewlett-Packard] [HKLM\Software\ICE] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\Iolo] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\LEAD Technologies, Inc.] [HKLM\Software\Licenses] [HKLM\Software\Logitech] [HKLM\Software\MCCI] [HKLM\Software\MUSICMATCH] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Micro Application] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NOS] [HKLM\Software\Nokia Mobile Phones] [HKLM\Software\Nokia] [HKLM\Software\Nullsoft] [HKLM\Software\ODBC] [HKLM\Software\Orange] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\PCSuite] [HKLM\Software\PCTEL] [HKLM\Software\PTECH] [HKLM\Software\Panasonic] [HKLM\Software\PepiMK Software] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\RegisteredApplications] [HKLM\Software\SECURITOO] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Samsung Electronics Co., Ltd.] [HKLM\Software\Samsung] [HKLM\Software\Schlumberger] [HKLM\Software\SecureDigitalServices] [HKLM\Software\Skype] [HKLM\Software\StaterTV] =>Adware.StarterTV [HKLM\Software\TomTom] [HKLM\Software\Toshiba] [HKLM\Software\TuneUp] [HKLM\Software\Uniblue] [HKLM\Software\VideoLAN] [HKLM\Software\WinPcap] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Windows] [HKLM\Software\Yahoo] [HKLM\Software\ffffffff] [HKLM\Software\mozilla.org] [HKLM\Software\mypdfconverter] [HKLM\Software\webtogo] ~ Key Software: 220 Scanned in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 15/08/2013 - 17:18:41 - [402,694] ----D C:\Program Files\Adobe O43 - CFD: 16/01/2006 - 13:27:45 - [102,563] ----D C:\Program Files\Ahead O43 - CFD: 13/01/2008 - 10:45:04 - [0,440] ----D C:\Program Files\Amic Utilities O43 - CFD: 15/08/2013 - 15:09:52 - [95,365] ----D C:\Program Files\AVG O43 - CFD: 22/10/2013 - 08:23:32 - [0,602] ----D C:\Program Files\Bonjour O43 - CFD: 16/01/2006 - 09:24:14 - [0] ----D C:\Program Files\ComPlus Applications O43 - CFD: 31/08/2009 - 15:42:20 - [0,001] ----D C:\Program Files\Controle Parental O43 - CFD: 27/10/2007 - 18:08:50 - [0] ----D C:\Program Files\CyberLink O43 - CFD: 07/08/2010 - 18:48:21 - [1,522] ----D C:\Program Files\DIFX O43 - CFD: 14/08/2009 - 16:03:24 - [0] ----D C:\Program Files\Dofus O43 - CFD: 22/09/2011 - 20:03:04 - [175,743] ----D C:\Program Files\eMule O43 - CFD: 09/11/2013 - 21:13:29 - [490,254] ----D C:\Program Files\Fichiers communs O43 - CFD: 11/11/2008 - 15:48:48 - [0,905] ----D C:\Program Files\File Scanner Library (Spybot - Search & Destroy) O43 - CFD: 04/11/2013 - 17:05:32 - [8,330] ----D C:\Program Files\Free Tarot O43 - CFD: 28/08/2013 - 18:16:45 - [638,125] ----D C:\Program Files\Google O43 - CFD: 16/02/2011 - 13:16:16 - [7,701] ----D C:\Program Files\GPLGS O43 - CFD: 16/01/2006 - 19:28:26 - [0,116] ----D C:\Program Files\Grisoft O43 - CFD: 15/08/2013 - 22:07:16 - [4,699] ----D C:\Program Files\GUM198.tmp O43 - CFD: 10/08/2010 - 09:49:56 - [39,225] ----D C:\Program Files\Hercules O43 - CFD: 15/02/2007 - 22:52:24 - [83,146] ----D C:\Program Files\Hewlett-Packard O43 - CFD: 08/09/2011 - 19:56:11 - [183,451] ----D C:\Program Files\HP O43 - CFD: 10/08/2010 - 09:49:32 - [32,327] --H-D C:\Program Files\InstallShield Installation Information O43 - CFD: 10/10/2013 - 00:01:07 - [6,763] ----D C:\Program Files\Internet Explorer O43 - CFD: 19/08/2013 - 16:46:07 - [11,586] ----D C:\Program Files\iolo O43 - CFD: 02/06/2010 - 12:28:06 - [205,906] ----D C:\Program Files\Java O43 - CFD: 10/11/2013 - 15:30:24 - [13,251] ----D C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 16/01/2006 - 17:49:37 - [5,830] ----D C:\Program Files\Messager Wanadoo O43 - CFD: 09/10/2008 - 16:41:37 - [2,075] ----D C:\Program Files\Messenger O43 - CFD: 19/04/2010 - 00:36:42 - [138,274] ----D C:\Program Files\Micro Application O43 - CFD: 29/07/2013 - 18:09:51 - [0,806] ----D C:\Program Files\Microsoft O43 - CFD: 16/01/2006 - 15:24:39 - [712,421] ----D C:\Program Files\Microsoft AutoRoute O43 - CFD: 16/01/2006 - 15:33:50 - [479,463] ----D C:\Program Files\Microsoft Encarta O43 - CFD: 25/09/2011 - 17:29:13 - [0] ----D C:\Program Files\microsoft frontpage O43 - CFD: 20/12/2009 - 19:39:25 - [669,712] ----D C:\Program Files\Microsoft Office O43 - CFD: 22/09/2009 - 17:18:01 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 22/09/2009 - 17:20:55 - [2,087] ----D C:\Program Files\Microsoft Sync Framework O43 - CFD: 16/01/2006 - 11:52:09 - [0,014] ----D C:\Program Files\Microsoft Visual Studio O43 - CFD: 12/07/2011 - 08:37:06 - [6,777] ----D C:\Program Files\Microsoft Works O43 - CFD: 16/01/2006 - 15:19:29 - [6,603] ----D C:\Program Files\Microsoft Works Suite 2003 O43 - CFD: 04/08/2013 - 16:52:21 - [0,015] ----D C:\Program Files\Microsoft.NET O43 - CFD: 11/11/2008 - 15:48:47 - [0,918] ----D C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) O43 - CFD: 12/08/2010 - 11:03:38 - [10,825] ----D C:\Program Files\Movie Maker O43 - CFD: 09/11/2013 - 13:25:43 - [5,693] ----D C:\Program Files\Mozilla Firefox O43 - CFD: 06/03/2009 - 21:09:44 - [0,025] ----D C:\Program Files\MSBuild O43 - CFD: 20/12/2009 - 19:38:52 - [28,414] ----D C:\Program Files\MSECache O43 - CFD: 20/09/2010 - 22:53:27 - [30,291] ----D C:\Program Files\MSN O43 - CFD: 16/01/2006 - 09:23:39 - [8,341] ----D C:\Program Files\MSN Gaming Zone O43 - CFD: 16/11/2006 - 09:35:15 - [0] ----D C:\Program Files\MSXML 4.0 O43 - CFD: 16/01/2006 - 17:15:46 - [0,354] ----D C:\Program Files\MUSICMATCH O43 - CFD: 16/02/2011 - 13:15:10 - [11,266] ----D C:\Program Files\MyPDFConverter O43 - CFD: 09/10/2008 - 16:09:22 - [3,133] ----D C:\Program Files\NetMeeting O43 - CFD: 24/06/2012 - 14:37:20 - [130,152] ----D C:\Program Files\Nokia O43 - CFD: 11/08/2009 - 04:30:53 - [0] ----D C:\Program Files\NOS O43 - CFD: 28/03/2006 - 18:10:31 - [0] ----D C:\Program Files\OLYMPUS O43 - CFD: 12/07/2011 - 08:56:57 - [6,356] ----D C:\Program Files\OpenOffice.org 3 O43 - CFD: 27/07/2011 - 15:15:38 - [243,845] ----D C:\Program Files\orange O43 - CFD: 26/08/2010 - 10:55:56 - [243,961] ----D C:\Program Files\OrangeHSS O43 - CFD: 17/12/2010 - 12:03:26 - [4,176] ----D C:\Program Files\Outlook Express =>.Microsoft Corporation O43 - CFD: 24/07/2010 - 18:26:53 - [36,049] ----D C:\Program Files\Panasonic O43 - CFD: 24/06/2012 - 14:20:59 - [14,858] ----D C:\Program Files\PC Connectivity Solution O43 - CFD: 04/11/2006 - 12:23:28 - [69,046] ----D C:\Program Files\QuickTime O43 - CFD: 10/08/2009 - 09:23:29 - [0] ----D C:\Program Files\Rainlendar2 O43 - CFD: 06/03/2009 - 21:09:24 - [36,207] ----D C:\Program Files\Reference Assemblies O43 - CFD: 06/11/2008 - 18:12:52 - [1,096] ----D C:\Program Files\RegCleaner O43 - CFD: 27/02/2009 - 16:18:57 - [200,597] ----D C:\Program Files\Samsung O43 - CFD: 11/11/2008 - 15:48:48 - [2,981] ----D C:\Program Files\SDHelper (Spybot - Search & Destroy) O43 - CFD: 06/03/2009 - 10:09:55 - [57,636] ----D C:\Program Files\Securitoo O43 - CFD: 16/01/2006 - 09:26:45 - [0,003] ----D C:\Program Files\Services en ligne O43 - CFD: 11/09/2012 - 23:44:06 - [25,571] R---D C:\Program Files\Skype O43 - CFD: 29/07/2013 - 18:39:18 - [66,127] ----D C:\Program Files\Spybot - Search & Destroy O43 - CFD: 22/09/2011 - 20:03:02 - [1,300] ----D C:\Program Files\TAROTPRO992 O43 - CFD: 17/11/2006 - 17:22:58 - [0,127] ----D C:\Program Files\TeamScripT V3.8 O43 - CFD: 16/01/2006 - 17:50:21 - [4,298] ----D C:\Program Files\Thomson O43 - CFD: 10/02/2007 - 13:27:52 - [432,306] ----D C:\Program Files\Tika_Hector1 O43 - CFD: 20/11/2007 - 17:31:33 - [0,004] ----D C:\Program Files\TomTom HOME O43 - CFD: 21/11/2012 - 11:59:10 - [51,179] ----D C:\Program Files\TomTom HOME 2 O43 - CFD: 06/08/2009 - 14:50:01 - [0,021] ----D C:\Program Files\TomTom International B.V O43 - CFD: 06/03/2006 - 22:49:17 - [19,076] ----D C:\Program Files\Toshiba O43 - CFD: 11/08/2006 - 19:23:14 - [1,079] ----D C:\Program Files\Ubi Soft O43 - CFD: 16/01/2006 - 09:36:38 - [0] --H-D C:\Program Files\Uninstall Information O43 - CFD: 16/02/2011 - 13:09:22 - [3,942] ----D C:\Program Files\Unknown Device Identifier O43 - CFD: 19/01/2008 - 19:43:54 - [31,889] ----D C:\Program Files\VideoLAN O43 - CFD: 17/01/2008 - 22:53:38 - [8,791] ----D C:\Program Files\VirginMega O43 - CFD: 06/03/2009 - 11:48:07 - [0,973] ----D C:\Program Files\Wanadoo O43 - CFD: 09/09/2011 - 11:03:47 - [5,167] ----D C:\Program Files\Windows Desktop Search O43 - CFD: 23/08/2011 - 08:38:57 - [132,497] ----D C:\Program Files\Windows Live O43 - CFD: 22/09/2009 - 17:12:24 - [0,234] ----D C:\Program Files\Windows Live SkyDrive O43 - CFD: 23/12/2007 - 10:28:27 - [3,415] ----D C:\Program Files\Windows Media Connect 2 O43 - CFD: 09/10/2008 - 16:09:14 - [11,106] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation O43 - CFD: 09/10/2008 - 16:09:13 - [3,760] ----D C:\Program Files\Windows NT O43 - CFD: 16/01/2006 - 10:01:25 - [0] --H-D C:\Program Files\WindowsUpdate O43 - CFD: 30/08/2012 - 09:09:03 - [0,180] ----D C:\Program Files\WinPcap O43 - CFD: 28/10/2007 - 04:30:44 - [0,002] ----D C:\Program Files\WinZip O43 - CFD: 16/01/2006 - 09:29:36 - [0] ----D C:\Program Files\xerox O43 - CFD: 16/01/2013 - 16:07:54 - [0,547] ----D C:\Program Files\Yahoo! O43 - CFD: 10/11/2013 - 21:32:53 - [23,631] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman O43 - CFD: 15/08/2013 - 17:22:00 - [26,219] ----D C:\Program Files\Fichiers communs\Adobe O43 - CFD: 22/10/2013 - 08:16:39 - [45,972] ----D C:\Program Files\Fichiers communs\Adobe AIR O43 - CFD: 16/01/2006 - 13:27:08 - [15,057] ----D C:\Program Files\Fichiers communs\Ahead O43 - CFD: 16/12/2007 - 16:16:08 - [0] ----D C:\Program Files\Fichiers communs\Blizzard Entertainment O43 - CFD: 16/01/2006 - 11:52:09 - [0,082] ----D C:\Program Files\Fichiers communs\Designer O43 - CFD: 25/08/2011 - 11:08:38 - [10,316] ----D C:\Program Files\Fichiers communs\France Telecom O43 - CFD: 15/02/2007 - 19:43:58 - [0,436] ----D C:\Program Files\Fichiers communs\Hewlett-Packard O43 - CFD: 15/02/2007 - 23:00:28 - [5,300] ----D C:\Program Files\Fichiers communs\HP O43 - CFD: 07/01/2007 - 15:45:39 - [11,011] ----D C:\Program Files\Fichiers communs\InstallShield O43 - CFD: 02/06/2010 - 12:28:40 - [53,795] ----D C:\Program Files\Fichiers communs\Java O43 - CFD: 25/09/2011 - 17:46:15 - [276,355] ----D C:\Program Files\Fichiers communs\Microsoft Shared O43 - CFD: 16/01/2006 - 09:25:22 - [0,271] ----D C:\Program Files\Fichiers communs\MSSoap O43 - CFD: 09/11/2013 - 21:13:29 - [11,508] ----D C:\Program Files\Fichiers communs\Nokia O43 - CFD: 16/01/2006 - 09:03:09 - [0] ----D C:\Program Files\Fichiers communs\ODBC O43 - CFD: 16/01/2006 - 09:25:31 - [0,008] ----D C:\Program Files\Fichiers communs\Services O43 - CFD: 11/09/2012 - 23:44:06 - [2,056] ----D C:\Program Files\Fichiers communs\Skype O43 - CFD: 15/02/2007 - 23:01:48 - [0,199] ----D C:\Program Files\Fichiers communs\Sonic Shared O43 - CFD: 16/01/2006 - 09:03:06 - [3,612] ----D C:\Program Files\Fichiers communs\SpeechEngines O43 - CFD: 09/10/2008 - 16:09:06 - [28,018] ----D C:\Program Files\Fichiers communs\System O43 - CFD: 22/09/2009 - 17:03:24 - [0] ----D C:\Program Files\Fichiers communs\Windows Live O43 - CFD: 09/01/2008 - 19:44:00 - [0,039] -SH-D C:\Program Files\Fichiers communs\WindowsLiveInstaller O43 - CFD: 18/09/2013 - 07:51:47 - [278,371] ----D C:\Documents and Settings\All Users\Application Data\Adobe O43 - CFD: 22/10/2013 - 08:23:23 - [2,250] ----D C:\Documents and Settings\All Users\Application Data\Apple O43 - CFD: 04/11/2006 - 12:24:06 - [23,396] ----D C:\Documents and Settings\All Users\Application Data\Apple Computer O43 - CFD: 13/09/2012 - 11:37:09 - [0,485] ----D C:\Documents and Settings\All Users\Application Data\AVG O43 - CFD: 30/01/2013 - 16:12:06 - [8,430] ----D C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign O43 - CFD: 08/09/2013 - 15:26:26 - [237,544] ----D C:\Documents and Settings\All Users\Application Data\AVG2013 O43 - CFD: 29/07/2012 - 09:33:24 - [500,990] ----D C:\Documents and Settings\All Users\Application Data\avg9 O43 - CFD: 15/03/2011 - 16:15:22 - [0] --H-D C:\Documents and Settings\All Users\Application Data\Common Files O43 - CFD: 10/04/2010 - 22:30:45 - [0,001] ----D C:\Documents and Settings\All Users\Application Data\F-Secure O43 - CFD: 20/09/2006 - 20:01:26 - [0,007] ----D C:\Documents and Settings\All Users\Application Data\Google O43 - CFD: 28/08/2013 - 17:46:23 - [0,013] ----D C:\Documents and Settings\All Users\Application Data\Google Updater O43 - CFD: 30/03/2006 - 08:50:28 - [0,953] ----D C:\Documents and Settings\All Users\Application Data\GTek O43 - CFD: 12/09/2011 - 08:31:20 - [0,006] ----D C:\Documents and Settings\All Users\Application Data\HP O43 - CFD: 15/06/2009 - 15:44:59 - [0,009] ----D C:\Documents and Settings\All Users\Application Data\HP Product Assistant O43 - CFD: 07/08/2010 - 18:41:31 - [204,359] ----D C:\Documents and Settings\All Users\Application Data\Installations O43 - CFD: 19/08/2013 - 16:51:57 - [0,458] ----D C:\Documents and Settings\All Users\Application Data\iolo O43 - CFD: 09/11/2013 - 14:26:34 - [8,808] ----D C:\Documents and Settings\All Users\Application Data\Malwarebytes O43 - CFD: 10/11/2013 - 21:22:17 - [252,601] ----D C:\Documents and Settings\All Users\Application Data\MFAData O43 - CFD: 29/07/2013 - 18:09:51 - [83,903] -S--D C:\Documents and Settings\All Users\Application Data\Microsoft O43 - CFD: 24/09/2009 - 09:07:00 - [0] ----D C:\Documents and Settings\All Users\Application Data\MSN6 O43 - CFD: 05/11/2006 - 17:01:33 - [1,893] ----D C:\Documents and Settings\All Users\Application Data\MyCompany O43 - CFD: 24/06/2012 - 14:46:08 - [234,081] ----D C:\Documents and Settings\All Users\Application Data\Nokia O43 - CFD: 07/09/2011 - 15:04:48 - [554,812] ----D C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache O43 - CFD: 11/08/2009 - 04:30:59 - [0] ----D C:\Documents and Settings\All Users\Application Data\NOS O43 - CFD: 26/10/2013 - 17:17:50 - [94,620] ----D C:\Documents and Settings\All Users\Application Data\Orange O43 - CFD: 15/08/2013 - 00:05:37 - [0,113] ----D C:\Documents and Settings\All Users\Application Data\PC Suite O43 - CFD: 09/02/2007 - 19:52:30 - [1,846] ----D C:\Documents and Settings\All Users\Application Data\PlayTime O43 - CFD: 21/01/2008 - 20:50:00 - [1,893] ----D C:\Documents and Settings\All Users\Application Data\PopCap =>Adware.PopCap O43 - CFD: 11/09/2012 - 23:44:02 - [69,466] ----D C:\Documents and Settings\All Users\Application Data\Skype O43 - CFD: 15/02/2007 - 23:01:49 - [0,001] ----D C:\Documents and Settings\All Users\Application Data\Sonic O43 - CFD: 15/05/2010 - 21:37:14 - [25,609] ----D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy O43 - CFD: 02/06/2010 - 12:28:49 - [0] ----D C:\Documents and Settings\All Users\Application Data\Sun O43 - CFD: 29/07/2012 - 17:39:57 - [229,772] ---AD C:\Documents and Settings\All Users\Application Data\TEMP O43 - CFD: 06/02/2008 - 19:33:19 - [0] ----D C:\Documents and Settings\All Users\Application Data\TomTom O43 - CFD: 15/10/2012 - 22:14:23 - [0,506] ----D C:\Documents and Settings\All Users\Application Data\TuneUp Software O43 - CFD: 21/04/2006 - 08:41:33 - [0,003] ----D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage O43 - CFD: 09/01/2008 - 19:41:12 - [0,383] ----D C:\Documents and Settings\All Users\Application Data\WLInstaller O43 - CFD: 09/02/2007 - 19:38:00 - [2,841] ----D C:\Documents and Settings\All Users\Application Data\Zylom O43 - CFD: 23/10/2012 - 23:10:52 - [0] -SH-D C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} O43 - CFD: 22/07/2013 - 22:27:46 - [24,273] -SH-D C:\Documents and Settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} O43 - CFD: 10/08/2009 - 09:21:14 - [0,261] ----D C:\Documents and Settings\Perso\Application Data\3M O43 - CFD: 16/09/2013 - 22:27:58 - [26,391] ----D C:\Documents and Settings\Perso\Application Data\Adobe O43 - CFD: 12/05/2008 - 19:42:58 - [0] ----D C:\Documents and Settings\Perso\Application Data\AdobeUM O43 - CFD: 15/12/2006 - 15:22:18 - [0,054] ----D C:\Documents and Settings\Perso\Application Data\Apple Computer O43 - CFD: 13/09/2012 - 11:33:06 - [443,759] ----D C:\Documents and Settings\Perso\Application Data\AVG O43 - CFD: 15/08/2013 - 15:33:06 - [0,116] ----D C:\Documents and Settings\Perso\Application Data\AVG2013 O43 - CFD: 22/06/2010 - 04:33:34 - [0,004] ----D C:\Documents and Settings\Perso\Application Data\AVG9 O43 - CFD: 16/01/2006 - 20:27:55 - [0,005] ----D C:\Documents and Settings\Perso\Application Data\CyberLink O43 - CFD: 11/04/2006 - 09:22:09 - [0] ----D C:\Documents and Settings\Perso\Application Data\Dossier de téléchargement Share-to-Web O43 - CFD: 11/04/2006 - 09:22:09 - [0] ----D C:\Documents and Settings\Perso\Application Data\Dossier de téléchargement Share-to-Web O43 - CFD: 26/10/2013 - 17:16:52 - [0,009] ----D C:\Documents and Settings\Perso\Application Data\fr.orange.assistancelivebox =>.Orange Corporation O43 - CFD: 05/11/2006 - 17:42:03 - [0] ----D C:\Documents and Settings\Perso\Application Data\funkitron O43 - CFD: 05/10/2006 - 18:52:29 - [0,056] ----D C:\Documents and Settings\Perso\Application Data\Google O43 - CFD: 29/06/2006 - 17:18:25 - [0] --H-D C:\Documents and Settings\Perso\Application Data\GTek O43 - CFD: 16/01/2006 - 20:34:17 - [0] ----D C:\Documents and Settings\Perso\Application Data\Help O43 - CFD: 27/02/2007 - 09:23:46 - [0,097] ----D C:\Documents and Settings\Perso\Application Data\HP O43 - CFD: 05/11/2012 - 09:23:42 - [0,027] ----D C:\Documents and Settings\Perso\Application Data\HpUpdate O43 - CFD: 26/11/2008 - 09:57:13 - [0,021] ----D C:\Documents and Settings\Perso\Application Data\Icone O43 - CFD: 10/11/2013 - 19:56:38 - [0] ----D C:\Documents and Settings\Perso\Application Data\Icones O43 - CFD: 16/01/2006 - 09:36:44 - [0] ----D C:\Documents and Settings\Perso\Application Data\Identities O43 - CFD: 15/01/2013 - 16:45:35 - [0] ----D C:\Documents and Settings\Perso\Application Data\IEXPLORE O43 - CFD: 08/09/2011 - 21:30:06 - [0,489] ----D C:\Documents and Settings\Perso\Application Data\Image Zone Express O43 - CFD: 06/02/2008 - 19:31:07 - [0] ----D C:\Documents and Settings\Perso\Application Data\InstallShield O43 - CFD: 16/07/2010 - 15:09:42 - [0,004] ----D C:\Documents and Settings\Perso\Application Data\iolo O43 - CFD: 09/02/2007 - 08:11:38 - [0,055] ----D C:\Documents and Settings\Perso\Application Data\Macromedia O43 - CFD: 09/11/2013 - 14:27:31 - [23,628] ----D C:\Documents and Settings\Perso\Application Data\Malwarebytes O43 - CFD: 12/08/2011 - 20:43:54 - [19,570] -S--D C:\Documents and Settings\Perso\Application Data\Microsoft O43 - CFD: 25/09/2011 - 17:29:50 - [0] ----D C:\Documents and Settings\Perso\Application Data\Microsoft Web Folders O43 - CFD: 15/05/2008 - 16:00:30 - [7,569] ----D C:\Documents and Settings\Perso\Application Data\Mozilla O43 - CFD: 01/12/2010 - 17:38:40 - [0,003] ----D C:\Documents and Settings\Perso\Application Data\MSN6 O43 - CFD: 11/09/2012 - 16:01:26 - [7,780] ----D C:\Documents and Settings\Perso\Application Data\Nokia O43 - CFD: 20/07/2012 - 20:12:42 - [0,029] ----D C:\Documents and Settings\Perso\Application Data\Nokia Suite O43 - CFD: 11/05/2009 - 16:34:24 - [2,322] ----D C:\Documents and Settings\Perso\Application Data\OpenOffice.org O43 - CFD: 28/07/2012 - 10:21:59 - [12,092] ----D C:\Documents and Settings\Perso\Application Data\Orange O43 - CFD: 12/05/2011 - 12:16:30 - [0,227] ----D C:\Documents and Settings\Perso\Application Data\Panasonic O43 - CFD: 18/10/2010 - 17:26:28 - [4,662] ----D C:\Documents and Settings\Perso\Application Data\PC Suite O43 - CFD: 17/04/2012 - 14:51:05 - [38,111] ----D C:\Documents and Settings\Perso\Application Data\PDF Software O43 - CFD: 21/08/2011 - 10:13:01 - [0] ----D C:\Documents and Settings\Perso\Application Data\RegistryKeys O43 - CFD: 27/02/2009 - 16:35:54 - [1,758] ----D C:\Documents and Settings\Perso\Application Data\Samsung O43 - CFD: 04/09/2011 - 23:49:04 - [7,697] ----D C:\Documents and Settings\Perso\Application Data\Skype O43 - CFD: 04/09/2011 - 23:00:59 - [0,054] ----D C:\Documents and Settings\Perso\Application Data\skypePM O43 - CFD: 03/03/2006 - 20:37:03 - [27,094] ----D C:\Documents and Settings\Perso\Application Data\Sun O43 - CFD: 20/11/2007 - 17:31:55 - [5,912] ----D C:\Documents and Settings\Perso\Application Data\TomTom O43 - CFD: 06/05/2013 - 18:48:04 - [0,062] ----D C:\Documents and Settings\Perso\Application Data\TuneUp Software O43 - CFD: 28/08/2013 - 09:14:04 - [3,059] ----D C:\Documents and Settings\Perso\Application Data\U3 O43 - CFD: 19/01/2008 - 19:44:54 - [0,354] ----D C:\Documents and Settings\Perso\Application Data\vlc O43 - CFD: 08/09/2011 - 22:37:19 - [0] ----D C:\Documents and Settings\Perso\Application Data\Windows Desktop Search O43 - CFD: 08/09/2011 - 23:37:42 - [0] ----D C:\Documents and Settings\Perso\Application Data\Windows Search O43 - CFD: 10/11/2013 - 21:34:08 - [0,310] ----D C:\Documents and Settings\Perso\Application Data\ZHP =>.Nicolas Coolman O43 - CFD: 15/08/2013 - 17:16:57 - [18,006] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Adobe O43 - CFD: 26/01/2006 - 20:57:01 - [1,860] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Ahead O43 - CFD: 04/11/2006 - 12:27:04 - [0,008] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Apple Computer O43 - CFD: 10/11/2013 - 20:17:38 - [0,067] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\ApplicationHistory O43 - CFD: 15/08/2013 - 17:36:24 - [4,182] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Avg2013 O43 - CFD: 08/09/2013 - 08:30:24 - [0,102] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\avgchrome O43 - CFD: 21/11/2012 - 11:55:15 - [25,873] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Downloaded Installations O43 - CFD: 24/04/2011 - 07:27:04 - [290,868] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Google O43 - CFD: 22/09/2011 - 20:03:14 - [0] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Help O43 - CFD: 15/02/2007 - 23:16:29 - [28,143] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\HP O43 - CFD: 31/03/2006 - 17:13:47 - [16,549] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Identities O43 - CFD: 15/02/2007 - 23:16:46 - [0,002] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\IsolatedStorage O43 - CFD: 21/06/2013 - 23:02:51 - [9,535] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\MFAData O43 - CFD: 02/08/2013 - 16:09:07 - [244,567] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft O43 - CFD: 06/04/2006 - 14:31:18 - [0] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Mozilla O43 - CFD: 24/06/2012 - 14:46:49 - [3,376] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Nokia O43 - CFD: 03/11/2010 - 10:46:10 - [0] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\NokiaAccount O43 - CFD: 20/01/2008 - 21:32:34 - [0] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Oberon Media O43 - CFD: 10/07/2011 - 15:32:28 - [0,001] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Orange O43 - CFD: 10/08/2009 - 18:03:14 - [0,001] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\RibMonTech O43 - CFD: 04/08/2013 - 16:39:54 - [164,682] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Temp O43 - CFD: 20/11/2007 - 17:31:55 - [1,936] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\TomTom O43 - CFD: 09/05/2006 - 21:32:52 - [0,004] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Toshiba O43 - CFD: 06/07/2009 - 19:44:38 - [0] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\WMTools Downloaded Files O43 - CFD: 20/12/2006 - 10:54:55 - [0,015] R---D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\Accessoires O43 - CFD: 07/08/2013 - 22:25:09 - [0] R---D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\Démarrage O43 - CFD: 01/09/2009 - 15:52:39 - [0,001] ----D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\Free Tarot O43 - CFD: 23/05/2009 - 16:26:47 - [0,001] ----D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\Micro Application O43 - CFD: 27/07/2011 - 15:16:20 - [0,002] ----D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\Orange O43 - CFD: 05/06/2006 - 19:50:29 - [0] R---D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\Outils d'administration O43 - CFD: 04/12/2008 - 19:42:15 - [0,003] ----D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\TAROT PRO 99.2 O43 - CFD: 06/02/2008 - 19:32:56 - [0,001] ----D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\TomTom ~ Program Folder: 238 Scanned in 00mn 49s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.3A9A54E9FF21A4825E9B40A89674F085] - 09/11/2013 - 12:15:16 ---A- . (...) -- C:\WINDOWS\setupact.log [60] O44 - LFC:[MD5.BD8F835921AF51A93211F9EA782E970A] - 09/11/2013 - 13:05:39 ---A- . (...) -- C:\AdwCleaner[R1].txt [8894] O44 - LFC:[MD5.85B7BD5610F3431D14FF74FED4FA379C] - 09/11/2013 - 13:26:33 ---A- . (...) -- C:\AdwCleaner[s1].txt [9726] O44 - LFC:[MD5.59DA26DC9678FB87EDF7E4EB6764259E] - 09/11/2013 - 21:12:49 ---A- . (...) -- C:\WINDOWS\DPINST.LOG [6338] O44 - LFC:[MD5.EF3AA7119DA2B8A4E47EAB867C95F4C6] - 09/11/2013 - 22:49:53 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.4470E3C1E0C3378E4CAB137893C12C3A] - 10/11/2013 - 15:30:01 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\system32\Drivers\mbam.sys [22856] O44 - LFC:[MD5.57DC5D8BBED81091B942DDC84BFB17BE] - 10/11/2013 - 19:59:21 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32536] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 10/11/2013 - 20:00:43 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 10/11/2013 - 20:01:35 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.240952A62F557D644E4526485CDD5EA2] - 10/11/2013 - 20:01:35 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.402E56A5E16AC8F0092D3C69649B69EB] - 10/11/2013 - 20:01:37 ---A- . (...) -- C:\WINDOWS\wiadebug.log [157] O44 - LFC:[MD5.5DBC85D17E5ECC2F2996E3C21A24E96B] - 10/11/2013 - 20:05:25 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [2206] O44 - LFC:[MD5.080179E06EADFFD1F99A16A2CBF4237F] - 10/11/2013 - 20:20:28 ---A- . (...) -- C:\WINDOWS\setupapi.log [4918] O44 - LFC:[MD5.0DB7527DB188C7D967A37BB51BBF3963] - 10/11/2013 - 20:22:17 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\Drivers\mbamswissarmy.sys [40776] O44 - LFC:[MD5.449B3A57DF53A85FA64AFB333B65B23B] - 10/11/2013 - 20:48:31 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1132861] O44 - LFC:[MD5.048B799B2D83139D6708156991D975D6] - 10/11/2013 - 20:49:13 ---A- . (...) -- C:\sc-cleaner.txt [1882] O44 - LFC:[MD5.A397C01E9206A7A58095E940DFC3113B] - 29/10/2013 - 10:23:56 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI [1262408] O44 - LFC:[MD5.F675DFF3FD8B6316E505A75D2C55232F] - 29/10/2013 - 10:24:12 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat [81338] O44 - LFC:[MD5.37583866A76AE848E94D7A3FF024F519] - 29/10/2013 - 10:24:13 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat [484504] O44 - LFC:[MD5.7617E2F46551061F46533E72C0A789A7] - 29/10/2013 - 10:24:15 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat [103996] O44 - LFC:[MD5.20DB50028A7B44A3B36097E4CAA228CE] - 29/10/2013 - 10:24:16 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat [575724] O44 - LFC:[MD5.68460A27CB0244E7F5FF5FDD83CDE41D] - 30/10/2013 - 21:02:08 RSHA- . (...) -- C:\boot.ini [246] O44 - LFC:[MD5.75B89DB3AF9EF0D7E0DDF7E32B89A786] - 31/10/2013 - 00:01:50 ---A- . (...) -- C:\WINDOWS\wininit.ini [1926] ~ Files: 24 Scanned in 00mn 15s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.A827ABB52904E7FF626E82DA1C23F1B7] - 10/11/2013 - 14:17:34 ---A- - C:\WINDOWS\Prefetch\HPZIPM12.EXE-145E7369.pf O45 - LFCP:[MD5.B1315FC6BD5C76220F7FC511EA56AF78] - 10/11/2013 - 14:17:34 ---A- - C:\WINDOWS\Prefetch\OUCORE.EXE-10371D4D.pf O45 - LFCP:[MD5.FAD35821D89FA04E002209D1F4877B1A] - 10/11/2013 - 14:17:34 ---A- - C:\WINDOWS\Prefetch\PCTSPK.EXE-3B895960.pf O45 - LFCP:[MD5.546DE380BCBC104570ED0014216DB261] - 10/11/2013 - 14:17:35 ---A- - C:\WINDOWS\Prefetch\UPDATER.EXE-23F4D955.pf O45 - LFCP:[MD5.960CFB3CCFDB01FC8E3494A5DE3EC246] - 10/11/2013 - 15:08:06 ---A- - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf O45 - LFCP:[MD5.821E18FE4B9EA665113B8873A111E379] - 10/11/2013 - 15:08:07 ---A- - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf O45 - LFCP:[MD5.330209DB2E547C1614BE3D33B504434A] - 10/11/2013 - 15:29:55 ---A- - C:\WINDOWS\Prefetch\MBAM-SETUP-1.75.0.1300.EXE-28068177.pf O45 - LFCP:[MD5.6A811337EE6390EFE6A179C00D85AC87] - 10/11/2013 - 15:29:57 ---A- - C:\WINDOWS\Prefetch\MBAM-SETUP-1.75.0.1300.TMP-3812F140.pf O45 - LFCP:[MD5.3C70EEB34CB299A6D8241B9538B4A742] - 10/11/2013 - 17:22:50 ---A- - C:\WINDOWS\Prefetch\Layout.ini O45 - LFCP:[MD5.7C90142DE70115E483BEB40859FFE3A9] - 10/11/2013 - 18:57:46 ---A- - C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf O45 - LFCP:[MD5.6177F7C6B8FC91C731FECD755091097A] - 10/11/2013 - 19:44:02 ---A- - C:\WINDOWS\Prefetch\AVGSRMAX.EXE-3573B408.pf O45 - LFCP:[MD5.C7006797F5FCB35528C5487C46CB0BB2] - 10/11/2013 - 19:56:26 ---A- - C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf O45 - LFCP:[MD5.56F1995B688621370E3B56C51B7D0F31] - 10/11/2013 - 19:57:05 ---A- - C:\WINDOWS\Prefetch\NOTEPAD.EXE-189578DA.pf O45 - LFCP:[MD5.98342D9A949BB1FDB7285B3B16484F74] - 10/11/2013 - 19:58:43 ---A- - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf O45 - LFCP:[MD5.22C6B1A7C23220FE910C9ED8157FBCD5] - 10/11/2013 - 20:03:08 ---A- - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:[MD5.BCC4E1FD70238D612AA26BC5D29335CD] - 10/11/2013 - 20:03:09 ---A- - C:\WINDOWS\Prefetch\INCDSRV.EXE-0DB45951.pf O45 - LFCP:[MD5.241C653945BFAEFC9D3EAD55A7B371CF] - 10/11/2013 - 20:03:09 ---A- - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf O45 - LFCP:[MD5.01C3DB7DD8B3B8B88EBC2B951B900CD0] - 10/11/2013 - 20:03:10 ---A- - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf O45 - LFCP:[MD5.E7B65E8FA9F968F19804B7FBAEBD9203] - 10/11/2013 - 20:03:10 ---A- - C:\WINDOWS\Prefetch\WGATRAY.EXE-0ED38BED.pf O45 - LFCP:[MD5.ACE2F0F1E6E36B179E49A911B0F8F498] - 10/11/2013 - 20:03:11 ---A- - C:\WINDOWS\Prefetch\AVGIDSAGENT.EXE-3AA9B535.pf O45 - LFCP:[MD5.C320E6F0CA5839845182C9B15281FBCE] - 10/11/2013 - 20:03:11 ---A- - C:\WINDOWS\Prefetch\AVGWDSVC.EXE-00C4A3CB.pf O45 - LFCP:[MD5.ED6975B8F499B2C2EF3AC927973DDA72] - 10/11/2013 - 20:03:11 ---A- - C:\WINDOWS\Prefetch\MDNSRESPONDER.EXE-02F30C6E.pf O45 - LFCP:[MD5.1AD0AE1A987EFF64575871CB415F69F4] - 10/11/2013 - 20:03:11 ---A- - C:\WINDOWS\Prefetch\SPOOLSV.EXE-282F76A7.pf O45 - LFCP:[MD5.3E8CECDD4934A186C7CAA2660D0FE73D] - 10/11/2013 - 20:03:12 ---A- - C:\WINDOWS\Prefetch\DEDICARZSERVICE.EXE-028A2996.pf O45 - LFCP:[MD5.D8EA1E4B8999674D746A3C5DFE23F472] - 10/11/2013 - 20:03:12 ---A- - C:\WINDOWS\Prefetch\FTRTSVC.EXE-3AF61018.pf O45 - LFCP:[MD5.718176C09C8A19DD1AD887FC63D24ABC] - 10/11/2013 - 20:03:12 ---A- - C:\WINDOWS\Prefetch\MSCORSVW.EXE-1366B4F5.pf O45 - LFCP:[MD5.5728582A0FE3B78E50C677453FE11840] - 10/11/2013 - 20:03:12 ---A- - C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf O45 - LFCP:[MD5.8331365397227F9D70286AB3874240B6] - 10/11/2013 - 20:03:13 ---A- - C:\WINDOWS\Prefetch\AVGNSX.EXE-290E4141.pf O45 - LFCP:[MD5.44AF868FB0258033FAD3D1CF02A382FF] - 10/11/2013 - 20:03:13 ---A- - C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-27588DA3.pf O45 - LFCP:[MD5.F94C3F4026BE80D99F50517A69708D1B] - 10/11/2013 - 20:03:13 ---A- - C:\WINDOWS\Prefetch\GOOGLEUPDATERSERVICE.EXE-3AB369BE.pf O45 - LFCP:[MD5.D62AEDBA3A6B58A1AC9F4564E34A6232] - 10/11/2013 - 20:03:13 ---A- - C:\WINDOWS\Prefetch\MDM.EXE-1EFE14A5.pf O45 - LFCP:[MD5.339219E9891F11017F6E815A8982907A] - 10/11/2013 - 20:03:13 ---A- - C:\WINDOWS\Prefetch\TOMTOMHOMESERVICE.EXE-375DB379.pf O45 - LFCP:[MD5.67E5CF91682D9A75604B41F2F4614573] - 10/11/2013 - 20:03:14 ---A- - C:\WINDOWS\Prefetch\AVGCSRVX.EXE-1D2A6D14.pf O45 - LFCP:[MD5.0D296D0DA26A840E1E63911BB9E8E28E] - 10/11/2013 - 20:03:14 ---A- - C:\WINDOWS\Prefetch\OUINDICATOR.EXE-3B2DAB90.pf O45 - LFCP:[MD5.8A057DFEE90689D330E8029E1710519C] - 10/11/2013 - 20:03:14 ---A- - C:\WINDOWS\Prefetch\OULOOKUP.EXE-36CF8D1D.pf O45 - LFCP:[MD5.54691A9E1C21FAA056BD3DB0A3C7EB12] - 10/11/2013 - 20:03:14 ---A- - C:\WINDOWS\Prefetch\SEARCHINDEXER.EXE-1AD3307F.pf O45 - LFCP:[MD5.62841A75CF3F3457316311249F464E74] - 10/11/2013 - 20:03:15 ---A- - C:\WINDOWS\Prefetch\NOTIFICATIONMAIL_3.3.0_NOTIFI-043CD4B3.pf O45 - LFCP:[MD5.5F75205243CC5D367EB72230361974CF] - 10/11/2013 - 20:03:15 ---A- - C:\WINDOWS\Prefetch\OULAUNCHAPP.EXE-2DBF5E82.pf O45 - LFCP:[MD5.944770B5B953238C0AC86CCA1F0B997C] - 10/11/2013 - 20:03:16 ---A- - C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf O45 - LFCP:[MD5.C10E43FAFA9538ECB6EFD429D8DD3823] - 10/11/2013 - 20:03:17 ---A- - C:\WINDOWS\Prefetch\UNINSTALLMAILNOTIFIERTMP.EXE-392A960C.pf O45 - LFCP:[MD5.AC504C5FEE7433C9495ED402C1D57205] - 10/11/2013 - 20:03:20 ---A- - C:\WINDOWS\Prefetch\TSKILL.EXE-0108F24A.pf O45 - LFCP:[MD5.A9D36E5C5EBB5818298BF1F04EE742FA] - 10/11/2013 - 20:03:26 ---A- - C:\WINDOWS\Prefetch\AU_.EXE-2C41200D.pf O45 - LFCP:[MD5.51403F06EC55456B4248635D8D2A85AB] - 10/11/2013 - 20:05:19 ---A- - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf O45 - LFCP:[MD5.86A7DBE83046A6FBD8CA7C4753B9442E] - 10/11/2013 - 20:05:22 ---A- - C:\WINDOWS\Prefetch\MBAMSCHEDULER.EXE-319271D7.pf O45 - LFCP:[MD5.1A9FFAF436D290903AB7F2566442903E] - 10/11/2013 - 20:05:39 ---A- - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf O45 - LFCP:[MD5.96E2AB47D4D8600595F3399D2D6A006A] - 10/11/2013 - 20:05:49 ---A- - C:\WINDOWS\Prefetch\MBAMSERVICE.EXE-02CB9980.pf O45 - LFCP:[MD5.025CEDD7283EB062040CC94825D7DCE8] - 10/11/2013 - 20:06:03 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-42BD096B.pf O45 - LFCP:[MD5.E529563A177F03A838608FD328E22F4E] - 10/11/2013 - 20:06:15 ---A- - C:\WINDOWS\Prefetch\MBAMGUI.EXE-1286D63B.pf O45 - LFCP:[MD5.C8D01975F0E35E7FAC20BCDBFEE5D637] - 10/11/2013 - 20:08:43 ---A- - C:\WINDOWS\Prefetch\SETUPORANGEUPDATE.EXE-1ED461C6.pf O45 - LFCP:[MD5.CF86973C2BA90AA95548C7DBDB925881] - 10/11/2013 - 20:09:16 ---A- - C:\WINDOWS\Prefetch\AVGDIAGEX.EXE-2AFDF178.pf O45 - LFCP:[MD5.6EE917450C7C51673054E374EFD89224] - 10/11/2013 - 20:09:26 ---A- - C:\WINDOWS\Prefetch\SETUPORANGEUPDATEMINI_G2R1_CO-284F9DF1.pf O45 - LFCP:[MD5.422C1E0F6BCE604076697CEE37AA0235] - 10/11/2013 - 20:09:48 ---A- - C:\WINDOWS\Prefetch\SETUPORANGEUPDATEGUI_G2R1_COR-2CA3581A.pf O45 - LFCP:[MD5.0311726C0C09947EF2911D90DA4146A5] - 10/11/2013 - 20:10:38 ---A- - C:\WINDOWS\Prefetch\NET.EXE-01A53C2F.pf O45 - LFCP:[MD5.483D5FBD02D6D5288EE3D592869251CE] - 10/11/2013 - 20:10:53 ---A- - C:\WINDOWS\Prefetch\NET1.EXE-029B9DB4.pf O45 - LFCP:[MD5.88EC6202F45309A7291FD1CEA0814C2D] - 10/11/2013 - 20:12:39 ---A- - C:\WINDOWS\Prefetch\NEROCHECK.EXE-092C6DFA.pf O45 - LFCP:[MD5.AEFB8311B0EDB9D0C62E3EA46E4266ED] - 10/11/2013 - 20:12:47 ---A- - C:\WINDOWS\Prefetch\OUSOFTWAREMANAGER.EXE-1975BB60.pf O45 - LFCP:[MD5.6F95D755F4CF96C018990AAC17F246FE] - 10/11/2013 - 20:12:50 ---A- - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf O45 - LFCP:[MD5.BA4FA78C24AA22ACF5D1D2B1D9BF7340] - 10/11/2013 - 20:12:53 ---A- - C:\WINDOWS\Prefetch\DRAGDIAG.EXE-0317E0C9.pf O45 - LFCP:[MD5.7446D263A859863E9E010D1828BE6FD1] - 10/11/2013 - 20:13:37 ---A- - C:\WINDOWS\Prefetch\SESSIONMANAGER.EXE-287366F2.pf O45 - LFCP:[MD5.583AF3C0E8C991593EB0DD71CBC02EED] - 10/11/2013 - 20:13:40 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1218E1AC.pf O45 - LFCP:[MD5.0E3B5780E449327D9BAE68100CF266D9] - 10/11/2013 - 20:13:55 ---A- - C:\WINDOWS\Prefetch\CAMSERVICE.EXE-2E8B63E0.pf O45 - LFCP:[MD5.D9C2FBD53FC667E27EFC19748513CAB0] - 10/11/2013 - 20:13:58 ---A- - C:\WINDOWS\Prefetch\HPWUSCHD2.EXE-02F6D2DD.pf O45 - LFCP:[MD5.AED299B29847BFC3534B9AC72C1F6BA9] - 10/11/2013 - 20:14:00 ---A- - C:\WINDOWS\Prefetch\AVGUI.EXE-02705C04.pf O45 - LFCP:[MD5.3EC5FF6DDBE4F0CD614FC43A37BAA5D4] - 10/11/2013 - 20:14:07 ---A- - C:\WINDOWS\Prefetch\QTTASK.EXE-342507FB.pf O45 - LFCP:[MD5.2B422AF67F62304985029D31F88217FB] - 10/11/2013 - 20:14:09 ---A- - C:\WINDOWS\Prefetch\ADOBEARM.EXE-1095AC0A.pf O45 - LFCP:[MD5.B816067CF75DC65DD830E46C2EEB9EDF] - 10/11/2013 - 20:14:10 ---A- - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf O45 - LFCP:[MD5.D9BC8CF37B5F15F44CE9E680FCF0FBB5] - 10/11/2013 - 20:14:12 ---A- - C:\WINDOWS\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-3629C61D.pf =>Toolbar.Google O45 - LFCP:[MD5.1EB3C29E6C3CD8007A2641E42D313F8C] - 10/11/2013 - 20:14:14 ---A- - C:\WINDOWS\Prefetch\MSMSGS.EXE-2B6052DE.pf O45 - LFCP:[MD5.155553EFE782E2C4E03AB0FD001D1753] - 10/11/2013 - 20:14:16 ---A- - C:\WINDOWS\Prefetch\NOKIASUITE.EXE-1471BF38.pf O45 - LFCP:[MD5.8C3F1C0B30F76D226B404272E6DB63B0] - 10/11/2013 - 20:14:18 ---A- - C:\WINDOWS\Prefetch\ORANGEINSIDE.EXE-2DEBFDB6.pf O45 - LFCP:[MD5.ED3FFBB90AE0C8A4B7E4DB60153E8D1F] - 10/11/2013 - 20:14:18 ---A- - C:\WINDOWS\Prefetch\TOSBTMNG1.EXE-01605D64.pf O45 - LFCP:[MD5.10091BCCC4056626DFB2557A5B156823] - 10/11/2013 - 20:14:27 ---A- - C:\WINDOWS\Prefetch\ADOBE GAMMA LOADER.EXE-0A47CFD1.pf O45 - LFCP:[MD5.6E8E81303D6ABC7E1EBA64234A2BF0C0] - 10/11/2013 - 20:14:30 ---A- - C:\WINDOWS\Prefetch\HPQTRA08.EXE-17E37E7E.pf O45 - LFCP:[MD5.59B42967AC3C8AD21EFE9FC55C51B46D] - 10/11/2013 - 20:14:32 ---A- - C:\WINDOWS\Prefetch\HPQTHB08.EXE-060DCF16.pf O45 - LFCP:[MD5.897BB8527A7F4B533D25D627BBC9594E] - 10/11/2013 - 20:14:34 ---A- - C:\WINDOWS\Prefetch\TOSBTMNG.EXE-33568774.pf O45 - LFCP:[MD5.D26132B8CAB1A47BAB465D02CAE49CE6] - 10/11/2013 - 20:14:35 ---A- - C:\WINDOWS\Prefetch\OUNOTIFICATION.EXE-13B72674.pf O45 - LFCP:[MD5.5DD513B07C9854C6474635D0F775297B] - 10/11/2013 - 20:14:41 ---A- - C:\WINDOWS\Prefetch\PHLEAUTORUN.EXE-15B88BA5.pf O45 - LFCP:[MD5.E154163594B6F957593632214BAAD667] - 10/11/2013 - 20:14:47 ---A- - C:\WINDOWS\Prefetch\WINDOWSSEARCH.EXE-20C0F767.pf O45 - LFCP:[MD5.7479E7D80B7C91B34B4E4AF8411DCE55] - 10/11/2013 - 20:14:57 ---A- - C:\WINDOWS\Prefetch\TOSA2DP.EXE-2CD6EF15.pf O45 - LFCP:[MD5.69705D8713773F685E1E0267213C8BF0] - 10/11/2013 - 20:15:10 ---A- - C:\WINDOWS\Prefetch\READER_SL.EXE-089975CC.pf O45 - LFCP:[MD5.7C5CB29AB67C074218FD614EF43B3CC3] - 10/11/2013 - 20:15:10 ---A- - C:\WINDOWS\Prefetch\TOSBTHSP.EXE-16937FCE.pf O45 - LFCP:[MD5.86015FA1BCBA8A4C728258EFA4BBFD03] - 10/11/2013 - 20:19:04 ---A- - C:\WINDOWS\Prefetch\HPQIMZONE.EXE-038F0838.pf O45 - LFCP:[MD5.66DFF3D1F73D0B4B3358A1E47B14E54A] - 10/11/2013 - 20:19:19 ---A- - C:\WINDOWS\Prefetch\SERVICELAYER.EXE-191F07A8.pf O45 - LFCP:[MD5.FCEE160A059CF36301F820526FA7FB24] - 10/11/2013 - 20:20:20 ---A- - C:\WINDOWS\Prefetch\NCLINSTALLER.EXE-35BFFB75.pf O45 - LFCP:[MD5.C2B42FEC3A6BF3DAB5CD3EBA308F678F] - 10/11/2013 - 20:21:39 ---A- - C:\WINDOWS\Prefetch\MBAM.EXE-0BEE0439.pf O45 - LFCP:[MD5.C1BE897D3D42A2772F5E21EB60CC79F1] - 10/11/2013 - 20:22:02 ---A- - C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf O45 - LFCP:[MD5.A95787F09E6F40DEB78D490D699AC4BD] - 10/11/2013 - 20:26:48 ---A- - C:\WINDOWS\Prefetch\NCLUSBSRV.EXE-104CBA51.pf O45 - LFCP:[MD5.8AD7EDBEE2AADAF9A8A47763861A9D73] - 10/11/2013 - 20:27:04 ---A- - C:\WINDOWS\Prefetch\NCLMSBTSRV.EXE-07359B9E.pf O45 - LFCP:[MD5.A6D5A84B8238BFF2FDF763CDB7F4BE04] - 10/11/2013 - 20:27:12 ---A- - C:\WINDOWS\Prefetch\NCLTOBTSRV.EXE-393630CF.pf O45 - LFCP:[MD5.2A02C0D1F6C766556A2F1E715A134DBC] - 10/11/2013 - 20:33:01 ---A- - C:\WINDOWS\Prefetch\HPQSTE08.EXE-18A7280B.pf O45 - LFCP:[MD5.4C757B73C1052518A576B198B010563F] - 10/11/2013 - 20:40:56 ---A- - C:\WINDOWS\Prefetch\HPQUSGH.EXE-0FFFF703.pf O45 - LFCP:[MD5.5A150FB4BB7A6B8B836E24D540D2123B] - 10/11/2013 - 20:43:19 ---A- - C:\WINDOWS\Prefetch\HPRBLOG.EXE-16B72A6F.pf O45 - LFCP:[MD5.59B504AF7FFF9265C01E70CFE63EE5AD] - 10/11/2013 - 20:45:36 ---A- - C:\WINDOWS\Prefetch\HPQPPROP.EXE-09AA9678.pf O45 - LFCP:[MD5.FFCA15A93376960DE0FF9F14CDC4DE98] - 10/11/2013 - 20:45:39 ---A- - C:\WINDOWS\Prefetch\HPQTBX01.EXE-28FA88E4.pf O45 - LFCP:[MD5.684FCB74FECBD99D84171DC66C7DD2AA] - 10/11/2013 - 20:47:20 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4489B61B.pf O45 - LFCP:[MD5.4A68BC827993B90A1E0A980D45284657] - 10/11/2013 - 20:47:28 ---A- - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf O45 - LFCP:[MD5.B73FAC47F8C51B1F08ADF205EEAD9DFE] - 10/11/2013 - 20:48:11 ---A- - C:\WINDOWS\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-34BC5027.pf O45 - LFCP:[MD5.520BE0768E19F11EBBBFC6A2024FBF7F] - 10/11/2013 - 20:49:14 ---A- - C:\WINDOWS\Prefetch\SC-CLEANER.EXE-0C45A263.pf O45 - LFCP:[MD5.9D664AC99C1D3259F9DB11DE2E6FA811] - 10/11/2013 - 21:14:02 ---A- - C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-1E123D86.pf O45 - LFCP:[MD5.3C5EA435B46B977F8EC8AF76925E7C2D] - 10/11/2013 - 21:15:50 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BC5EC21.pf O45 - LFCP:[MD5.671D107436B6DCC104A1CFCE3CDAC85B] - 10/11/2013 - 21:16:20 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BEE0D00.pf O45 - LFCP:[MD5.0412BDA94E10BF3F90BE5AF5EE2F7A8C] - 10/11/2013 - 21:17:13 ---A- - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf O45 - LFCP:[MD5.AF702CC123E971DC84CDF4D77A2F7836] - 10/11/2013 - 21:21:07 ---A- - C:\WINDOWS\Prefetch\AVGMFAPX.EXE-021BCBDE.pf O45 - LFCP:[MD5.DB83BCAD4D4ECE6CABF9EB93A2AF104F] - 10/11/2013 - 21:22:21 ---A- - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf O45 - LFCP:[MD5.038F7F7CA695CD8F5A47B7B2982082F6] - 10/11/2013 - 21:23:01 ---A- - C:\WINDOWS\Prefetch\FIXCFG.EXE-3624A3E2.pf O45 - LFCP:[MD5.06A747B05C621B7E0D52DA8C6C54A615] - 10/11/2013 - 21:24:43 ---A- - C:\WINDOWS\Prefetch\DLLHOST.EXE-42807EE4.pf O45 - LFCP:[MD5.94CB84D3EA1B66C643E3742C197F6BA5] - 10/11/2013 - 21:27:44 ---A- - C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf O45 - LFCP:[MD5.5C7F3B280B93C33FD9B07E9F26F05EDE] - 10/11/2013 - 21:28:01 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG2.TMP-1205C469.pf O45 - LFCP:[MD5.A06976A2956AA6C18EB6158FA2F8B0FE] - 10/11/2013 - 21:28:07 ---A- - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf O45 - LFCP:[MD5.30C59808FEC995ABAB8369718C86F090] - 10/11/2013 - 21:31:13 ---A- - C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf O45 - LFCP:[MD5.BF1A6081BB42E391F11FFA6911656AC0] - 10/11/2013 - 21:31:28 ---A- - C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf O45 - LFCP:[MD5.960E81410F6A74F3A4F17DFD5D060713] - 10/11/2013 - 21:32:12 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG2.EXE-2A9C7F17.pf O45 - LFCP:[MD5.8765844D0EA62DF826209A030C1DA2C4] - 10/11/2013 - 21:32:15 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG2.TMP-2A0726CC.pf O45 - LFCP:[MD5.7E209B100CCFC34FDA175CE023436F9C] - 10/11/2013 - 21:32:48 ---A- - C:\WINDOWS\Prefetch\ZHPHEP.EXE-07C98D09.pf O45 - LFCP:[MD5.792EDC1A8CD34A8E06B1929DAFE047CA] - 10/11/2013 - 21:32:50 ---A- - C:\WINDOWS\Prefetch\SEARCHPROTOCOLHOST.EXE-34E0253A.pf O45 - LFCP:[MD5.48A7F054C29A3CA97A1E8943D1EAE9D3] - 10/11/2013 - 21:32:52 ---A- - C:\WINDOWS\Prefetch\SEARCHFILTERHOST.EXE-148579FB.pf O45 - LFCP:[MD5.3E400B50A39262134614383AAAC34D15] - 10/11/2013 - 21:32:59 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-021B7932.pf O45 - LFCP:[MD5.7F784855BA969F6F8D692DF5F2FBA09F] - 10/11/2013 - 21:33:31 ---A- - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf O45 - LFCP:[MD5.E00B7455E3A74BB902C8A5375A5404D3] - 10/11/2013 - 21:33:31 ---A- - C:\WINDOWS\Prefetch\PV.EXE-215F4419.pf O45 - LFCP:[MD5.5344C334AEC094F2C386A3B2775C2951] - 10/11/2013 - 21:33:44 ---A- - C:\WINDOWS\Prefetch\SUBINACL.EXE-17974576.pf O45 - LFCP:[MD5.52A510C548239CC192902190F564B496] - 10/11/2013 - 21:34:08 ---A- - C:\WINDOWS\Prefetch\SCHTASKS.EXE-0CBF6A11.pf O45 - LFCP:[MD5.F92283D62DCDDC5C50C0A93BB64A0234] - 10/11/2013 - 21:34:42 ---A- - C:\WINDOWS\Prefetch\AVGCMGR.EXE-2CB174F9.pf ~ Prefetcher: 122 Scanned in 00mn 02s ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\rundll32.exe" [Enabled] Clé orpheline O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dpvsetup.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\dpvsetup.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\mmc.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\mmc.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\rtcshare.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\rtcshare.exe O47 - AAKE:Key Export SP - "C:\Program Files\NetMeeting\conf.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\NetMeeting\conf.exe O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\iexplore.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe O47 - AAKE:Key Export SP - "C:\Program Files\Hercules\Hercules DualPix HD Webcam\Station2.exe" [Enabled] .(.Guillemot Corporation S.A..) -- C:\Program Files\Hercules\Hercules DualPix HD Webcam\Station2.exe O47 - AAKE:Key Export SP - "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA.) -- C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Earth\client\googleearth.exe" [Enabled] .(.Google.) -- C:\Program Files\Google\Google Earth\client\googleearth.exe =>.Google Inc O47 - AAKE:Key Export SP - "E:\fscommand\CKSocketServer.exe" [Enabled] .(...) -- E:\fscommand\CKSocketServer.exe (.not file.) O47 - AAKE:Key Export SP - "D:\fscommand\CKSocketServer.exe" [Enabled] .(...) -- D:\fscommand\CKSocketServer.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P..) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P..) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P..) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" [Enabled] .(..) -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Hewlett-Packard.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" [Enabled] .(.Hewlett-Packard.) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" [Enabled] .(.Hewlett-Packard.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P..) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P..) -- C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe O47 - AAKE:Key Export SP - "C:\Program Files\orange\Assistance Livebox\dist\ST2.exe" [Enabled] .(.Orange.) -- C:\Program Files\orange\Assistance Livebox\dist\ST2.exe O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG2013\avgmfapx.exe" [Enabled] .(.AVG Technologies CZ, s.r.o..) -- C:\Program Files\AVG\AVG2013\avgmfapx.exe O47 - AAKE:Key Export SP - "C:\Program Files\orange\OrangeUpdate\Service\OUCore.exe" [Enabled] .(.Orange SA.) -- C:\Program Files\orange\OrangeUpdate\Service\OUCore.exe O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc..) -- C:\Program Files\Bonjour\mDNSResponder.exe O47 - AAKE:Key Export SP - "C:\Program Files\orange\Assistance Livebox\dedicarz\DedicarzService.exe" [Enabled] .(..) -- C:\Program Files\orange\Assistance Livebox\dedicarz\DedicarzService.exe O47 - AAKE:Key Export SP - "C:\Program Files\orange\Assistance Livebox\dedicarz\LiveboxManager.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\orange\Assistance Livebox\dedicarz\LiveboxManager.exe O47 - AAKE:Key Export SP - "C:\Program Files\orange\Assistance Livebox\dedicarz\PluginLivebox.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\orange\Assistance Livebox\dedicarz\PluginLivebox.exe O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG2013\avgnsx.exe" [Enabled] .(.AVG Technologies CZ, s.r.o..) -- C:\Program Files\AVG\AVG2013\avgnsx.exe O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG2013\avgdiagex.exe" [Enabled] .(.AVG Technologies CZ, s.r.o..) -- C:\Program Files\AVG\AVG2013\avgdiagex.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe ~ Keys Export: 43 Scanned in 00mn 17s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\system32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\WINDOWS\system32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\system32\wdigest.dll ~ LSA: 6 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys ~ CSB: 23 Scanned in 00mn 01s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ IFEO: Scanned in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{5b3569c4-0925-11dd-bbbd-0090d0c82858}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\System32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"L3CODECA.ACM"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\L3CODECA.ACM O52 - TDSD: \drivers.desc\"tssoft32.acm"="DSP Group TrueSpeech Audio CODEC" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm O52 - TDSD: \drivers.desc\"ir32_32.dll"="Indeo codec by Intel" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \drivers.desc\"ir41_32.ax"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax ~ TDSD: 16 Scanned in 00mn 05s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\InCD [Key] . (.Ahead Software AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe ~ SMSR Keys: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ~ MSCP: 6 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0 ~ MWPS: 8 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"= O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 ~ MWPE Keys: 2 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.819BF44085104BE6527B86A88ACF856B] - 04/08/2004 - 06:32:31 ---A- . (.VIA Technologies, Inc. - VIA Audio WDM Driver.) -- C:\WINDOWS\system32\Drivers\ac97via.sys [84480] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/09/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] ~ Drivers: 8 Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 09/11/2013 - 21:35:55 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\Content\398EE64D66758B5715368AA94044B13A [1754] O61 - LFC: 09/11/2013 - 21:35:56 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\Content\616AD1AB067CFD351D6C0EF6F3E12F40 [535] O61 - LFC: 09/11/2013 - 21:35:56 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\Content\62B5AF9BE9ADC1085C3C56EC07A82BF6 [112875] O61 - LFC: 09/11/2013 - 21:35:56 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\Content\C27229390F3F6926292942FB717A1F0F [7032] O61 - LFC: 09/11/2013 - 21:35:57 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\MetaData\398EE64D66758B5715368AA94044B13A [110] O61 - LFC: 09/11/2013 - 21:35:57 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\MetaData\616AD1AB067CFD351D6C0EF6F3E12F40 [134] O61 - LFC: 09/11/2013 - 21:35:57 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\MetaData\62B5AF9BE9ADC1085C3C56EC07A82BF6 [124] O61 - LFC: 09/11/2013 - 21:35:57 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\MetaData\C27229390F3F6926292942FB717A1F0F [120] O61 - LFC: 09/11/2013 - 21:36:12 ---A- . (.Orange.) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\try.txt [190976] O61 - LFC: 09/11/2013 - 21:36:20 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\ZHP\ZHPDiag.txt [229452] =>.Nicolas Coolman O61 - LFC: 09/11/2013 - 21:36:32 ---A- . (...) -- C:\Documents and Settings\Perso\Bureau\ZHPDiagrapport [229452] =>.Nicolas Coolman O61 - LFC: 09/11/2013 - 21:36:32 ---A- . (.Nicolas Coolman.) -- C:\Documents and Settings\Perso\Bureau\ZHPDiag2.exe [6846820] =>.Nicolas Coolman O61 - LFC: 09/11/2013 - 21:36:42 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Avg2013\log\avgdecider.log.2 [65592] O61 - LFC: 09/11/2013 - 21:36:42 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Avg2013\log\avgui.log.1 [131171] O61 - LFC: 09/11/2013 - 21:36:43 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Avg2013\log\krnlapi.log.1 [1024026] O61 - LFC: 09/11/2013 - 21:36:44 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ammjbfijeglcdlnlnhlkdhgjnlgmpehe_0.localstorage [3072] O61 - LFC: 09/11/2013 - 21:36:56 ---A- . (...) -- C:\Documents and Settings\Perso\Mes documents\AdwCleaner_1.606_En.exe [581957] O61 - LFC: 09/11/2013 - 21:37:08 ---A- . (...) -- C:\Documents and Settings\Perso\UserData\index.dat [32768] O61 - LFC: 10/11/2013 - 21:35:53 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG2013\cfgall\userawacs.cfg [38644] O61 - LFC: 10/11/2013 - 21:35:53 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG2013\cfgall\userguistate.cfg [82440] O61 - LFC: 10/11/2013 - 21:35:54 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\HP\CRMLogs\BrandAuthentication.htm [4774] O61 - LFC: 10/11/2013 - 21:35:55 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [506] O61 - LFC: 10/11/2013 - 21:35:55 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2013-11-10 (15-41-31).txt [9700] O61 - LFC: 10/11/2013 - 21:35:55 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\Content\1F356F4D07FE8C483E769E4586569404 [53259] O61 - LFC: 10/11/2013 - 21:35:55 -SHA- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\Credentials\S-1-5-21-1202660629-492894223-1343024091-1003\Credentials [1356] O61 - LFC: 10/11/2013 - 21:35:56 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\Content\3B6E683A7A45CC59BF035C9BA8C7AB9D [494] O61 - LFC: 10/11/2013 - 21:35:56 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\Content\8A9510437CB4EEB09F4B3AC2BC980E19 [3060] O61 - LFC: 10/11/2013 - 21:35:56 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\Content\B69D763EB21649DA26F20618312DEE70 [75433] O61 - LFC: 10/11/2013 - 21:35:57 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\MetaData\1F356F4D07FE8C483E769E4586569404 [126] O61 - LFC: 10/11/2013 - 21:35:57 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\MetaData\3B6E683A7A45CC59BF035C9BA8C7AB9D [132] O61 - LFC: 10/11/2013 - 21:35:57 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\MetaData\8A9510437CB4EEB09F4B3AC2BC980E19 [120] O61 - LFC: 10/11/2013 - 21:35:57 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\MetaData\B69D763EB21649DA26F20618312DEE70 [128] O61 - LFC: 10/11/2013 - 21:36:04 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\crypv.oi [310] O61 - LFC: 10/11/2013 - 21:36:04 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\menuWin\email.bmp [822] O61 - LFC: 10/11/2013 - 21:36:04 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\menuWin\orange.bmp [822] O61 - LFC: 10/11/2013 - 21:36:04 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\menuWin\search.bmp [822] O61 - LFC: 10/11/2013 - 21:36:05 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\menuWin.xml [924] O61 - LFC: 10/11/2013 - 21:36:05 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\menuWin\sms.bmp [822] O61 - LFC: 10/11/2013 - 21:36:05 ---A- . (.Orange.) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\OIExt.dll [190976] O61 - LFC: 10/11/2013 - 21:36:07 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\orange_html\orange.html [334] O61 - LFC: 10/11/2013 - 21:36:08 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html [534] O61 - LFC: 10/11/2013 - 21:36:08 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\sendmail_html\selectedsearch.html [534] O61 - LFC: 10/11/2013 - 21:36:09 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\sendmail_html\sendmail.html [335] O61 - LFC: 10/11/2013 - 21:36:09 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\sendsms_html\selectedsearch.html [534] O61 - LFC: 10/11/2013 - 21:36:09 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\sendsmsselectedtext_html\selectedsearch.html [534] O61 - LFC: 10/11/2013 - 21:36:09 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html [524] O61 - LFC: 10/11/2013 - 21:36:10 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\sendsms_html\sendsms.html [379] O61 - LFC: 10/11/2013 - 21:36:10 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html [540] O61 - LFC: 10/11/2013 - 21:36:10 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\translate_html\translate.html [395] O61 - LFC: 10/11/2013 - 21:36:11 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\stats.txt [226] O61 - LFC: 10/11/2013 - 21:36:13 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\PC Suite\Settings\PCCSConfig.dat [446] O61 - LFC: 10/11/2013 - 21:36:19 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\ZHP\Log.txt [95711] =>.Nicolas Coolman O61 - LFC: 10/11/2013 - 21:36:20 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\ZHP\TestsZHPDiag.txt [3257] =>.Nicolas Coolman O61 - LFC: 10/11/2013 - 21:36:20 ---A- . (...) -- C:\Documents and Settings\Perso\Bureau\adwcleaner.exe [1073262] O61 - LFC: 10/11/2013 - 21:36:24 ---A- . (.Malwarebytes Corporation.) -- C:\Documents and Settings\Perso\Bureau\mbam-setup-1.75.0.1300.exe [10285040] O61 - LFC: 10/11/2013 - 21:36:24 ---A- . (.Thisisu.) -- C:\Documents and Settings\Perso\Bureau\JRT.exe [1034531] O61 - LFC: 10/11/2013 - 21:36:31 ---A- . (...) -- C:\Documents and Settings\Perso\Bureau\SFTGC.exe [1064060] O61 - LFC: 10/11/2013 - 21:36:31 ---A- . (.Bleeping Computer, LLC.) -- C:\Documents and Settings\Perso\Bureau\sc-cleaner.exe [406264] O61 - LFC: 10/11/2013 - 21:36:32 ---A- . (...) -- C:\Documents and Settings\Perso\Bureau\SFTGC.txt [178854] O61 - LFC: 10/11/2013 - 21:36:32 ---A- . (...) -- C:\Documents and Settings\Perso\Bureau\ZHPDiag.lnk [1523] =>.Nicolas Coolman O61 - LFC: 10/11/2013 - 21:36:32 ---A- . (...) -- C:\Documents and Settings\Perso\Bureau\ZHPFix.lnk [1628] =>.Nicolas Coolman O61 - LFC: 10/11/2013 - 21:36:33 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\188QFLFV.txt [152] O61 - LFC: 10/11/2013 - 21:36:33 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\1A39U1ZD.txt [113] O61 - LFC: 10/11/2013 - 21:36:33 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\1VGOMPD1.txt [64] O61 - LFC: 10/11/2013 - 21:36:33 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\39IS0L9P.txt [137] O61 - LFC: 10/11/2013 - 21:36:33 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\4TJ375QZ.txt [597] O61 - LFC: 10/11/2013 - 21:36:33 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\60XHH1SA.txt [93] O61 - LFC: 10/11/2013 - 21:36:34 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\7FI95EGE.txt [65] O61 - LFC: 10/11/2013 - 21:36:34 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\7JJB7KVD.txt [421] O61 - LFC: 10/11/2013 - 21:36:34 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\8GPXFUHW.txt [262] O61 - LFC: 10/11/2013 - 21:36:34 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\9MDIKSBS.txt [159] O61 - LFC: 10/11/2013 - 21:36:34 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\AINHO955.txt [368] O61 - LFC: 10/11/2013 - 21:36:34 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\AO29ASD4.txt [455] O61 - LFC: 10/11/2013 - 21:36:34 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\B2NOSV8B.txt [201] O61 - LFC: 10/11/2013 - 21:36:34 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\ENR7ZD2F.txt [300] O61 - LFC: 10/11/2013 - 21:36:34 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\ER44YGEH.txt [99] O61 - LFC: 10/11/2013 - 21:36:35 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\IA1TEW2W.txt [202] O61 - LFC: 10/11/2013 - 21:36:35 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\ICOAE1D1.txt [186] O61 - LFC: 10/11/2013 - 21:36:35 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\IO9FO8U0.txt [126] O61 - LFC: 10/11/2013 - 21:36:35 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\J0R5X0VB.txt [225] O61 - LFC: 10/11/2013 - 21:36:35 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\JV1621WL.txt [192] O61 - LFC: 10/11/2013 - 21:36:35 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\N3DWJNA2.txt [942] O61 - LFC: 10/11/2013 - 21:36:35 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\U0BYHULA.txt [72] O61 - LFC: 10/11/2013 - 21:36:35 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\V1TURUTZ.txt [70] O61 - LFC: 10/11/2013 - 21:36:35 -SHA- . (...) -- C:\Documents and Settings\Perso\Cookies\index.dat [131072] O61 - LFC: 10/11/2013 - 21:36:36 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\V2L2JLSU.txt [769] O61 - LFC: 10/11/2013 - 21:36:36 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\VRVLRZ9E.txt [1072] O61 - LFC: 10/11/2013 - 21:36:36 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\X3DQ7KJA.txt [103] O61 - LFC: 10/11/2013 - 21:36:36 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\XXE7B1EB.txt [91] O61 - LFC: 10/11/2013 - 21:36:36 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\XYUEU7BC.txt [183] O61 - LFC: 10/11/2013 - 21:36:36 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\YLQ0KA82.txt [210] O61 - LFC: 10/11/2013 - 21:36:36 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\YR5Y3WU3.txt [175] O61 - LFC: 10/11/2013 - 21:36:36 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\Z9CL2M2J.txt [183] O61 - LFC: 10/11/2013 - 21:36:37 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\2424 video.url [52] O61 - LFC: 10/11/2013 - 21:36:37 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\AVON.url [244] O61 - LFC: 10/11/2013 - 21:36:37 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Communauté Orange Jeux.url [194] O61 - LFC: 10/11/2013 - 21:36:37 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Dino-RPG.url [214] O61 - LFC: 10/11/2013 - 21:36:37 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Facebook Accueil.url [1001] O61 - LFC: 10/11/2013 - 21:36:37 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Google.url [174] O61 - LFC: 10/11/2013 - 21:36:37 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Grocado, les jeux gagnants.url [170] O61 - LFC: 10/11/2013 - 21:36:37 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Guide des stations de radio.url [197] O61 - LFC: 10/11/2013 - 21:36:38 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Internet Explorer 7 - Présentation rapide.url [160] O61 - LFC: 10/11/2013 - 21:36:38 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Jeunesse.url [51] O61 - LFC: 10/11/2013 - 21:36:38 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Liens\Hotmail.url [207] O61 - LFC: 10/11/2013 - 21:36:38 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Liens\Orange.url [144] O61 - LFC: 10/11/2013 - 21:36:38 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Liens\Sites suggérés.url [302] O61 - LFC: 10/11/2013 - 21:36:38 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Liens\Telechargez la messagerie instantanée Windows live - Windowslive.url [223] O61 - LFC: 10/11/2013 - 21:36:38 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Liens\Téléchargez vos jeux PC.url [222] O61 - LFC: 10/11/2013 - 21:36:38 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\hotmail.url [514] O61 - LFC: 10/11/2013 - 21:36:39 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\MSN.com.url [119] O61 - LFC: 10/11/2013 - 21:36:39 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Marmiton 39000 recettes de cuisine ! Recettes commentées et notées pour toutes les cuisines. - Accueil - Marmiton.org.url [593] O61 - LFC: 10/11/2013 - 21:36:39 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Microsoft Store.url [161] O61 - LFC: 10/11/2013 - 21:36:39 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Pour Elles.url [52] O61 - LFC: 10/11/2013 - 21:36:39 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Site Internet Explorer sur Microsoft.com.url [160] O61 - LFC: 10/11/2013 - 21:36:39 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Sites Web Microsoft\Internet Explorer 7 - Présentation rapide.url [133] O61 - LFC: 10/11/2013 - 21:36:39 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Sites Web Microsoft\Microsoft Store.url [161] O61 - LFC: 10/11/2013 - 21:36:39 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Sites Web Microsoft\Site Internet Explorer sur Microsoft.com.url [160] O61 - LFC: 10/11/2013 - 21:36:39 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Sites Web Microsoft\Windows Marketplace.url [133] O61 - LFC: 10/11/2013 - 21:36:39 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\marmiton.org\http--www.marmiton.org-.url [239] O61 - LFC: 10/11/2013 - 21:36:40 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Voyage.url [50] O61 - LFC: 10/11/2013 - 21:36:40 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Wibo Werk 1892 -.url [180] O61 - LFC: 10/11/2013 - 21:36:40 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Windows Marketplace.url [160] O61 - LFC: 10/11/2013 - 21:36:40 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse [0] O61 - LFC: 10/11/2013 - 21:36:40 -SHA- . (...) -- C:\Documents and Settings\Perso\IECompatCache\index.dat [868352] O61 - LFC: 10/11/2013 - 21:36:40 -SHA- . (...) -- C:\Documents and Settings\Perso\IETldCache\index.dat [262144] O61 - LFC: 10/11/2013 - 21:36:41 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Avg2013\log\avgcfg.log.1 [65669] O61 - LFC: 10/11/2013 - 21:36:41 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Avg2013\log\avgdecider.log.1 [65604] O61 - LFC: 10/11/2013 - 21:36:44 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences [90656] O61 - LFC: 10/11/2013 - 21:36:46 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt [0] O61 - LFC: 10/11/2013 - 21:36:46 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf [786] O61 - LFC: 10/11/2013 - 21:36:46 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\HP\Digital Imaging\handle.dat [179] O61 - LFC: 10/11/2013 - 21:36:47 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Identities\{58463217-591A-4AC3-8357-2F19B0066F7C}\Microsoft\Outlook Express\Boîte de réception.dbx [7805936] =>.Microsoft Corporation O61 - LFC: 10/11/2013 - 21:36:47 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Identities\{58463217-591A-4AC3-8357-2F19B0066F7C}\Microsoft\Outlook Express\Folders.dbx [74720] =>.Microsoft Corporation O61 - LFC: 10/11/2013 - 21:36:47 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Identities\{58463217-591A-4AC3-8357-2F19B0066F7C}\Microsoft\Outlook Express\Offline.dbx [9656] =>.Microsoft Corporation O61 - LFC: 10/11/2013 - 21:36:47 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\IsolatedStorage\3shdl25v.tbl\1la21x2t.idj\StrongName.xitmqsrqvpqpovqi5kx5u3ghwej4ru23\identity.dat [515] O61 - LFC: 10/11/2013 - 21:36:47 -SHA- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-1202660629-492894223-1343024091-1003\Credentials [2970] O61 - LFC: 10/11/2013 - 21:36:47 -SHA- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat [32768] O61 - LFC: 10/11/2013 - 21:36:48 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\797JJFUW\cjoint[1].xml [13] O61 - LFC: 10/11/2013 - 21:36:48 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\797JJFUW\people.directory.live[1].xml [13] O61 - LFC: 10/11/2013 - 21:36:48 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\797JJFUW\www.zebulon[1].xml [13] O61 - LFC: 10/11/2013 - 21:36:48 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\M3HZVLE5\dub117.mail.live[1].xml [394] O61 - LFC: 10/11/2013 - 21:36:48 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\M3HZVLE5\www.bleepingcomputer[1].xml [13] O61 - LFC: 10/11/2013 - 21:36:48 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\QBSK2C7J\download.cnet[1].xml [13] O61 - LFC: 10/11/2013 - 21:36:48 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\QBSK2C7J\googleads.g.doubleclick[1].xml [13] O61 - LFC: 10/11/2013 - 21:36:48 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\brndlog.txt [12392] O61 - LFC: 10/11/2013 - 21:36:48 -SHA- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat [32768] O61 - LFC: 10/11/2013 - 21:36:49 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\QBSK2C7J\www.commentcamarche[1].xml [13] O61 - LFC: 10/11/2013 - 21:36:49 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\VTACIJMZ\c.betrad[1].xml [13] O61 - LFC: 10/11/2013 - 21:36:49 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\VTACIJMZ\cdns.gigya[1].xml [13] O61 - LFC: 10/11/2013 - 21:36:49 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\VTACIJMZ\forum.zebulon[1].xml [13] O61 - LFC: 10/11/2013 - 21:36:49 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\VTACIJMZ\secure.shared.live[1].xml [414] O61 - LFC: 10/11/2013 - 21:36:49 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\VTACIJMZ\www.google[1].xml [555] O61 - LFC: 10/11/2013 - 21:36:49 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{14803270-4A46-11E3-A562-002191FC5661}.dat [4096] O61 - LFC: 10/11/2013 - 21:36:49 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{14803271-4A46-11E3-A562-002191FC5661}.dat [3584] O61 - LFC: 10/11/2013 - 21:36:49 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{14803272-4A46-11E3-A562-002191FC5661}.dat [4608] O61 - LFC: 10/11/2013 - 21:36:50 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico [1150] O61 - LFC: 10/11/2013 - 21:36:52 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Nokia\Nokia Data Store\DataBase\MDataStore.db3 [561152] O61 - LFC: 10/11/2013 - 21:36:52 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Nokia\Nokia Data Store\Thumbnail\DataBase\MDataStore.db3 [1032192] O61 - LFC: 10/11/2013 - 21:36:52 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Nokia\Nokia Suite\CDC\statistics.dat [81055] O61 - LFC: 10/11/2013 - 21:36:52 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Nokia\Nokia Suite\Cache\recentMessagesModel.dat [728] O61 - LFC: 10/11/2013 - 21:36:53 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Toshiba\BluetoothStack\V1.0\SDP03467.sdb [4004] O61 - LFC: 10/11/2013 - 21:36:53 -SHA- . (...) -- C:\Documents and Settings\Perso\Local Settings\Historique\History.IE5\index.dat [917504] O61 - LFC: 10/11/2013 - 21:36:54 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\NEventMessages.dll [1536] O61 - LFC: 10/11/2013 - 21:36:54 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\NOSEventMessages.dll [1536] O61 - LFC: 10/11/2013 - 21:36:54 -SHA- . (...) -- C:\Documents and Settings\Perso\Local Settings\Historique\History.IE5\MSHist012013111020131111\index.dat [65536] O61 - LFC: 10/11/2013 - 21:37:08 ---A- . (...) -- C:\Documents and Settings\Perso\Recent\SFTGC.lnk [459] O61 - LFC: 10/11/2013 - 21:37:08 ---A- . (...) -- C:\Documents and Settings\Perso\Recent\ZHPDiag.lnk [471] =>.Nicolas Coolman O61 - LFC: 10/11/2013 - 21:37:08 -SHA- . (...) -- C:\Documents and Settings\Perso\PrivacIE\index.dat [13271040] ~ 2 Fichiers temporaires (Temporary files) ~ 32 Fichiers cookies (Cookies files) ~ Files: 168 Scanned in 01mn 17s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 17/08/2011 - C:\WINDOWS\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\alg.exe (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV O64 - Services: CurCS - 04/07/2013 - C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVGIDSAgent) .(.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - LEGACY_AVGIDSAGENT O64 - Services: CurCS - 20/07/2013 - C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys (AVGIDSDriver) .(.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Driver..) - LEGACY_AVGIDSDRIVER O64 - Services: CurCS - 20/07/2013 - C:\WINDOWS\system32\DRIVERS\avgidshx.sys (AVGIDSHX) .(.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Helper Dri.) - LEGACY_AVGIDSHX O64 - Services: CurCS - 10/09/2013 - C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys (AVGIDSShim) .(.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Loader Dri.) - LEGACY_AVGIDSSHIM O64 - Services: CurCS - 20/07/2013 - C:\WINDOWS\system32\DRIVERS\avgldx86.sys (Avgldx86) .(.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - LEGACY_AVGLDX86 O64 - Services: CurCS - 20/07/2013 - C:\WINDOWS\system32\DRIVERS\avglogx.sys (Avglogx) .(.AVG Technologies CZ, s.r.o. - AVG Logging Driver.) - LEGACY_AVGLOGX O64 - Services: CurCS - 01/07/2013 - C:\WINDOWS\system32\DRIVERS\avgmfx86.sys (Avgmfx86) .(.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - LEGACY_AVGMFX86 O64 - Services: CurCS - 05/09/2013 - C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AvgRkx86) .(.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) - LEGACY_AVGRKX86 O64 - Services: CurCS - 21/03/2013 - C:\WINDOWS\system32\DRIVERS\avgtdix.sys (AvgTdiX) .(.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - LEGACY_AVGTDIX O64 - Services: CurCS - 02/10/2013 - C:\WINDOWS\system32\drivers\avgtpx86.sys (avgtp) .(.AVG Technologies - Pas de description.) - LEGACY_AVGTP O64 - Services: CurCS - 23/07/2013 - C:\Program Files\AVG\AVG2013\avgwdsvc.exe (avgwd) .(.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - LEGACY_AVGWD O64 - Services: CurCS - 30/08/2011 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (BthServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BTHSERV O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC O64 - Services: CurCS - 10/06/2013 - C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe (Dedicarz Service) .(.Pas de propriétaire - DedicarzService.) - LEGACY_DEDICARZ_SERVICE O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP O64 - Services: CurCS - 28/09/2001 - C:\WINDOWS\system32\drivers\dmload.sys (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\svchost.exe (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR O64 - Services: CurCS - 05/08/2009 - C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys (fssfltr) .(.Microsoft Corporation - Family Safety Filter Driver (TDI).) - LEGACY_FSSFLTR O64 - Services: CurCS - 11/12/2007 - C:\Program Files\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (FTRTSVC) .(.France Telecom SA - Pas de description.) - LEGACY_FTRTSVC O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\msgpc.sys (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV O64 - Services: CurCS - 20/10/2009 - C:\WINDOWS\system32\Drivers\HTTP.sys (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP O64 - Services: CurCS - 29/07/2008 - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (idsvc) .(.Microsoft Corporation - Windows CardSpace.) - LEGACY_IDSVC O64 - Services: CurCS - 04/06/2004 - C:\WINDOWS\system32\Drivers\InCDfs.sys (InCDfs) .(.Ahead Software AG - InCD File System Driver.) - LEGACY_INCDFS O64 - Services: CurCS - 04/06/2004 - C:\Program Files\Ahead\InCD\InCDsrv.exe (InCDsrv) .(.Ahead Software AG - incdsrv.) - LEGACY_INCDSRV O64 - Services: CurCS - 28/09/2001 - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys (IpFilterDriver) .(.Microsoft Corporation - IP FILTER DRIVER.) - LEGACY_IPFILTERDRIVER O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\ipnat.sys (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS O64 - Services: CurCS - 04/04/2013 - C:\WINDOWS\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 04/04/2013 - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (MBAMScheduler) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMSCHEDULER O64 - Services: CurCS - 04/04/2013 - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (MBAMService) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMSERVICE O64 - Services: CurCS - 10/11/2013 - C:\WINDOWS\system32\drivers\mbamswissarmy.sys (MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSWISSARMY O64 - Services: CurCS - 20/06/2003 - C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe (MDM) .(.Microsoft Corporation - Machine Debug Manager.) - LEGACY_MDM O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\Drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Mount Manager.) - LEGACY_MOUNTMGR O64 - Services: CurCS - 15/07/2011 - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - 21/04/2011 - C:\WINDOWS\system32\Drivers\Mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\Drivers\NDIS.sys (NDIS) .(.Microsoft Corporation - NDIS 5.1 wrapper driver.) - LEGACY_NDIS O64 - Services: CurCS - 08/07/2011 - C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA O64 - Services: CurCS - 11/02/2011 - C:\WINDOWS\system32\drivers\npf.sys (npf) .(.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) - LEGACY_NPF O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\Drivers\PartMgr.sys (PartMgr) .(.Microsoft Corporation - Partition Manager.) - LEGACY_PARTMGR O64 - Services: CurCS - 23/08/2001 - C:\WINDOWS\system32\pctspk.exe (Pctspk) .(.PCtel, Inc. - PCTSPK.EXE.) - LEGACY_PCTSPK O64 - Services: CurCS - 09/08/2007 - C:\WINDOWS\system32\HPZipm12.exe (Pml Driver HPZ12) .(.HP - PML Driver.) - LEGACY_PML_DRIVER_HPZ12 O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE O64 - Services: CurCS - 28/09/2001 - C:\WINDOWS\system32\DRIVERS\rasacd.sys (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\rdbss.sys (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - 28/09/2001 - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (RemoteRegistry) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_REMOTEREGISTRY O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE O64 - Services: CurCS - 13/11/2007 - C:\WINDOWS\system32\DRIVERS\secdrv.sys (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS O64 - Services: CurCS - 22/04/2012 - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (ServiceLayer) .(.Nokia - ServiceLayer Module.) - LEGACY_SERVICELAYER O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION O64 - Services: CurCS - 17/08/2010 - C:\WINDOWS\system32\spoolsv.exe (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\sr.sys (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE O64 - Services: CurCS - 17/02/2011 - C:\WINDOWS\system32\DRIVERS\srv.sys (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV O64 - Services: CurCS - 20/06/2008 - C:\WINDOWS\system32\DRIVERS\tcpip.sys (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES O64 - Services: CurCS - 28/08/2012 - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTomHOMEService) .(.TomTom - Windows Service for TomTom HOME.) - LEGACY_TOMTOMHOMESERVICE O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\vmodem.sys (Vmodem) .(.PCTEL, INC. - HSP Modem Modem Device Driver.) - LEGACY_VMODEM O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\vpctcom.sys (Vpctcom) .(.PCtel, Inc. - HSP Modem Virtual Control Device.) - LEGACY_VPCTCOM O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\vvoice.sys (Vvoice) .(.PCtel, Inc. - HSP Modem device driver.) - LEGACY_VVOICE O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\wanarp.sys (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC O64 - Services: CurCS - 26/05/2008 - C:\WINDOWS\system32\SearchIndexer.exe (WSearch) .(.Microsoft Corporation - Microsoft Windows Search Indexer.) - LEGACY_WSEARCH O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV O64 - Services: CurCS - 13/07/2009 - C:\WINDOWS\system32\DRIVERS\WudfPf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (WudfSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUDFSVC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC ~ Legacy: 163 Scanned in 00mn 09s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (...) -- Bad: (C:\WINDOWS\system32\shell32.dll) Good: (control.exe "%1",%*) =>Broken.OpenCommand O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> <htmlfile>[HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 10 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <MSN Explorer> <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - () - http://search.live.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\system32\appmgmts.dll [176640] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496] O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [78336] O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464] O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll [24576] O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [127488] O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040] O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\System32\es.dll [253952] O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504] O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [99840] O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096] O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792] O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll [198144] O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll [247808] =>.Microsoft Corporation O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248] O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560] O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\system32\seclogon.dll [18944] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\system32\ipnathlp.dll [332800] O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\System32\srsvc.dll [171520] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\WINDOWS\system32\tapisrv.dll [249856] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\System32\w32time.dll [178176] O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll [483840] O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\system32\advapi32.dll [685568] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Service Terminal Server.) -- C:\WINDOWS\system32\termsrv.dll [297984] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [409088] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400] O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024] O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896] O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [27136] O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\system32\qagentrt.dll [293376] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\system32\kmsvc.dll [61440] ~ Services: 41 Scanned in 00mn 07s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.9A317D3BF6170A293853929083E087D0] [sPRF][24/01/2013] (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\dt.dat [26900] [MD5.34BB03E514C7625321D8979F6ABB8CBE] [sPRF][15/02/2007] (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\fusioncache.dat [128] [MD5.2FD19CB174B2CCB6A227BF0F321D4846] [sPRF][10/11/2013] (...) -- C:\Documents and Settings\Perso\Bureau\adwcleaner.exe [1073262] [MD5.86FB5E8D5D1E3E405C46CCBF991E6FD4] [sPRF][10/11/2013] (.Thisisu - Junkware Removal Tool.) -- C:\Documents and Settings\Perso\Bureau\JRT.exe [1034531] [MD5.683FDD3D773C58B262DC07CD0C6CE938] [sPRF][10/11/2013] (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Documents and Settings\Perso\Bureau\mbam-setup-1.75.0.1300.exe [10285040] [MD5.451CFFB21767EBFE887BE4DE82D01A7C] [sPRF][10/11/2013] (.Bleeping Computer, LLC - Windows shortcut cleaner..) -- C:\Documents and Settings\Perso\Bureau\sc-cleaner.exe [406264] [MD5.666BD24BE5A29F1FF17D91CC280BD2EE] [sPRF][10/11/2013] (.Pas de propriétaire - Nettoyage des fichiers temporaires.) -- C:\Documents and Settings\Perso\Bureau\SFTGC.exe [1064060] [MD5.5FB1440B030621C81EAB90D34E2993CC] [sPRF][09/11/2013] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Documents and Settings\Perso\Bureau\ZHPDiag2.exe [6846820] ~ Files: 8 Scanned in 00mn 01s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "000021090200C0400000000000F01FEC" . (.Module de compatibilité pour Microsoft Office System 2007.) -- C:\WINDOWS\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe O90 - PUC: "0100643057937624F993D14C4705097B" . (.Encyclopédie Microsoft Encarta 2003.) -- C:\WINDOWS\Installer\{03460010-3975-4267-9F39-1DC4745090B7}\EESTD.ICO O90 - PUC: "16B3DA692EAE2E11E9278BCAF689CC3E" . (.Google Earth.) -- C:\WINDOWS\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\ARPPRODUCTICON.exe O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\WINDOWS\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon O90 - PUC: "20EA469772190C249A71C24EDCE4EFB3" . (.Nokia Suite.) -- C:\WINDOWS\Installer\{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}\ARPPRODUCTICON.exe O90 - PUC: "243493A986A4ABE4586A555B954F7E00" . (.Microsoft .NET Framework 1.1 French Language Pack.) -- C:\WINDOWS\Installer\{9A394342-4A68-4EBA-85A6-55B559F4E700}\ndpsetup.ico O90 - PUC: "2A7527EE2A93F2D4D9CA9F2FB5A81E8D" . (.Skype™ 5.10.) -- C:\WINDOWS\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe O90 - PUC: "41DC8ECD5FBF46449B4A1EE87453647C" . (.Assistant de connexion Windows Live.) -- C:\WINDOWS\Installer\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}\prodicon.ico O90 - PUC: "521D59DC299285843BFEF5F65BF2AB6D" . (.Skype Toolbars.) -- C:\WINDOWS\Installer\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}\IconUninstallIco =>Toolbar.Skype O90 - PUC: "53418D5DED8BFAC468F797892F9BC2CF" . (.Windows Live Contrôle parental.) -- C:\WINDOWS\Installer\{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}\fssicon.ico O90 - PUC: "68267DD57EB949849A099E509EA18C81" . (.Windows Live Mail.) -- C:\WINDOWS\Installer\{5DD76286-9BE7-4894-A990-E905E91AC818}\wlmail.exe =>.Microsoft Corporation O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.05) - Français.) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico O90 - PUC: "7CEBB04F4A2C00A4B942A750A5C22526" . (.Microsoft Office Live Add-in 1.5.) -- C:\WINDOWS\Installer\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}\ProductIcon O90 - PUC: "A0BC5702F62DAAD44B42059792B634AB" . (.Windows Live FolderShare.) -- C:\WINDOWS\Installer\{2075CB0A-D26F-4DAA-B424-5079296B43BA}\FolderShare48x48.ico O90 - PUC: "A12B436470CC693498C0B2188666F1AE" . (.Windows Live Writer.) -- C:\WINDOWS\Installer\{4634B21A-CC07-4396-890C-2B8168661FEA}\ApplicationIcon.ico O90 - PUC: "B2F5519759897D9468219D52080EEDB5" . (.Bonjour.) -- C:\WINDOWS\Installer\{79155F2B-9895-49D7-8612-D92580E0DE5B}\Bonjour.ico O90 - PUC: "BFB6BBEC807D99F46A33CB62000EE16F" . (.TOSHIBA Bluetooth Stack for Windows by CSR and Apache.) -- C:\WINDOWS\Installer\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}\SCenter.exe O90 - PUC: "C040820900063D11C8EF00054038389C" . (.Microsoft Office XP Professional avec FrontPage.) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\misc.exe,6 O90 - PUC: "C4E4AFE2F5B77F841A0CA18A287B9A3C" . (.HP Update.) -- C:\WINDOWS\Installer\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}\ARPPRODUCTICON.exe O90 - PUC: "CC52075AE2F510D43B7860BD0105D034" . (.Nokia Connectivity Cable Driver.) -- C:\WINDOWS\Installer\{A57025CC-5F2E-4D01-B387-06DB10500D43}\ARPPRODUCTICON.exe O90 - PUC: "CDB2B5AD456F88A46A96D443CB87641A" . (.PC Connectivity Solution.) -- C:\WINDOWS\Installer\{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}\ARPPRODUCTICON.exe O90 - PUC: "CEB1F077178207E48B73BF5852FF3A1B" . (.Windows Live Messenger.) -- C:\WINDOWS\Installer\{770F1BEC-2871-4E70-B837-FB8525FFA3B1}\MsblIco.Exe O90 - PUC: "D95E131BC2026C34489C860F3C57141F" . (.Galerie de photos Windows Live.) -- C:\WINDOWS\Installer\{B131E59D-202C-43C6-84C9-68F0C37541F1}\WLXPhotoGalleryIcon.exe =>.Microsoft Corporation O90 - PUC: "DDB6C50237B7ED245850A990F3532A83" . (.Outil de téléchargement Windows Live.) -- C:\WINDOWS\Installer\{205C6BDD-7B73-42DE-8505-9A093F35A238}\RichUpload.ico O90 - PUC: "DDFF8D05DC09958448F1AA91167C67A7" . (.QuickTime.) -- C:\WINDOWS\Installer\{50D8FFDD-90CD-4859-841F-AA1961C7767A}\Installer.ico O90 - PUC: "E6EBDF634866B264EA89A9931A2B00CC" . (.HP Product Assistant.) -- C:\WINDOWS\Installer\{36FDBE6E-6684-462B-AE98-9A39A1B200CC}\ARPPRODUCTICON.exe O90 - PUC: "F75567D15F409FC4BA02A626B1D0257D" . (.MyPDFConverter.) -- C:\WINDOWS\Installer\{1D76557F-04F5-4CF9-AB20-6A621B0D52D7}\ARPPRODUCTICON.exe O90 - PUC: "FAEC7109A5EB37F4A8E08CE76279E155" . (.TomTom HOME.) -- C:\WINDOWS\Installer\{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}\ARPPRODUCTICON.exe ~ Update Products: 113 Scanned in 00mn 00s ---\\ Enumère les données de la clé NameSpace (MNS) (O92) O92 - MNS: Dossiers Web - {BDEADF00-C265-11D0-BCED-00A0C90AB50F} ~ MNS: 1 Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.BBB258BD86D2D251A9F38FC5B5A1A1EE] [WIS][24/06/2012] (.Nokia - Microsoft_VC100_CRT_SP1.) -- C:\Windows\Installer\1424724.msi [29184] [MD5.649D8A714F0DA0720D75C0B3FC642583] [WIS][24/06/2012] (.Nokia - Nokia Connectivity Cable Driver.) -- C:\Windows\Installer\1424741.msi [337920] [MD5.B67B8705C680CD91A795CE759FB99362] [WIS][24/06/2012] (.Nokia - PC Connectivity Solution.) -- C:\Windows\Installer\1424777.msi [496128] [MD5.DA290387DF51683F6FD99E1EC207D25A] [WIS][24/06/2012] (.Nokia - Nokia Suite.) -- C:\Windows\Installer\1424a58.msi [1225728] [MD5.501ED500905B6C7235BF48ED75C8A075] [WIS][15/02/2007] (.DocumentViewerQFolder - DocumentViewerQFolder.) -- C:\Windows\Installer\147a61.msi [121344] [MD5.6E83154114B51DBB2D1EE4AF39F33B2B] [WIS][15/02/2007] (.CustomerResearchQFolder - CustomerResearchQFolder.) -- C:\Windows\Installer\147a69.msi [121344] [MD5.4333E5BEB659F96428EFB91573348EF2] [WIS][14/02/2011] (.Skype Technologies S.A. - Skype Toolbars.) -- C:\Windows\Installer\24b63f.msi [689152] =>Toolbar.Skype [MD5.8006E5BE1AB3CE6770CD729B31BB6515] [WIS][07/08/2010] (.Nokia - MSVC80_x86_v2.) -- C:\Windows\Installer\288a71e.msi [215552] [MD5.7DBCE9B24BEB7957DAD0FA495EFF6514] [WIS][06/08/2010] (.Nokia - MSVC80_x86.) -- C:\Windows\Installer\3132e4c.msi [163840] [MD5.0880AEB4F8CDE1F705BEA64300B5B0AD] [WIS][11/09/2012] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\3341233.msi [1648640] [MD5.A831FDD76933B8AF20B66E0E0663CB6E] [WIS][03/11/2010] (.Nokia - MSVC90_x86.) -- C:\Windows\Installer\344517.msi [78336] [MD5.80878C6E8DA2D0F4727E561BE9E86F7D] [WIS][15/02/2007] (.eSupportQFolder - eSupportQFolder.) -- C:\Windows\Installer\56c6a.msi [121344] [MD5.42725885578CA6C6E72D24C504D8869F] [WIS][15/02/2007] (.DeviceManagementQFolder - DeviceManagementQFolder.) -- C:\Windows\Installer\56c81.msi [121344] [MD5.36EFC41D28B408B618CC46423BC0F952] [WIS][15/02/2007] (.HP Image Transfer - HP Image Transfer.) -- C:\Windows\Installer\56c8d.msi [3155456] [MD5.FC493771D60F530F7C6DCECB3A716C46] [WIS][15/02/2007] (.FullDPAppQFolder - FullDPAppQFolder.) -- C:\Windows\Installer\d14c7.msi [121344] [MD5.701AE8F5B61D9CC9E9370619C237F774] [WIS][04/11/2006] (.Apple Computer, Inc. - QuickTime Installer.) -- C:\Windows\Installer\fb3bd6.msi [7421952] [MD5.AFD798846D13F62CC0957934DEC71B39] [WIS][16/02/2011] (.Secure Digital Services - MyPDFConverter.) -- C:\Windows\Installer\fe2484.msi [2167808] =>Adware.SPointer ~ WIS: 116 Scanned in 00mn 17s ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 09/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 04/07/2013 4939312 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG2013\avgidsagent.exe SR - | Auto 23/07/2013 283136 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG2013\avgwdsvc.exe SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 10/06/2013 1966960 | (Dedicarz Service) . (...) - C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe SR - | Auto 11/12/2007 65536 | C:\Program Files\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (FTRTSVC) . (.France Telecom SA.) - C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe SS - | Auto 28/08/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 28/08/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Auto 07/10/2011 194104 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe SR - | Auto 04/06/2004 1151090 | (InCDsrv) . (.Ahead Software AG.) - C:\Program Files\Ahead\InCD\InCDsrv.exe SS - | Disabled 12/04/2010 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SS - | Auto 29/08/2013 1073160 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe SR - | Auto 23/08/2001 86016 | (Pctspk) . (.PCtel, Inc..) - C:\WINDOWS\system32\pctspk.exe SR - | Auto 09/08/2007 73728 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe SR - | Demand 22/04/2012 720936 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe SR - | Auto 28/08/2012 92632 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe ~ Services: Scanned in 00mn 25s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Perso at 10/11/2013 21:39:22 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ---\\ Scan Additionnel (O88) Database Version : 12993 - (10/11/2013) Clés trouvées (Keys found) : 18 Valeurs trouvées (Values found) : 3 Dossiers trouvés (Folders found) : 3 Fichiers trouvés (Files found) : 3 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D76557F-04F5-4CF9-AB20-6A621B0D52D7}] =>Adware.SPointer^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a}] =>Adware.PopCap [HKLM\Software\Classes\Interface\{ec1a2105-5621-440f-987d-27ef428131d9}] =>Adware.BHO [HKLM\Software\europa casino] =>Spyware.OnlineGames [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\gamesbar] =>Adware.GamesBar [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a938761b-202b-4828-87e4-f21fec37d02d}] =>Toolbar.PDFSuite [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a938761b-202b-4828-87e4-f21fec37d02d}] =>Toolbar.PDFSuite [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11aa5c56-b4e2-4b8f-803a-d340415532f3}] =>Toolbar.PDFSuite [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11aa5c56-b4e2-4b8f-803a-d340415532f3}] =>Toolbar.PDFSuite [HKLM\Software\Classes\Installer\Features\521D59DC299285843BFEF5F65BF2AB6D] =>Toolbar.Skype [HKLM\Software\Classes\Installer\Products\521D59DC299285843BFEF5F65BF2AB6D] =>Toolbar.Skype [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\521D59DC299285843BFEF5F65BF2AB6D] =>Toolbar.Skype [HKLM\Software\Classes\CLSID\{BD5843ED-13C4-4EFF-ACE9-56CEE22BC087}] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:upstv_fr_8.exe =>Adware.StarterTV^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^ C:\Documents and Settings\All Users\Application Data\PopCap =>Adware.PopCap^ C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign =>Toolbar.AVGSearch C:\Documents and Settings\Perso\Local Settings\Application Data\Temp\Iminent =>Adware.IMBooster [HKLM\Software\StaterTV] =>Adware.StarterTV^ C:\Windows\Installer\24b63f.msi =>Toolbar.Skype^ C:\Windows\Installer\fe2484.msi =>Adware.SPointer^ ~ Additionnel Scan: 305248 Items scanned in 01mn 25s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google ~ http://nicolascoolman.webs.com/apps/blog/show/29259213-adware-startertv =>Adware.StarterTV ~ http://nicolascoolman.webs.com/apps/blog/show/26666257-adware-popcap =>Adware.PopCap ~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer ~ http://nicolascoolman.webs.com/apps/blog/show/34922153-broken-opencommand =>Broken.OpenCommand ~ http://nicolascoolman.webs.com/apps/blog/show/30898245-toolbar-skype =>Toolbar.Skype ~ http://nicolascoolman.webs.com/apps/blog/show/26808625-adware-gamesbar =>Adware.GamesBar ~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster ~ MSI: 8 link(s) detected in 01mn 26s End of the scan (1847 lines in 07mn 49s)(0)
  5. florent01
    Rapport sc cleaner: Shortcut Cleaner 1.2.5 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2013 BleepingComputer.com More Information about Shortcut Cleaner can be found at this link: http://www.bleepingcomputer.com/download/shortcut-cleaner/ Windows Version: Microsoft Windows XP Service Pack 3 Program started at: 11/10/2013 08:49:04 PM. Scanning for registry hijacks: * No issues found in the Registry. Searching for Hijacked Shortcuts: Searching C:\Documents and Settings\Perso\Menu Démarrer\ Searching C:\Documents and Settings\All Users\Menu Démarrer\ Searching C:\Documents and Settings\Perso\Application Data\Microsoft\Internet Explorer\Quick Launch\ Searching C:\Documents and Settings\All Users\Bureau\ Searching C:\Documents and Settings\Perso\Bureau 0 bad shortcuts found. Program finished at: 11/10/2013 08:49:13 PM Execution time: 0 hours(s), 0 minute(s), and 9 seconds(s) Le pc rame toujours un peu au démarrage mais moins quand même. Mais sur internet c'est la galere!!!! il rame pas possible
  6. florent01
    Voici le rapport de MBAM: Malwarebytes Anti-Malware (Essai) 1.75.0.1300 www.malwarebytes.org Version de la base de données: v2013.11.10.02 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Perso :: N-7UI4UUTJXN35X [administrateur] Protection: Désactivé 10/11/2013 15:41:31 mbam-log-2013-11-10 (15-41-31).txt Type d'examen: Examen complet (A:\|C:\|D:\|E:\|F:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM | P2P Options d'examen désactivées: Elément(s) analysé(s): 310184 Temps écoulé: 4 heure(s), 5 minute(s), 29 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 4 HKCU\SOFTWARE\Microsoft\Installer\Features\9EE2330AE5F4470CAC801BAAC83818C9 (Adware.Zango) -> Mis en quarantaine et supprimé avec succès. HKCU\SOFTWARE\Microsoft\Installer\Products\568267ACFC5644DAB06F058006DDBAE3 (Adware.Zango) -> Mis en quarantaine et supprimé avec succès. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} (Rogue.WinAntiVirus) -> Mis en quarantaine et supprimé avec succès. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} (Trojan.Agent.IE) -> Mis en quarantaine et supprimé avec succès. Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 19 C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2304\A0513960.exe (PUP.Optional.WebCake.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2304\A0513956.dll (PUP.Optional.WebCake.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2304\A0513957.exe (PUP.Optional.WebCake.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2304\A0513959.exe (PUP.Optional.WebCake.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2314\A0518284.exe (Trojan.Downloader.SMS) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2334\A0522612.exe (Adware.Tuto4PC) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2356\A0528804.exe (Adware.Tuto4PC) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2357\A0529091.exe (PUP.Optional.OfferBox.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2357\A0531065.exe (Adware.Tuto4PC) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2357\A0531066.exe (Adware.Tuto4PC) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2358\A0532582.dll (PUP.Optional.Glindorus.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2358\A0532653.msi (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2324\A0521169.exe (PUP.Optional.Babylon.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2324\A0521174.dll (PUP.Optional.BabylonToolBar.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2324\A0521176.dll (PUP.Optional.BabylonToolBar.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2324\A0521177.dll (PUP.Optional.BabylonToolBar.A) -> Mis en quarantaine et supprimé avec succès. C:\System Volume Information\_restore{B70A76D9-9EB5-4A54-B8E0-FF636E41BADA}\RP2324\A0521179.exe (PUP.Optional.BabylonToolBar.A) -> Mis en quarantaine et supprimé avec succès. C:\Documents and Settings\Perso\Mes documents\rcpmmnew_mynew41737-20q9sl0bfRea83WO1Ay8GK1vA72C000..exe (PUP.Optional.RegCleanerPro) -> Mis en quarantaine et supprimé avec succès. C:\Documents and Settings\Perso\Application Data\Icones\icones_pa.ico (Adware.GibMedia) -> Mis en quarantaine et supprimé avec succès. (fin)
  7. florent01
    voici le rapport sftgc: http://cjoint.com/?3Kkn6xC2hAd
  8. florent01
    voici le rapport adw: # AdwCleaner v3.011 - Rapport créé le 10/11/2013 à 12:17:44 # Mis à jour le 03/11/2013 par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : Perso - N-7UI4UUTJXN35X # Exécuté depuis : C:\Documents and Settings\Perso\Bureau\adwcleaner.exe # Option : Nettoyer ***** [ Services ] ***** [#] Service Supprimé : Software_update [#] Service Supprimé : Software_update_m Service Supprimé : vToolbarUpdater17.0.12 ***** [ Fichiers / Dossiers ] ***** Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\AVG Secure Search Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\BoxUpdChk Dossier Supprimé : C:\Program Files\AVG Secure Search Dossier Supprimé : C:\Program Files\RegClean Dossier Supprimé : C:\Program Files\Fichiers communs\AVG Secure Search Dossier Supprimé : C:\Documents and Settings\Perso\Local Settings\Application Data\AVG Secure Search Dossier Supprimé : C:\Documents and Settings\Perso\Local Settings\Application Data\PackageAware Dossier Supprimé : C:\Documents and Settings\Perso\Application Data\AVG Secure Search Dossier Supprimé : C:\Documents and Settings\Perso\Application Data\Mozilla\Firefox\Profiles\2hqx91zn.default\Extensions\plugin@getwebcake.com [!] Dossier Supprimé : C:\Documents and Settings\Perso\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Fichier Supprimé : C:\Documents and Settings\Perso\Application Data\Mozilla\Firefox\Profiles\2hqx91zn.default\Extensions\pricepeep@getpricepeep.com.xpi Fichier Supprimé : C:\alotserviceruntime.log Fichier Supprimé : C:\Documents and Settings\Perso\Application Data\Mozilla\Firefox\Profiles\2hqx91zn.default\user.js Fichier Supprimé : C:\Documents and Settings\Perso\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage Fichier Supprimé : C:\Documents and Settings\Perso\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.iminent.com_0.localstorage Fichier Supprimé : C:\Documents and Settings\Perso\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.iminent.com_0.localstorage-journal ***** [ Raccourcis ] ***** ***** [ Registre ] ***** Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Iminent Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Clé Supprimée : HKLM\Software\Classes\popcaploader.popcaploaderctrl2 Clé Supprimée : HKLM\Software\Classes\popcaploader.popcaploaderctrl2.1 Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.Software.com/Software Update;version=3 Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.Software.com/Software Update;version=9 Clé Supprimée : HKLM\SOFTWARE\9e8ddfb33ae848 Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{08C06D61-F1F3-4799-86F8-BE1A89362C85} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1D970ED5-3EDA-438D-BFFD-715931E2775B} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C9A6357B-25CC-4BCF-96C1-78736985D412} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08C06D61-F1F3-4799-86F8-BE1A89362C85} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A93C934-025B-4C3A-B38E-9654A7003239} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D970ED5-3EDA-438D-BFFD-715931E2775B} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D970ED5-3EDA-438D-BFFD-715931E2775B} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3EA8D036-C9E7-4721-BCDF-C13D00C4CC39} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C9A6357B-25CC-4BCF-96C1-78736985D412} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C9A6357B-25CC-4BCF-96C1-78736985D412}] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{08C06D61-F1F3-4799-86F8-BE1A89362C85}] Clé Supprimée : HKCU\Software\AVG Secure Search Clé Supprimée : HKCU\Software\Duuqu Clé Supprimée : HKCU\Software\lollipop Clé Supprimée : HKCU\Software\SpeedMaxPC Clé Supprimée : HKCU\Software\Tuto4PC Clé Supprimée : HKCU\Software\Tutorials Clé Supprimée : HKCU\Software\TutoTag Clé Supprimée : HKCU\Software\WEDLMNGR Clé Supprimée : HKCU\Software\Winsudate Clé Supprimée : HKLM\Software\AVG Secure Search Clé Supprimée : HKLM\Software\AVG Security Toolbar Clé Supprimée : HKLM\Software\Duuqu Clé Supprimée : HKLM\Software\SpeedMaxPC Clé Supprimée : HKLM\Software\Tutorials Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Offerbox Browser Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC ***** [ Navigateurs ] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Mozilla Firefox v -\\ Google Chrome v30.0.1599.101 [ Fichier : C:\Documents and Settings\Perso\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [9828 octets] - [10/11/2013 12:12:48] AdwCleaner[s0].txt - [9874 octets] - [10/11/2013 12:17:44] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [9934 octets] ##########
  9. florent01
    bonjour, Voici le rapport junkware: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.8 (11.05.2013:1) OS: Microsoft Windows XP x86 Ran by Perso on 10/11/2013 at 11:41:59,30 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [service] update glindorus Successfully deleted: [service] update glindorus ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ntredirect Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1 Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\glindorus Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\optimizer pro Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1202660629-492894223-1343024091-1003\Software\sweetim Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\webcakeupdater Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\glindorus Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\glindorus Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\pricepeep Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{cd95d125-2992-4858-b3ef-5f6fb52fbad6} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A6E0A12A-1B70-4AE9-B4EA-0638CE2CE280} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D970ED5-3EDA-438D-BFFD-715931E2775B} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} ~~~ Files Successfully deleted [File] C:\Documents and Settings\All Users\Microsoft\DRM\LOG7.tmp [TDL4 Trace] ~~~ Folders Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\speedmaxpc" Successfully deleted: [Folder] "C:\Documents and Settings\Perso\Application Data\drivercure" Successfully deleted: [Folder] "C:\Documents and Settings\Perso\Application Data\movdap" Successfully deleted: [Folder] "C:\Documents and Settings\Perso\Application Data\speedmaxpc" Successfully deleted: [Folder] "C:\Documents and Settings\Perso\Application Data\systweak" Successfully deleted: [Folder] "C:\Documents and Settings\Perso\Application Data\web cake" Successfully deleted: [Folder] "C:\Documents and Settings\Perso\Local Settings\Application Data\duuqu" Successfully deleted: [Folder] "C:\Documents and Settings\Perso\Local Settings\Application Data\eorezo" Successfully deleted: [Folder] "C:\Documents and Settings\Perso\Local Settings\Application Data\lollipop" Successfully deleted: [Folder] "C:\Program Files\duuqu" Successfully deleted: [Folder] "C:\Program Files\glindorus" Successfully deleted: [Folder] "C:\Program Files\movdap" Successfully deleted: [Folder] "C:\Program Files\pricepeep" Successfully deleted: [Folder] "C:\Program Files\registry mechanic" Successfully deleted: [Folder] "C:\Program Files\software" Successfully deleted: [Folder] "C:\Program Files\web cake" ~~~ Chrome Successfully deleted: [Folder] C:\Documents and Settings\Perso\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bjeikeheijdjdfjbmknpefojickbkmom Successfully deleted: [Folder] C:\Documents and Settings\Perso\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 10/11/2013 at 12:06:46,26 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  10. florent01
    Bonjour, Mon ordinateur est très lent au démarrage et une fenêtre apparait chaque fois avec se message: C:Documents&settings/perso/applicationdata/babsolution/shared/enhancedNT.dll le fichier ne peut être chargé. Suite à une visite sur votre site voici le rapport que me donne ZHPdiag: ~ Rapport de ZHPDiag v2013.11.9.20 - Nicolas Coolman (09/11/2013) ~ Lancé par Perso (09/11/2013 22:44:28) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Not Found ---\\ Navigateurs Internet MSIE: Internet Explorer v8.0.6001.18702 GCIE: Google Chrome v30.0.1599.101 ---\\ Informations sur les produits Windows ~ Langage: Français Windows XP Professional Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : OK ---\\ Logiciels de protection du système AVG 2013 v13.0.3222 Spybot - Search & Destroy v1.6.2 ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 11 ActiveX Adobe Reader XI ---\\ Informations sur le système ~ Processor: x86 Family 6 Model 4 Stepping 2, AuthenticAMD ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 495 MB (14% free) System Restore: Activé (Enable) System drive C: has 47 GB (60%) free of 76 GB ---\\ Mode de connexion au système ~ Computer Name: N-7UI4UUTJXN35X ~ User Name: Perso ~ All Users Names: SUPPORT_388945a0, Perso, HelpAssistant, ASPNET, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Documents and Settings\Perso\Application Data\ZHP\ ~ %AppData% : C:\Documents and Settings\Perso\Application Data\ ~ %Desktop% : C:\Documents and Settings\Perso\Bureau\ ~ %Favorites% : C:\Documents and Settings\Perso\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\Perso\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\Perso\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ Enumération des unités disques A: Floppy drive, Flash card reader, USB Key (Not Inserted) C: Hard drive, Flash drive, Thumb drive (Free 47 Go of 76 Go) D: CD-ROM drive (Not Inserted) E: CD-ROM drive (Not Inserted) F: Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 42 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.F8DD21FC65131E064FBF11F01E4F4BFD] - (.Microsoft Corporation - Internet Extensions for Win32.) (.23/09/2013 - 19:23:33.) -- C:\WINDOWS\system32\wininet.dll [920064] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 19:40:30.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512] [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 20:14:21.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744] [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 19:40:46.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976] [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 02:57:38.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672] [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 17:36:05.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384] [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 03:00:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144] [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 19:40:58.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112] [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 19:57:15.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832] [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 20:19:42.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264] [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320] [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 20:21:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 20:15:53.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976] [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 03:09:40.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384] [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 20:19:43.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328] [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 19:32:51.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224] [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.14/04/2008 - 02:57:34.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752] [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 02:56:04.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/371 ~ Mes musiques (My Musics) : 1/5 ~ Mes Videos (My Videos) : 1/10 ~ Mes Favoris (My Favorites) : 1/62 ~ Mes Documents (My Documents) : 4/4172 ~ Mon Bureau (My Desktop) : 1/12758 ~ Menu demarrer (Programs) : 1/72 ~ Hidden Files: Scanned in 00mn 19s ---\\ Processus lancés [MD5.5C96C1ED05710A192B10241DC5C2BE30] - (.Ahead Software AG - incdsrv.) -- C:\Program Files\Ahead\InCD\InCDsrv.exe [1151090] [PID.1152] [MD5.4DB93F4DB7077801D2D82013506AC1D0] - (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312] [PID.1960] [MD5.1F272ACBF9E17A0917524773DA8C9140] - (.THOMSON - SpeedTouch Statistics.) -- C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [878080] [PID.2036] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- ystem32\rundll32.exe [0] [PID.2044] [MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208] [PID.140] [MD5.729FFD6B3EF92C499EEED25D504DC1DB] - (.Apple Computer, Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe [282624] [PID.192] [MD5.48939D9F350AEF9370F03A1E49A49BE2] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136] [PID.216] [MD5.7D6901AF39F984043DD45846AFEBFEFB] - (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe [2404376] [PID.224] =>Toolbar.AVGSearch [MD5.F6573F33A8BB3525ABECCD8DD00603FD] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2013\avgui.exe [4411952] [PID.244] [MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.292] [MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.724] [MD5.E7CAAE5C682A19E7C6FF77D9136EBA5C] - (.Nokia - Nokia Suite.) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1084840] [PID.984] [MD5.373576844EE644449420AF296853C9A5] - (.Orange - Executable Orange Inside.) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\one\OrangeInside.exe [1514896] [PID.1100] [MD5.9D519AAA21E622DF7DF27041E0917499] - (.Pas de propriétaire - DedicarzService.) -- C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe [1966960] [PID.1048] [MD5.C88862F45AC3B447DF50E814BE2F6A13] - (.France Telecom SA - Pas de description.) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [65536] [PID.1052] [MD5.4543367E50BD35E7D1269D42841B156E] - (.Hewlett-Packard Development Company, L.P. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [288472] [PID.1860] [MD5.5229F48A85879A9D256CBEFC23FC95B9] - (.TOSHIBA CORPORATION. - TosBtMng.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [483328] [PID.1872] [MD5.E3A2C0BCBE14A0116F80657079A19D25] - (.Matsushita Electric Industrial Co., Ltd. - LUMIX Simple Viewer.) -- C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [57344] [PID.1920] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648] [PID.2192] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [322120] [PID.2232] [MD5.CF7B0E597C1F34E528285495721DEEE9] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe [237960] [PID.2300] [MD5.F2FD07BE3401FD6BFDF65716E72900C9] - (.AVG Technologies CZ, s.r.o. - AVG Online Shield Service.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe [1117744] [PID.2436] [MD5.6ED85DB2C3DBBF49C734A883FED21E0A] - (.TOSHIBA CORPORATION. - TosA2dp.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe [258048] [PID.2560] [MD5.9946F9F9B359B010E879D6FF0155D9B7] - (.PCtel, Inc. - PCTSPK.EXE.) -- C:\WINDOWS\system32\pctspk.exe [86016] [PID.2628] [MD5.57FD13E2544B2D0DA5BA20CAD438B7E2] - (.TOSHIBA CORPORATION. - TosBtHSP.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe [217088] [PID.2788] [MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [73728] [PID.2796] [MD5.87BCF7A6A70060A48F9F5E6F80228A3F] - (.Hewlett-Packard Development Company, L.P. - HP Photosmart Premier.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe [479232] [PID.3268] [MD5.0407143F2BBC1A5DD5B518AC0704FCBF] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [92632] [PID.3332] [MD5.B2B9BDECE253AE113B0F0901C699A5F8] - (.AVG Secure Search - ToolbarU Application.) -- C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680] [PID.3620] =>Toolbar.AVGSearch [MD5.EF01C8CA8FA927B0213603B560C8C9F0] - (.Pas de propriétaire - loggings Application.) -- C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe [159768] [PID.3796] =>Toolbar.AVGSearch [MD5.88029974B1C9995CFA3BD9560BBA2EEF] - (.Hewlett-Packard Development Company, L.P. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [239320] [PID.1848] [MD5.C15B813F2FDB44F87F23312472C6E790] - (.Nokia - ServiceLayer Module.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [720936] [PID.2636] [MD5.B26F1872CC4407754FB5CFE9B4243D8E] - (.Nokia - USB Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe [174120] [PID.1176] [MD5.71E4926DB14593CC8EBCD7A991C57FA0] - (.Nokia - Microsoft Bluetooth Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe [142376] [PID.3344] [MD5.3DF82A30D1C728CE53FC0D63666FF48C] - (.Nokia - Serial Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe [148008] [PID.1516] [MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816] [PID.2536] [MD5.0C3C47124215C5E566F92C3F2E31D86A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8192512] [PID.1084] ~ Processes Running: Scanned in 00mn 05s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Documents and Settings\Perso\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences ~ Google Browser: 0 Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\Perso\Application Data\Mozilla\Firefox\Profiles\2hqx91zn.default\prefs.js (.not file.) C:\Documents and Settings\Perso\Application Data\Mozilla\Firefox\Profiles\2hqx91zn.default\user.js M2 - MFEP: prefs.js [Perso - 2hqx91zn.default\plugin@getwebcake.com] [] WebCake v1.00.01 (..) =>Adware.WebCake M2 - MFEP: prefs.js [Perso - 2hqx91zn.default\toolbar@Orange.fr] [] barre d'outils Orange v4.3.0.0 (..) P2 - FPN: [HKLM] [@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] - (.AVG Technologies - npsitesafety.) -- C:\Program Files\Fichiers communs\AVG Secure Search\SiteSafetyInstaller\17.0.12\npsitesafety.dll =>Toolbar.AVGSearch P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll =>.Google Inc P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@nokia.com/EnablerPlugin] - (.Pas de propriétaire - Nokia Suite Enabler Plugin.) -- C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=14] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.Software.com/Software Update;version=3] - (.The Software Group - Software Update.) -- C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll =>Adware.Boxore P2 - FPN: [HKLM] [@tools.Software.com/Software Update;version=9] - (.The Software Group - Software Update.) -- C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll =>Adware.Boxore P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.05.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll P2 - FPN: [HKLM] [yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] - (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) -- C:\Program Files\Yahoo!\Common\npyaxmpb.dll ~ Firefox Browser: 15 Scanned in 00mn 01s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) (No version) -- (.not file.) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) (No version) -- (.not file.) R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ IE Browser: 12 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 20 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: ToolbarOrange.InitToolbarBHO - {1d970ed5-3eda-438d-bffd-715931e2775b} . (...) -- mscoree.dll (.not file.) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Barre d'outils pour IE.) -- c:\program files\google\googletoolbar4.dll =>Toolbar.Google O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll =>Toolbar.Google O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ~ BHO: 36 Scanned in 00mn 01s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: &Google - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Barre d'outils pour IE.) -- c:\program files\google\googletoolbar4.dll =>Toolbar.Google O3 - Toolbar: (no name) - [HKLM]{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Clé orpheline O3 - Toolbar: (no name) - [HKLM]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline O3 - Toolbar: barre d'outils Orange - [HKLM]{c9a6357b-25cc-4bcf-96c1-78736985d412} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation O3 - Toolbar: AVG Security Toolbar - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch O3 - Toolbar: (no name) - [HKCU]{1E796980-9CC5-11D1-A83F-00C04FC99D61} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{F2CF5485-4E02-4F68-819C-B92DE9277049} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Program [AllUsers]: Adobe Reader XI.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico O4 - GS\Program [AllUsers]: Installation du Contrôle Parental.lnk . (.InstallShield Software Corporation - InstallShield ® Setup Launcher.) -- C:\Program Files\Securitoo\Controle Parental\Controle_parental.exe O4 - GS\Program [AllUsers]: Microsoft Access.lnk . (...) -- C:\WINDOWS\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\accicons.exe O4 - GS\Program [AllUsers]: Microsoft AutoRoute 2002.lnk . (...) -- C:\WINDOWS\Installer\{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}\_EEEB0DC6B9B4_49F0_BA10_A04D928A3C81.exe O4 - GS\Program [AllUsers]: Microsoft Excel.lnk . (...) -- C:\WINDOWS\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe O4 - GS\Program [AllUsers]: Microsoft FrontPage.lnk . (...) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\misc.exe O4 - GS\Program [AllUsers]: Microsoft Outlook.lnk . (...) -- C:\WINDOWS\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\outicon.exe O4 - GS\Program [AllUsers]: Microsoft PowerPoint.lnk . (...) -- C:\WINDOWS\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\pptico.exe O4 - GS\Program [AllUsers]: Microsoft Publisher.lnk . (...) -- C:\WINDOWS\Installer\{0004040C-78E1-11D2-B60F-006097C998E7}\pubs.exe O4 - GS\Program [AllUsers]: Microsoft Word.lnk . (...) -- C:\WINDOWS\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe O4 - GS\Program [AllUsers]: MSN Explorer.lnk . (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\msn6.exe O4 - GS\Program [AllUsers]: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - GS\Program [AllUsers]: Windows Search.lnk . (.Microsoft Corporation - Windows Search System Tray.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe O4 - GS\Program [Perso]: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe =>.Microsoft Corporation O4 - GS\Program [Perso]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Program [Perso]: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe =>.Microsoft Corporation O4 - GS\Program [Perso]: Pages Annuaire.lnk - Clé orpheline O4 - GS\Program [Perso]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation ~ Global Startup: 24 Scanned in 00mn 01s ---\\ Applications lancées au démarrage du sytème (O4) O4 - GS\Program [AllUsers]: Adobe Gamma Loader.exe.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.) -- C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - GS\Program [AllUsers]: Bluetooth Manager.lnk . (...) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe O4 - GS\Program [AllUsers]: Démarrage rapide de HP Photosmart Premier.lnk . (.Hewlett-Packard Development Company, L.P. - HP Photosmart Premier.) -- C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe =>.Hewlett-Packard Co O4 - GS\Program [AllUsers]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Development Company, L.P. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co O4 - GS\Program [AllUsers]: LUMIX Simple Viewer.lnk . (.Matsushita Electric Industrial Co., Ltd. - LUMIX Simple Viewer.) -- C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe O4 - GS\Program [AllUsers]: Windows Search.lnk . (.Microsoft Corporation - Windows Search System Tray.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] . (.THOMSON - SpeedTouch Statistics.) -- C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] Clé orpheline O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co O4 - HKLM\..\Run: [ORAHSSSessionManager] . (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [CamserviceHD] . (.Guillemot Corporation S.A. - CamService Application.) -- C:\Program Files\Hercules\Hercules DualPix HD Webcam\Camservice.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Computer, Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe O4 - HKLM\..\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch O4 - HKLM\..\Run: [upstv_fr_8.exe] C:\Documents and Settings\Perso\Local Settings\Application Data\startertv_fr_8\upstv_fr_8.exe (.not file.) =>Adware.StarterTV O4 - HKLM\..\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2013\avgui.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Run: [startertv_fr_13] Clé orpheline =>Adware.StarterTV O4 - HKLM\..\Run: [startertv_fr_15] Clé orpheline =>Adware.StarterTV O4 - HKLM\..\Run: [startertv_fr_8] Clé orpheline =>Adware.StarterTV O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O4 - HKCU\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe O4 - HKCU\..\Run: [orangeinside] . (.Orange - Executable Orange Inside.) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\one\OrangeInside.exe O4 - HKCU\..\Run: [NTRedirect] C:\Documents and Settings\Perso\Application Data\BabSolution\Shared\enhancedNT.dll (.not file.) =>Hijacker.BabSolution O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe O4 - HKUS\S-1-5-21-1202660629-492894223-1343024091-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1202660629-492894223-1343024091-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKUS\S-1-5-21-1202660629-492894223-1343024091-1003\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O4 - HKUS\S-1-5-21-1202660629-492894223-1343024091-1003\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe O4 - HKUS\S-1-5-21-1202660629-492894223-1343024091-1003\..\Run: [orangeinside] . (.Orange - Executable Orange Inside.) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\one\OrangeInside.exe O4 - HKUS\S-1-5-21-1202660629-492894223-1343024091-1003\..\Run: [NTRedirect] C:\Documents and Settings\Perso\Application Data\BabSolution\Shared\enhancedNT.dll (.not file.) =>Hijacker.BabSolution ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll ~ Winsock: 5 Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} ((no name)) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} ((no name)) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} ((no name)) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - ((no name)) - (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {49232000-16E4-426C-A231-62846947304B} ((no name)) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} ((no name)) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} ((no name)) - http://logicielsgratuits.orange.fr/download_service/Install/OrangeInstaller.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137401890549 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342519897194 O16 - DPF: {6EBC6744-5383-4213-AD5E-66434ECA1812} ((no name)) - http://download.sp.f-secure.com/ols/nordnet/orange/so-4.1/resources/fslauncher.cab O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} ((no name)) - https://www.vm-wl.com/DownloadManager/Release/Prod/DownMan.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} ((no name)) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} ((no name)) - http://game10.zylom.servicesalacarte.orange.fr/activex/zylomgamesplayer.cab O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} ((no name)) - http://jeuxentelechargement.orange.fr/orange2.0/OnlineHSS/zuma/Popcap.cab =>Adware.PopCap O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} ((no name)) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} ((no name)) - http://h30043.www3.hp.com/aio/fr/check/qdiagh.cab?326 O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} ((no name)) - http://jeuxentelechargement.orange.fr/online2/mahjong_escape_ancient/PTGameLauncher.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} ((no name)) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{EAE7325A-BFF2-4B7A-83DB-ECDAA65337E3}: NameServer = 10.71.250.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{37F0E4EF-CAC7-4349-978D-18C104F33364}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{EAE7325A-BFF2-4B7A-83DB-ECDAA65337E3}: NameServer = 10.71.250.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{37F0E4EF-CAC7-4349-978D-18C104F33364}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{EAE7325A-BFF2-4B7A-83DB-ECDAA65337E3}: NameServer = 10.71.250.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{37F0E4EF-CAC7-4349-978D-18C104F33364}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ~ SSODL: 5 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dedicarz Service (Dedicarz Service) . (.Pas de propriétaire - DedicarzService.) - C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA - Pas de description.) - C:\Program Files\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) . (.Ahead Software AG - incdsrv.) - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Orange update Core Service (Orange update Core Service) . (.Orange SA - Orange Upd@te.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe O23 - Service: PCTEL Speaker Phone (Pctspk) . (.PCtel, Inc. - PCTSPK.EXE.) - C:\WINDOWS\system32\pctspk.exe O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Service Software Update (Software_update (Software_update) . (.The Software Group - Software Update.) - C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Update glindorus (Update glindorus) . (...) - C:\Program Files\glindorus\updateglindorus.exe =>PUP.Glindorus O23 - Service: (vToolbarUpdater17.0.12) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe =>Toolbar.AVGSearch ~ Services: 16 Scanned in 00mn 22s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Word.) - C:\Program Files\Microsoft Office\Office10\WINWORD.exe O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Wallpaper1.bmp ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart) (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Service.) -- C:\PROGRA~1\AVG\AVG2013\avgrsx.exe ~ BEX: 2 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Google Software Updater.job [952] [MD5.A283108E14F3970432C21AF4C0CB1BCE] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257416] [MD5.408DDD80EEDE47175F6844817B90213E] [APT] [Google Software Updater] (.Google.) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [194104] ~ Scheduled Task: 8 Scanned in 00mn 01s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Mise à jour de la version d’Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- C:\WINDOWS\system32\ieudinit.exe O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media de Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe =>.Microsoft Corporation O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\WINDOWS\system32\ie4uinit.exe.mui O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation O40 - ASIC: YInstStarterUpgrade Class - {0291E591-EA41-4c82-8106-3DC6CE7F7664} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\yinsthelper.dll O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll O40 - ASIC: Macromedia Shockwave Director 8.5.1 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Macromedia, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Macromed\Director\SwDir.dll O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll O40 - ASIC: YInstStarter Class - {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\yinsthelper.dll O40 - ASIC: YSearchSetting2 Class - {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\yinsthelper.dll O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp11.inf =>.Microsoft Corporation O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\WINDOWS\system32\ie4uinit.exe.mui O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- c:\WINDOWS\system32\mscories.dll O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe O40 - ASIC: Adobe Flash Player 9 ActiveX - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\WINDOWS\system32\Macromed\Flash\Flash32_11_9_900_117.ocx O40 - ASIC: Installed Component - S-1-5-21-1202660629-492894223-1343024091-1003 - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -- Not Hexadécimal CLSID ~ Active Setup: 24 Scanned in 00mn 01s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (AVGIDSDriver) . (.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Driver..) - C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys O41 - Driver: (AVGIDSShim) . (.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Loader Dri.) - C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys O41 - Driver: (Avgldx86) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\WINDOWS\system32\DRIVERS\avgldx86.sys O41 - Driver: (Avgtdix) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\WINDOWS\system32\DRIVERS\avgtdix.sys O41 - Driver: (avgtp) . (.AVG Technologies - Pas de description.) - C:\WINDOWS\system32\drivers\avgtpx86.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys O41 - Driver: (InCDPass) . (.Ahead Software AG - Ahead RW Filter Driver.) - C:\WINDOWS\system32\DRIVERS\InCDPass.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys O41 - Driver: (Tosrfcom) . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) - C:\WINDOWS\system32\Drivers\tosrfcom.sys O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys ~ Drivers: 81 Scanned in 00mn 01s ---\\ Logiciels installés (O42) O42 - Logiciel: AVG 2013 - (.AVG Technologies.) [HKLM] -- AVG O42 - Logiciel: AVG 2013 - (.AVG Technologies.) [HKLM] -- {6280C3D1-00A3-4E79-BDF6-98332A29B706} O42 - Logiciel: AVG 2013 - (.AVG Technologies.) [HKLM] -- {631E66F3-5BCC-4FF8-9F42-95AF0BFA38B7} O42 - Logiciel: AVG Security Toolbar - (.AVG Technologies.) [HKLM] -- AVG Secure Search =>Toolbar.AVGSearch O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {52E225FC-FCB4-41F7-837B-6E37FB05BD7B} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Photoshop 6.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop 6.0 O42 - Logiciel: Adobe Reader XI (11.0.05) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001} O42 - Logiciel: Adobe SVG Viewer - (.Adobe Systems, Inc..) [HKLM] -- Adobe SVG Viewer O42 - Logiciel: Assistance Livebox - (.Orange.) [HKLM] -- Assistance Livebox O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B} O42 - Logiciel: Connexion Internet Orange - (...) [HKLM] -- {ORAHSS}.UninstallSuite O42 - Logiciel: Dongle Sagem 760N - (...) [HKLM] -- LIVEBOX_SAGEM_760N O42 - Logiciel: Encyclopédie Microsoft Encarta 2003 - (.Microsoft Corporation.) [HKLM] -- {03460010-3975-4267-9F39-1DC4745090B7} O42 - Logiciel: Free Tarot - (...) [HKLM] -- Free Tarot O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3} O42 - Logiciel: HP Product Assistant - (.Hewlett-Packard.) [HKLM] -- {36FDBE6E-6684-462B-AE98-9A39A1B200CC} O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3} O42 - Logiciel: Hercules DualPix HD Webcam - (.Hercules.) [HKLM] -- {F0CFDC72-63D2-4086-A54F-1514494394A0} O42 - Logiciel: InstantShareAlert - (.HP.) [HKLM] -- {069730C2-755A-485B-A205-27A1AAFA836A} O42 - Logiciel: J2SE Runtime Environment 5.0 Update 6 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150060} O42 - Logiciel: Java 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216015FF} O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5} O42 - Logiciel: LUMIX Simple Viewer - (...) [HKLM] -- {2CDCCE7E-55D5-40CC-AEA0-ABA54713501F} O42 - Logiciel: Lecteur Windows Media 11 - (...) [HKLM] -- Windows Media Player =>.Microsoft Corporation O42 - Logiciel: MSVC80_x86 - (.Nokia.) [HKLM] -- {212748BB-0DA5-46DE-82A1-403736DC9F27} O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F} O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Mah-Jong IV - (...) [HKLM] -- Micro Application - Mah-Jong IV O42 - Logiciel: Messager Wanadoo - (...) [HKLM] -- Messager Wanadoo.exe O42 - Logiciel: Micro Application - Patiences et Réussites - (...) [HKLM] -- Patiences et Réussites O42 - Logiciel: Microsoft AutoRoute 2002 - (.Microsoft.) [HKLM] -- {F7F2DC0A-C22E-49AD-AD37-797309A54E7B} O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009 O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5} O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB} O42 - Logiciel: MyPDFConverter - (.Secure Digital Services.) [HKLM] -- {1D76557F-04F5-4CF9-AB20-6A621B0D52D7} =>Adware.SPointer O42 - Logiciel: Nero Suite - (...) [HKLM] -- NeroMultiInstaller!UninstallKey O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {A57025CC-5F2E-4D01-B387-06DB10500D43} O42 - Logiciel: Nokia Suite - (.Nokia.) [HKLM] -- Nokia Suite O42 - Logiciel: Nokia Suite - (.Nokia.) [HKLM] -- {7964AE02-9127-42C0-A917-2CE4CD4EFE3B} O42 - Logiciel: Notification Mail - (.Orange.) [HKLM] -- MailNotifier O42 - Logiciel: Orange Inside - (.Orange.) [HKCU] -- Orange Inside O42 - Logiciel: Orange Installeur version 1.2.5.0 - (.Orange.) [HKLM] -- {D13FE823-C575-4451-AC37-E645A67AA581}_1.2.5.0 O42 - Logiciel: Orange update - (.Orange.) [HKLM] -- OrangeUpdateManager O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {DA5B2BDC-F654-4A88-A669-4D34BC7846A1} O42 - Logiciel: Package de pilotes Windows - Nokia Modem (03/05/2008 3.7) - (.Nokia.) [HKLM] -- CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A O42 - Logiciel: Package de pilotes Windows - Nokia Modem (03/13/2008 6.86.0.1) - (.Nokia.) [HKLM] -- E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693 O42 - Logiciel: PricePeep - (.betwikx LLC.) [HKLM] -- PricePeep =>Adware.PricePeep O42 - Logiciel: QuickTime - (.Apple Computer, Inc..) [HKLM] -- {50D8FFDD-90CD-4859-841F-AA1961C7767A} O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (...) [HKLM] -- SAMSUNG Mobile Modem O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem 1.0 O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem O42 - Logiciel: Samsung Mobile phone USB driver Software - (...) [HKLM] -- Samsung Mobile phone USB driver O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {C4A4722E-79F9-417C-BD72-8D359A090C97} O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A} O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} O42 - Logiciel: Shockwave - (...) [HKLM] -- Shockwave O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {CD95D125-2992-4858-B3EF-5F6FB52FBAD6} =>Toolbar.Skype O42 - Logiciel: Skype™ 5.10 - (.Skype Technologies S.A..) [HKLM] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8} O42 - Logiciel: SpeedTouch USB Software - (...) [HKLM] -- {D41FAAA9-8048-4906-86B2-9AADEA1FA0B7} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: System Checkup 3.4 - (.iolo technologies, LLC.) [HKLM] -- {4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1 O42 - Logiciel: Sélecteur d'installation de Microsoft Works Suite 2003 - (...) [HKLM] -- Works2003Setup O42 - Logiciel: TOSHIBA Bluetooth Stack for Windows by CSR and Apache - (...) [HKLM] -- {CEBB6BFB-D708-4F99-A633-BC2600E01EF6} O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM] -- {9017CEAF-BE5A-4F73-8A0E-C87E26971E55} O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} O42 - Logiciel: ToolbarFR - (.Orange.) [HKLM] -- {A047FE02-C91C-41CB-898C-4ED21B86025A} O42 - Logiciel: Unknown Device Identifier 7.00 - (.Huntersoft.) [HKLM] -- Unknown Device Identifier_is1 O42 - Logiciel: VideoLAN VLC media player 0.8.6d - (.VideoLAN Team.) [HKLM] -- VLC media player =>.VideoLAN O42 - Logiciel: VirginMega DownloadManager - (.VirginMega.) [HKLM] -- VirginMega DownloadManager O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Media Format 11 runtime - (...) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 =>.Microsoft Corporation O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP O42 - Logiciel: glindorus 2013.11.07.204448 - (.glindorus.) [HKLM] -- glindorus =>PUP.Glindorus O42 - Logiciel: msvcrt_installer - (.SAH.) [HKLM] -- {6068A42A-C1CF-45F2-9859-5DB16287FE5D} ~ Logic: 158 Scanned in 00mn 01s ---\\ HKCU & HKLM Software Keys [HKCU\Software\AVG Secure Search] =>Toolbar.AVGSearch [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\Alcatel] [HKCU\Software\AppDataLow\Avg] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Auslogics] [HKCU\Software\Avg] [HKCU\Software\Bugsplat] [HKCU\Software\CDDB] [HKCU\Software\Casino Solei] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CodeGear] [HKCU\Software\CyberLink] [HKCU\Software\Delta] [HKCU\Software\DevNet] [HKCU\Software\Digital River] [HKCU\Software\Duuqu] [HKCU\Software\EasyBits] [HKCU\Software\FIXIO PC Utilities] [HKCU\Software\Free Tarot] [HKCU\Software\GTek] [HKCU\Software\Google] [HKCU\Software\HP] [HKCU\Software\Hercules] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\JollyBear] [HKCU\Software\LdShih] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\MUSICMATCH] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Monitored] [HKCU\Software\MozillaPlugins] [HKCU\Software\Netscape] [HKCU\Software\Nokia] [HKCU\Software\NukeNabber 2.0] [HKCU\Software\ODBC] [HKCU\Software\Olympus Japan] [HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro [HKCU\Software\OrangeInside] [HKCU\Software\Orange] [HKCU\Software\PDF Suite 2012] [HKCU\Software\PMC] [HKCU\Software\Policies] [HKCU\Software\Recreasoft] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SampleView] [HKCU\Software\Samsung PC Studio] [HKCU\Software\Samsung] [HKCU\Software\SignupShield] [HKCU\Software\SkypeApps] [HKCU\Software\Skype] [HKCU\Software\Soft Enterprises] [HKCU\Software\Software] [HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKCU\Software\SysMech] [HKCU\Software\TomTom] [HKCU\Software\Toshiba] [HKCU\Software\Trolltech] [HKCU\Software\TuneUp] [HKCU\Software\TutoTag] =>Spyware.AgenceExclusive [HKCU\Software\Tutorials] =>Spyware.AgenceExclusive [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VB6Dock] [HKCU\Software\VirginMega] [HKCU\Software\WEDLMNGR] =>PUP.weDownloadManager [HKCU\Software\Winsudate] =>Adware.Gibmedia [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKCU\Software\Zylom] [HKCU\Software\glindorus] =>PUP.Glindorus [HKCU\Software\iolo] [HKCU\Software\kde.org] [HKCU\Software\keyhole.com] [HKCU\Software\lollipop] =>Adware.Lollipop [HKCU\Software\mozilla] [HKCU\Software\settings] [HKCU\Software\tuto4pc] =>PUP.Eorezo [HKCU\Software\로컬 응용 프로그램 마법사에서 생성된 응용 프로그램] [HKLM\Software\457] [HKLM\Software\781] [HKLM\Software\9e8ddfb33ae848] [HKLM\Software\AVG Security Toolbar] [HKLM\Software\Adobe] [HKLM\Software\AdwCleaner] [HKLM\Software\Ahead] [HKLM\Software\Alcatel] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\CUSTPDF Writer] [HKLM\Software\Casino Solei] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\DevNet] [HKLM\Software\Duuqu] [HKLM\Software\Europa Casino] [HKLM\Software\FRANCE TELECOM] [HKLM\Software\GPL Ghostscript] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\Hercules Technologies] [HKLM\Software\Hercules] [HKLM\Software\Hewlett-Packard] [HKLM\Software\ICE] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\Iolo] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\LEAD Technologies, Inc.] [HKLM\Software\Licenses] [HKLM\Software\Logitech] [HKLM\Software\MCCI] [HKLM\Software\MUSICMATCH] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Micro Application] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NOS] [HKLM\Software\Nokia Mobile Phones] [HKLM\Software\Nokia] [HKLM\Software\Nullsoft] [HKLM\Software\ODBC] [HKLM\Software\Orange] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\PCSuite] [HKLM\Software\PCTEL] [HKLM\Software\PTECH] [HKLM\Software\Panasonic] [HKLM\Software\PepiMK Software] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\RegisteredApplications] [HKLM\Software\SECURITOO] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Samsung Electronics Co., Ltd.] [HKLM\Software\Samsung] [HKLM\Software\Schlumberger] [HKLM\Software\SecureDigitalServices] [HKLM\Software\Skype] [HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKLM\Software\StaterTV] =>Adware.StarterTV [HKLM\Software\Systweak] [HKLM\Software\TomTom] [HKLM\Software\Toshiba] [HKLM\Software\TuneUp] [HKLM\Software\Tutorials] =>Spyware.AgenceExclusive [HKLM\Software\Uniblue] [HKLM\Software\VideoLAN] [HKLM\Software\WinPcap] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Windows] [HKLM\Software\Yahoo] [HKLM\Software\ffffffff] [HKLM\Software\mozilla.org] [HKLM\Software\mypdfconverter] [HKLM\Software\webtogo] ~ Key Software: 243 Scanned in 00mn 02s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 15/08/2013 - 17:18:41 - [402,694] ----D C:\Program Files\Adobe O43 - CFD: 16/01/2006 - 13:27:45 - [102,563] ----D C:\Program Files\Ahead O43 - CFD: 13/01/2008 - 10:45:04 - [0,440] ----D C:\Program Files\Amic Utilities O43 - CFD: 15/08/2013 - 15:09:52 - [95,365] ----D C:\Program Files\AVG O43 - CFD: 02/10/2013 - 18:29:44 - [30,509] ----D C:\Program Files\AVG Secure Search =>Toolbar.AVGSearch O43 - CFD: 22/10/2013 - 08:23:32 - [0,602] ----D C:\Program Files\Bonjour O43 - CFD: 16/01/2006 - 09:24:14 - [0] ----D C:\Program Files\ComPlus Applications O43 - CFD: 31/08/2009 - 15:42:20 - [0,001] ----D C:\Program Files\Controle Parental O43 - CFD: 27/10/2007 - 18:08:50 - [0] ----D C:\Program Files\CyberLink O43 - CFD: 07/08/2010 - 18:48:21 - [1,522] ----D C:\Program Files\DIFX O43 - CFD: 14/08/2009 - 16:03:24 - [0] ----D C:\Program Files\Dofus O43 - CFD: 09/11/2013 - 20:00:06 - [0] ----D C:\Program Files\Duuqu O43 - CFD: 22/09/2011 - 20:03:04 - [175,743] ----D C:\Program Files\eMule O43 - CFD: 09/11/2013 - 21:13:29 - [549,959] ----D C:\Program Files\Fichiers communs O43 - CFD: 11/11/2008 - 15:48:48 - [0,905] ----D C:\Program Files\File Scanner Library (Spybot - Search & Destroy) O43 - CFD: 04/11/2013 - 17:05:32 - [8,330] ----D C:\Program Files\Free Tarot O43 - CFD: 09/11/2013 - 13:05:45 - [0,984] ----D C:\Program Files\glindorus =>PUP.Glindorus O43 - CFD: 28/08/2013 - 18:16:45 - [638,125] ----D C:\Program Files\Google O43 - CFD: 16/02/2011 - 13:16:16 - [7,701] ----D C:\Program Files\GPLGS O43 - CFD: 16/01/2006 - 19:28:26 - [0,116] ----D C:\Program Files\Grisoft O43 - CFD: 15/08/2013 - 22:07:16 - [4,699] ----D C:\Program Files\GUM198.tmp O43 - CFD: 10/08/2010 - 09:49:56 - [39,225] ----D C:\Program Files\Hercules O43 - CFD: 15/02/2007 - 22:52:24 - [83,146] ----D C:\Program Files\Hewlett-Packard O43 - CFD: 08/09/2011 - 19:56:11 - [183,451] ----D C:\Program Files\HP O43 - CFD: 10/08/2010 - 09:49:32 - [32,327] --H-D C:\Program Files\InstallShield Installation Information O43 - CFD: 10/10/2013 - 00:01:07 - [6,763] ----D C:\Program Files\Internet Explorer O43 - CFD: 19/08/2013 - 16:46:07 - [11,586] ----D C:\Program Files\iolo O43 - CFD: 02/06/2010 - 12:28:06 - [205,906] ----D C:\Program Files\Java O43 - CFD: 16/01/2006 - 17:49:37 - [5,830] ----D C:\Program Files\Messager Wanadoo O43 - CFD: 09/10/2008 - 16:41:37 - [2,075] ----D C:\Program Files\Messenger O43 - CFD: 19/04/2010 - 00:36:42 - [138,274] ----D C:\Program Files\Micro Application O43 - CFD: 29/07/2013 - 18:09:51 - [0,806] ----D C:\Program Files\Microsoft O43 - CFD: 16/01/2006 - 15:24:39 - [712,421] ----D C:\Program Files\Microsoft AutoRoute O43 - CFD: 16/01/2006 - 15:33:50 - [479,463] ----D C:\Program Files\Microsoft Encarta O43 - CFD: 25/09/2011 - 17:29:13 - [0] ----D C:\Program Files\microsoft frontpage O43 - CFD: 20/12/2009 - 19:39:25 - [669,712] ----D C:\Program Files\Microsoft Office O43 - CFD: 22/09/2009 - 17:18:01 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 22/09/2009 - 17:20:55 - [2,087] ----D C:\Program Files\Microsoft Sync Framework O43 - CFD: 16/01/2006 - 11:52:09 - [0,014] ----D C:\Program Files\Microsoft Visual Studio O43 - CFD: 12/07/2011 - 08:37:06 - [6,777] ----D C:\Program Files\Microsoft Works O43 - CFD: 16/01/2006 - 15:19:29 - [6,603] ----D C:\Program Files\Microsoft Works Suite 2003 O43 - CFD: 04/08/2013 - 16:52:21 - [0,015] ----D C:\Program Files\Microsoft.NET O43 - CFD: 11/11/2008 - 15:48:47 - [0,918] ----D C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) O43 - CFD: 14/08/2013 - 18:32:29 - [0] ----D C:\Program Files\Movdap O43 - CFD: 12/08/2010 - 11:03:38 - [10,825] ----D C:\Program Files\Movie Maker O43 - CFD: 09/11/2013 - 13:25:43 - [5,693] ----D C:\Program Files\Mozilla Firefox O43 - CFD: 06/03/2009 - 21:09:44 - [0,025] ----D C:\Program Files\MSBuild O43 - CFD: 20/12/2009 - 19:38:52 - [28,414] ----D C:\Program Files\MSECache O43 - CFD: 20/09/2010 - 22:53:27 - [30,291] ----D C:\Program Files\MSN O43 - CFD: 16/01/2006 - 09:23:39 - [8,341] ----D C:\Program Files\MSN Gaming Zone O43 - CFD: 16/11/2006 - 09:35:15 - [0] ----D C:\Program Files\MSXML 4.0 O43 - CFD: 16/01/2006 - 17:15:46 - [0,354] ----D C:\Program Files\MUSICMATCH O43 - CFD: 16/02/2011 - 13:15:10 - [11,266] ----D C:\Program Files\MyPDFConverter O43 - CFD: 09/10/2008 - 16:09:22 - [3,133] ----D C:\Program Files\NetMeeting O43 - CFD: 24/06/2012 - 14:37:20 - [130,152] ----D C:\Program Files\Nokia O43 - CFD: 11/08/2009 - 04:30:53 - [0] ----D C:\Program Files\NOS O43 - CFD: 28/03/2006 - 18:10:31 - [0] ----D C:\Program Files\OLYMPUS O43 - CFD: 12/07/2011 - 08:56:57 - [6,356] ----D C:\Program Files\OpenOffice.org 3 O43 - CFD: 27/07/2011 - 15:15:38 - [243,845] ----D C:\Program Files\orange O43 - CFD: 26/08/2010 - 10:55:56 - [243,961] ----D C:\Program Files\OrangeHSS O43 - CFD: 17/12/2010 - 12:03:26 - [4,176] ----D C:\Program Files\Outlook Express =>.Microsoft Corporation O43 - CFD: 24/07/2010 - 18:26:53 - [36,049] ----D C:\Program Files\Panasonic O43 - CFD: 24/06/2012 - 14:20:59 - [14,858] ----D C:\Program Files\PC Connectivity Solution O43 - CFD: 09/11/2013 - 21:07:38 - [0,302] ----D C:\Program Files\PricePeep =>Adware.PricePeep O43 - CFD: 04/11/2006 - 12:23:28 - [69,046] ----D C:\Program Files\QuickTime O43 - CFD: 10/08/2009 - 09:23:29 - [0] ----D C:\Program Files\Rainlendar2 O43 - CFD: 06/03/2009 - 21:09:24 - [36,207] ----D C:\Program Files\Reference Assemblies O43 - CFD: 04/11/2008 - 15:36:33 - [1,351] ----D C:\Program Files\RegClean O43 - CFD: 06/11/2008 - 18:12:52 - [1,096] ----D C:\Program Files\RegCleaner O43 - CFD: 21/04/2009 - 09:46:09 - [0,366] ----D C:\Program Files\Registry Mechanic O43 - CFD: 27/02/2009 - 16:18:57 - [200,597] ----D C:\Program Files\Samsung O43 - CFD: 11/11/2008 - 15:48:48 - [2,981] ----D C:\Program Files\SDHelper (Spybot - Search & Destroy) O43 - CFD: 06/03/2009 - 10:09:55 - [57,636] ----D C:\Program Files\Securitoo O43 - CFD: 16/01/2006 - 09:26:45 - [0,003] ----D C:\Program Files\Services en ligne O43 - CFD: 11/09/2012 - 23:44:06 - [25,571] R---D C:\Program Files\Skype O43 - CFD: 09/11/2013 - 13:03:49 - [5,214] ----D C:\Program Files\Software O43 - CFD: 29/07/2013 - 18:39:18 - [66,127] ----D C:\Program Files\Spybot - Search & Destroy O43 - CFD: 22/09/2011 - 20:03:02 - [1,300] ----D C:\Program Files\TAROTPRO992 O43 - CFD: 17/11/2006 - 17:22:58 - [0,127] ----D C:\Program Files\TeamScripT V3.8 O43 - CFD: 16/01/2006 - 17:50:21 - [4,298] ----D C:\Program Files\Thomson O43 - CFD: 10/02/2007 - 13:27:52 - [432,306] ----D C:\Program Files\Tika_Hector1 O43 - CFD: 20/11/2007 - 17:31:33 - [0,004] ----D C:\Program Files\TomTom HOME O43 - CFD: 21/11/2012 - 11:59:10 - [51,179] ----D C:\Program Files\TomTom HOME 2 O43 - CFD: 06/08/2009 - 14:50:01 - [0,021] ----D C:\Program Files\TomTom International B.V O43 - CFD: 06/03/2006 - 22:49:17 - [19,076] ----D C:\Program Files\Toshiba O43 - CFD: 11/08/2006 - 19:23:14 - [1,079] ----D C:\Program Files\Ubi Soft O43 - CFD: 16/01/2006 - 09:36:38 - [0] --H-D C:\Program Files\Uninstall Information O43 - CFD: 16/02/2011 - 13:09:22 - [3,942] ----D C:\Program Files\Unknown Device Identifier O43 - CFD: 19/01/2008 - 19:43:54 - [31,889] ----D C:\Program Files\VideoLAN O43 - CFD: 17/01/2008 - 22:53:38 - [8,791] ----D C:\Program Files\VirginMega O43 - CFD: 06/03/2009 - 11:48:07 - [0,973] ----D C:\Program Files\Wanadoo O43 - CFD: 14/08/2013 - 17:38:24 - [0,449] ----D C:\Program Files\Web Cake =>Adware.WebCake O43 - CFD: 09/09/2011 - 11:03:47 - [5,167] ----D C:\Program Files\Windows Desktop Search O43 - CFD: 23/08/2011 - 08:38:57 - [132,497] ----D C:\Program Files\Windows Live O43 - CFD: 22/09/2009 - 17:12:24 - [0,234] ----D C:\Program Files\Windows Live SkyDrive O43 - CFD: 23/12/2007 - 10:28:27 - [3,415] ----D C:\Program Files\Windows Media Connect 2 O43 - CFD: 09/10/2008 - 16:09:14 - [11,106] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation O43 - CFD: 09/10/2008 - 16:09:13 - [3,760] ----D C:\Program Files\Windows NT O43 - CFD: 16/01/2006 - 10:01:25 - [0] --H-D C:\Program Files\WindowsUpdate O43 - CFD: 30/08/2012 - 09:09:03 - [0,180] ----D C:\Program Files\WinPcap O43 - CFD: 28/10/2007 - 04:30:44 - [0,002] ----D C:\Program Files\WinZip O43 - CFD: 16/01/2006 - 09:29:36 - [0] ----D C:\Program Files\xerox O43 - CFD: 16/01/2013 - 16:07:54 - [0,547] ----D C:\Program Files\Yahoo! O43 - CFD: 09/11/2013 - 22:17:18 - [17,087] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman O43 - CFD: 15/08/2013 - 17:22:00 - [26,219] ----D C:\Program Files\Fichiers communs\Adobe O43 - CFD: 22/10/2013 - 08:16:39 - [45,972] ----D C:\Program Files\Fichiers communs\Adobe AIR O43 - CFD: 16/01/2006 - 13:27:08 - [15,057] ----D C:\Program Files\Fichiers communs\Ahead O43 - CFD: 30/01/2013 - 16:26:32 - [59,706] ----D C:\Program Files\Fichiers communs\AVG Secure Search =>Toolbar.AVGSearch O43 - CFD: 16/12/2007 - 16:16:08 - [0] ----D C:\Program Files\Fichiers communs\Blizzard Entertainment O43 - CFD: 16/01/2006 - 11:52:09 - [0,082] ----D C:\Program Files\Fichiers communs\Designer O43 - CFD: 25/08/2011 - 11:08:38 - [10,316] ----D C:\Program Files\Fichiers communs\France Telecom O43 - CFD: 15/02/2007 - 19:43:58 - [0,436] ----D C:\Program Files\Fichiers communs\Hewlett-Packard O43 - CFD: 15/02/2007 - 23:00:28 - [5,300] ----D C:\Program Files\Fichiers communs\HP O43 - CFD: 07/01/2007 - 15:45:39 - [11,011] ----D C:\Program Files\Fichiers communs\InstallShield O43 - CFD: 02/06/2010 - 12:28:40 - [53,795] ----D C:\Program Files\Fichiers communs\Java O43 - CFD: 25/09/2011 - 17:46:15 - [276,355] ----D C:\Program Files\Fichiers communs\Microsoft Shared O43 - CFD: 16/01/2006 - 09:25:22 - [0,271] ----D C:\Program Files\Fichiers communs\MSSoap O43 - CFD: 09/11/2013 - 21:13:29 - [11,508] ----D C:\Program Files\Fichiers communs\Nokia O43 - CFD: 16/01/2006 - 09:03:09 - [0] ----D C:\Program Files\Fichiers communs\ODBC O43 - CFD: 16/01/2006 - 09:25:31 - [0,008] ----D C:\Program Files\Fichiers communs\Services O43 - CFD: 11/09/2012 - 23:44:06 - [2,056] ----D C:\Program Files\Fichiers communs\Skype O43 - CFD: 15/02/2007 - 23:01:48 - [0,199] ----D C:\Program Files\Fichiers communs\Sonic Shared O43 - CFD: 16/01/2006 - 09:03:06 - [3,612] ----D C:\Program Files\Fichiers communs\SpeechEngines O43 - CFD: 09/10/2008 - 16:09:06 - [28,018] ----D C:\Program Files\Fichiers communs\System O43 - CFD: 22/09/2009 - 17:03:24 - [0] ----D C:\Program Files\Fichiers communs\Windows Live O43 - CFD: 09/01/2008 - 19:44:00 - [0,039] -SH-D C:\Program Files\Fichiers communs\WindowsLiveInstaller O43 - CFD: 18/09/2013 - 07:51:47 - [278,371] ----D C:\Documents and Settings\All Users\Application Data\Adobe O43 - CFD: 22/10/2013 - 08:23:23 - [2,250] ----D C:\Documents and Settings\All Users\Application Data\Apple O43 - CFD: 04/11/2006 - 12:24:06 - [23,396] ----D C:\Documents and Settings\All Users\Application Data\Apple Computer O43 - CFD: 13/09/2012 - 11:37:09 - [0,485] ----D C:\Documents and Settings\All Users\Application Data\AVG O43 - CFD: 30/01/2013 - 16:12:06 - [8,430] ----D C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign O43 - CFD: 07/09/2013 - 21:20:25 - [7,752] ----D C:\Documents and Settings\All Users\Application Data\AVG Secure Search =>Toolbar.AVGSearch O43 - CFD: 30/01/2013 - 16:27:02 - [0] ----D C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar O43 - CFD: 08/09/2013 - 15:26:26 - [237,233] ----D C:\Documents and Settings\All Users\Application Data\AVG2013 O43 - CFD: 29/07/2012 - 09:33:24 - [500,990] ----D C:\Documents and Settings\All Users\Application Data\avg9 O43 - CFD: 09/11/2013 - 13:06:38 - [0,169] ----D C:\Documents and Settings\All Users\Application Data\BoxUpdChk =>Adware.Boxore O43 - CFD: 15/03/2011 - 16:15:22 - [0] --H-D C:\Documents and Settings\All Users\Application Data\Common Files O43 - CFD: 10/04/2010 - 22:30:45 - [0,001] ----D C:\Documents and Settings\All Users\Application Data\F-Secure O43 - CFD: 20/09/2006 - 20:01:26 - [0,007] ----D C:\Documents and Settings\All Users\Application Data\Google O43 - CFD: 28/08/2013 - 17:46:23 - [0,013] ----D C:\Documents and Settings\All Users\Application Data\Google Updater O43 - CFD: 30/03/2006 - 08:50:28 - [0,953] ----D C:\Documents and Settings\All Users\Application Data\GTek O43 - CFD: 12/09/2011 - 08:31:20 - [0,006] ----D C:\Documents and Settings\All Users\Application Data\HP O43 - CFD: 15/06/2009 - 15:44:59 - [0,009] ----D C:\Documents and Settings\All Users\Application Data\HP Product Assistant O43 - CFD: 07/08/2010 - 18:41:31 - [204,359] ----D C:\Documents and Settings\All Users\Application Data\Installations O43 - CFD: 19/08/2013 - 16:51:57 - [0,458] ----D C:\Documents and Settings\All Users\Application Data\iolo O43 - CFD: 09/11/2013 - 14:26:34 - [0,483] ----D C:\Documents and Settings\All Users\Application Data\Malwarebytes O43 - CFD: 09/11/2013 - 21:20:16 - [252,601] ----D C:\Documents and Settings\All Users\Application Data\MFAData O43 - CFD: 29/07/2013 - 18:09:51 - [86,077] -S--D C:\Documents and Settings\All Users\Application Data\Microsoft O43 - CFD: 24/09/2009 - 09:07:00 - [0] ----D C:\Documents and Settings\All Users\Application Data\MSN6 O43 - CFD: 05/11/2006 - 17:01:33 - [1,893] ----D C:\Documents and Settings\All Users\Application Data\MyCompany O43 - CFD: 24/06/2012 - 14:46:08 - [234,081] ----D C:\Documents and Settings\All Users\Application Data\Nokia O43 - CFD: 07/09/2011 - 15:04:48 - [554,812] ----D C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache O43 - CFD: 11/08/2009 - 04:30:59 - [0] ----D C:\Documents and Settings\All Users\Application Data\NOS O43 - CFD: 26/10/2013 - 17:17:50 - [94,620] ----D C:\Documents and Settings\All Users\Application Data\Orange O43 - CFD: 15/08/2013 - 00:05:37 - [0,113] ----D C:\Documents and Settings\All Users\Application Data\PC Suite O43 - CFD: 09/02/2007 - 19:52:30 - [1,846] ----D C:\Documents and Settings\All Users\Application Data\PlayTime O43 - CFD: 21/01/2008 - 20:50:00 - [1,893] ----D C:\Documents and Settings\All Users\Application Data\PopCap =>Adware.PopCap O43 - CFD: 11/09/2012 - 23:44:02 - [69,466] ----D C:\Documents and Settings\All Users\Application Data\Skype O43 - CFD: 15/02/2007 - 23:01:49 - [0,001] ----D C:\Documents and Settings\All Users\Application Data\Sonic O43 - CFD: 14/09/2013 - 22:09:00 - [0] ----D C:\Documents and Settings\All Users\Application Data\SpeedMaxPc =>PUP.SpeedMaxPc O43 - CFD: 15/05/2010 - 21:37:14 - [25,609] ----D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy O43 - CFD: 02/06/2010 - 12:28:49 - [0] ----D C:\Documents and Settings\All Users\Application Data\Sun O43 - CFD: 29/07/2012 - 17:39:57 - [229,772] ---AD C:\Documents and Settings\All Users\Application Data\TEMP O43 - CFD: 06/02/2008 - 19:33:19 - [0] ----D C:\Documents and Settings\All Users\Application Data\TomTom O43 - CFD: 15/10/2012 - 22:14:23 - [0,506] ----D C:\Documents and Settings\All Users\Application Data\TuneUp Software O43 - CFD: 21/04/2006 - 08:41:33 - [0,003] ----D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage O43 - CFD: 09/01/2008 - 19:41:12 - [0,383] ----D C:\Documents and Settings\All Users\Application Data\WLInstaller O43 - CFD: 09/02/2007 - 19:38:00 - [2,841] ----D C:\Documents and Settings\All Users\Application Data\Zylom O43 - CFD: 23/10/2012 - 23:10:52 - [0] -SH-D C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} O43 - CFD: 22/07/2013 - 22:27:46 - [24,273] -SH-D C:\Documents and Settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} O43 - CFD: 10/08/2009 - 09:21:14 - [0,261] ----D C:\Documents and Settings\Perso\Application Data\3M O43 - CFD: 16/09/2013 - 22:27:58 - [26,391] ----D C:\Documents and Settings\Perso\Application Data\Adobe O43 - CFD: 12/05/2008 - 19:42:58 - [0] ----D C:\Documents and Settings\Perso\Application Data\AdobeUM O43 - CFD: 15/12/2006 - 15:22:18 - [0,054] ----D C:\Documents and Settings\Perso\Application Data\Apple Computer O43 - CFD: 13/09/2012 - 11:33:06 - [443,759] ----D C:\Documents and Settings\Perso\Application Data\AVG O43 - CFD: 30/01/2013 - 16:26:37 - [0,189] ----D C:\Documents and Settings\Perso\Application Data\AVG Secure Search =>Toolbar.AVGSearch O43 - CFD: 15/08/2013 - 15:33:06 - [0,102] ----D C:\Documents and Settings\Perso\Application Data\AVG2013 O43 - CFD: 22/06/2010 - 04:33:34 - [0,004] ----D C:\Documents and Settings\Perso\Application Data\AVG9 O43 - CFD: 16/01/2006 - 20:27:55 - [0,005] ----D C:\Documents and Settings\Perso\Application Data\CyberLink O43 - CFD: 11/04/2006 - 09:22:09 - [0] ----D C:\Documents and Settings\Perso\Application Data\Dossier de téléchargement Share-to-Web O43 - CFD: 11/04/2006 - 09:22:09 - [0] ----D C:\Documents and Settings\Perso\Application Data\Dossier de téléchargement Share-to-Web O43 - CFD: 14/09/2013 - 21:48:10 - [0] ----D C:\Documents and Settings\Perso\Application Data\DriverCure =>PUP.DriverCure O43 - CFD: 26/10/2013 - 17:16:52 - [0,009] ----D C:\Documents and Settings\Perso\Application Data\fr.orange.assistancelivebox =>.Orange Corporation O43 - CFD: 05/11/2006 - 17:42:03 - [0] ----D C:\Documents and Settings\Perso\Application Data\funkitron O43 - CFD: 05/10/2006 - 18:52:29 - [0,056] ----D C:\Documents and Settings\Perso\Application Data\Google O43 - CFD: 29/06/2006 - 17:18:25 - [0] --H-D C:\Documents and Settings\Perso\Application Data\GTek O43 - CFD: 16/01/2006 - 20:34:17 - [0] ----D C:\Documents and Settings\Perso\Application Data\Help O43 - CFD: 27/02/2007 - 09:23:46 - [0,097] ----D C:\Documents and Settings\Perso\Application Data\HP O43 - CFD: 05/11/2012 - 09:23:42 - [0,027] ----D C:\Documents and Settings\Perso\Application Data\HpUpdate O43 - CFD: 26/11/2008 - 09:57:13 - [0,021] ----D C:\Documents and Settings\Perso\Application Data\Icone O43 - CFD: 03/11/2009 - 14:15:33 - [0,021] ----D C:\Documents and Settings\Perso\Application Data\Icones O43 - CFD: 16/01/2006 - 09:36:44 - [0] ----D C:\Documents and Settings\Perso\Application Data\Identities O43 - CFD: 15/01/2013 - 16:45:35 - [0] ----D C:\Documents and Settings\Perso\Application Data\IEXPLORE O43 - CFD: 08/09/2011 - 21:30:06 - [0,489] ----D C:\Documents and Settings\Perso\Application Data\Image Zone Express O43 - CFD: 06/02/2008 - 19:31:07 - [0] ----D C:\Documents and Settings\Perso\Application Data\InstallShield O43 - CFD: 16/07/2010 - 15:09:42 - [0,004] ----D C:\Documents and Settings\Perso\Application Data\iolo O43 - CFD: 09/02/2007 - 08:11:38 - [0,055] ----D C:\Documents and Settings\Perso\Application Data\Macromedia O43 - CFD: 09/11/2013 - 14:27:31 - [0] ----D C:\Documents and Settings\Perso\Application Data\Malwarebytes O43 - CFD: 12/08/2011 - 20:43:54 - [19,569] -S--D C:\Documents and Settings\Perso\Application Data\Microsoft O43 - CFD: 25/09/2011 - 17:29:50 - [0] ----D C:\Documents and Settings\Perso\Application Data\Microsoft Web Folders O43 - CFD: 15/08/2013 - 00:01:33 - [0] ----D C:\Documents and Settings\Perso\Application Data\Movdap O43 - CFD: 15/05/2008 - 16:00:30 - [7,653] ----D C:\Documents and Settings\Perso\Application Data\Mozilla O43 - CFD: 01/12/2010 - 17:38:40 - [0,003] ----D C:\Documents and Settings\Perso\Application Data\MSN6 O43 - CFD: 11/09/2012 - 16:01:26 - [7,780] ----D C:\Documents and Settings\Perso\Application Data\Nokia O43 - CFD: 20/07/2012 - 20:12:42 - [0,029] ----D C:\Documents and Settings\Perso\Application Data\Nokia Suite O43 - CFD: 11/05/2009 - 16:34:24 - [2,322] ----D C:\Documents and Settings\Perso\Application Data\OpenOffice.org O43 - CFD: 28/07/2012 - 10:21:59 - [12,091] ----D C:\Documents and Settings\Perso\Application Data\Orange O43 - CFD: 12/05/2011 - 12:16:30 - [0,227] ----D C:\Documents and Settings\Perso\Application Data\Panasonic O43 - CFD: 18/10/2010 - 17:26:28 - [4,662] ----D C:\Documents and Settings\Perso\Application Data\PC Suite O43 - CFD: 17/04/2012 - 14:51:05 - [38,111] ----D C:\Documents and Settings\Perso\Application Data\PDF Software O43 - CFD: 21/08/2011 - 10:13:01 - [0] ----D C:\Documents and Settings\Perso\Application Data\RegistryKeys O43 - CFD: 27/02/2009 - 16:35:54 - [1,758] ----D C:\Documents and Settings\Perso\Application Data\Samsung O43 - CFD: 04/09/2011 - 23:49:04 - [7,697] ----D C:\Documents and Settings\Perso\Application Data\Skype O43 - CFD: 04/09/2011 - 23:00:59 - [0,054] ----D C:\Documents and Settings\Perso\Application Data\skypePM O43 - CFD: 14/09/2013 - 21:48:09 - [0] ----D C:\Documents and Settings\Perso\Application Data\SpeedMaxPc =>PUP.SpeedMaxPc O43 - CFD: 03/03/2006 - 20:37:03 - [27,094] ----D C:\Documents and Settings\Perso\Application Data\Sun O43 - CFD: 14/09/2013 - 22:42:08 - [0] ----D C:\Documents and Settings\Perso\Application Data\Systweak O43 - CFD: 20/11/2007 - 17:31:55 - [5,912] ----D C:\Documents and Settings\Perso\Application Data\TomTom O43 - CFD: 06/05/2013 - 18:48:04 - [0,062] ----D C:\Documents and Settings\Perso\Application Data\TuneUp Software O43 - CFD: 28/08/2013 - 09:14:04 - [3,059] ----D C:\Documents and Settings\Perso\Application Data\U3 O43 - CFD: 19/01/2008 - 19:44:54 - [0,354] ----D C:\Documents and Settings\Perso\Application Data\vlc O43 - CFD: 14/08/2013 - 17:57:46 - [0] ----D C:\Documents and Settings\Perso\Application Data\Web Cake =>Adware.WebCake O43 - CFD: 08/09/2011 - 22:37:19 - [0] ----D C:\Documents and Settings\Perso\Application Data\Windows Desktop Search O43 - CFD: 08/09/2011 - 23:37:42 - [0] ----D C:\Documents and Settings\Perso\Application Data\Windows Search O43 - CFD: 09/11/2013 - 22:45:33 - [0,122] ----D C:\Documents and Settings\Perso\Application Data\ZHP =>.Nicolas Coolman O43 - CFD: 15/08/2013 - 17:16:57 - [18,006] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Adobe O43 - CFD: 26/01/2006 - 20:57:01 - [1,860] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Ahead O43 - CFD: 04/11/2006 - 12:27:04 - [0,008] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Apple Computer O43 - CFD: 09/11/2013 - 21:31:31 - [0,067] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\ApplicationHistory O43 - CFD: 30/01/2013 - 16:27:28 - [0,666] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\AVG Secure Search =>Toolbar.AVGSearch O43 - CFD: 15/08/2013 - 17:36:24 - [4,013] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Avg2013 O43 - CFD: 08/09/2013 - 08:30:24 - [0,102] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\avgchrome O43 - CFD: 21/11/2012 - 11:55:15 - [25,873] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Downloaded Installations O43 - CFD: 09/11/2013 - 18:43:11 - [0] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Duuqu O43 - CFD: 09/11/2013 - 14:11:48 - [0] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\eorezo =>PUP.Eorezo O43 - CFD: 24/04/2011 - 07:27:04 - [292,231] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Google O43 - CFD: 22/09/2011 - 20:03:14 - [0] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Help O43 - CFD: 15/02/2007 - 23:16:29 - [28,143] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\HP O43 - CFD: 31/03/2006 - 17:13:47 - [16,549] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Identities O43 - CFD: 15/02/2007 - 23:16:46 - [0,002] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\IsolatedStorage O43 - CFD: 30/08/2013 - 08:20:30 - [0,854] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Lollipop =>Adware.Lollipop O43 - CFD: 21/06/2013 - 23:02:51 - [9,535] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\MFAData O43 - CFD: 02/08/2013 - 16:09:07 - [244,644] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft O43 - CFD: 06/04/2006 - 14:31:18 - [0] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Mozilla O43 - CFD: 24/06/2012 - 14:46:49 - [3,374] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Nokia O43 - CFD: 03/11/2010 - 10:46:10 - [0] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\NokiaAccount O43 - CFD: 20/01/2008 - 21:32:34 - [0] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Oberon Media O43 - CFD: 10/07/2011 - 15:32:28 - [0,001] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Orange O43 - CFD: 26/10/2013 - 18:21:34 - [0] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\PackageAware O43 - CFD: 10/08/2009 - 18:03:14 - [0,001] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\RibMonTech O43 - CFD: 04/08/2013 - 16:39:54 - [164,682] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Temp O43 - CFD: 20/11/2007 - 17:31:55 - [1,936] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\TomTom O43 - CFD: 09/05/2006 - 21:32:52 - [0,004] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\Toshiba O43 - CFD: 06/07/2009 - 19:44:38 - [0] ----D C:\Documents and Settings\Perso\Local Settings\Application Data\WMTools Downloaded Files O43 - CFD: 20/12/2006 - 10:54:55 - [0,015] R---D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\Accessoires O43 - CFD: 07/08/2013 - 22:25:09 - [0] R---D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\Démarrage O43 - CFD: 01/09/2009 - 15:52:39 - [0,001] ----D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\Free Tarot O43 - CFD: 23/05/2009 - 16:26:47 - [0,001] ----D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\Micro Application O43 - CFD: 27/07/2011 - 15:16:20 - [0,002] ----D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\Orange O43 - CFD: 05/06/2006 - 19:50:29 - [0] R---D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\Outils d'administration O43 - CFD: 04/12/2008 - 19:42:15 - [0,003] ----D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\TAROT PRO 99.2 O43 - CFD: 06/02/2008 - 19:32:56 - [0,001] ----D C:\Documents and Settings\Perso\Menu Démarrer\Programmes\TomTom ~ Program Folder: 262 Scanned in 00mn 37s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.3A9A54E9FF21A4825E9B40A89674F085] - 09/11/2013 - 12:15:16 ---A- . (...) -- C:\WINDOWS\setupact.log [60] O44 - LFC:[MD5.BD8F835921AF51A93211F9EA782E970A] - 09/11/2013 - 13:05:39 ---A- . (...) -- C:\AdwCleaner[R1].txt [8894] O44 - LFC:[MD5.85B7BD5610F3431D14FF74FED4FA379C] - 09/11/2013 - 13:26:33 ---A- . (...) -- C:\AdwCleaner[s1].txt [9726] O44 - LFC:[MD5.59DA26DC9678FB87EDF7E4EB6764259E] - 09/11/2013 - 21:12:49 ---A- . (...) -- C:\WINDOWS\DPINST.LOG [6338] O44 - LFC:[MD5.C93EF4FD3ED63C6C566678A41ECDC391] - 09/11/2013 - 21:27:35 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32344] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 09/11/2013 - 21:28:44 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.BD59231DFB4F25483E006E161DA082D1] - 09/11/2013 - 21:31:33 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/11/2013 - 21:31:35 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.50D62CAD1E1D4FAE208146365F930130] - 09/11/2013 - 21:31:40 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.5DBC85D17E5ECC2F2996E3C21A24E96B] - 09/11/2013 - 21:35:48 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [2206] O44 - LFC:[MD5.E92C3C4BB4F6321250BD2AA61F53E1ED] - 09/11/2013 - 21:37:35 ---A- . (...) -- C:\WINDOWS\setupapi.log [3142] O44 - LFC:[MD5.779C80FB31334D41C41B5827917556D5] - 09/11/2013 - 21:44:21 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1081371] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/11/2013 - 22:17:20 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [0] O44 - LFC:[MD5.A397C01E9206A7A58095E940DFC3113B] - 29/10/2013 - 10:23:56 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI [1262408] O44 - LFC:[MD5.F675DFF3FD8B6316E505A75D2C55232F] - 29/10/2013 - 10:24:12 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat [81338] O44 - LFC:[MD5.37583866A76AE848E94D7A3FF024F519] - 29/10/2013 - 10:24:13 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat [484504] O44 - LFC:[MD5.7617E2F46551061F46533E72C0A789A7] - 29/10/2013 - 10:24:15 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat [103996] O44 - LFC:[MD5.20DB50028A7B44A3B36097E4CAA228CE] - 29/10/2013 - 10:24:16 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat [575724] O44 - LFC:[MD5.68460A27CB0244E7F5FF5FDD83CDE41D] - 30/10/2013 - 21:02:08 RSHA- . (...) -- C:\boot.ini [246] O44 - LFC:[MD5.75B89DB3AF9EF0D7E0DDF7E32B89A786] - 31/10/2013 - 00:01:50 ---A- . (...) -- C:\WINDOWS\wininit.ini [1926] ~ Files: 21 Scanned in 00mn 14s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.0A1270A00D48F7DF27E7DA0AF4D4AF22] - 07/11/2013 - 20:35:16 ---A- - C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf O45 - LFCP:[MD5.B404A53DE320789A3121BD34FB3D8B6A] - 09/11/2013 - 12:56:30 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1714B23E.pf O45 - LFCP:[MD5.947D460A85A87D53E0D8843B4B8F70B4] - 09/11/2013 - 15:30:27 ---A- - C:\WINDOWS\Prefetch\Layout.ini O45 - LFCP:[MD5.9367449B0444B58FB6C4BA5C855A4E0D] - 09/11/2013 - 15:53:19 ---A- - C:\WINDOWS\Prefetch\AVGIDSAGENT.EXE-3AA9B535.pf O45 - LFCP:[MD5.0523195489DB63CBDE903F4082DD23D6] - 09/11/2013 - 15:53:19 ---A- - C:\WINDOWS\Prefetch\SPOOLSV.EXE-282F76A7.pf O45 - LFCP:[MD5.25E86B8861AAAA8026EDE9E9FF107DFC] - 09/11/2013 - 15:58:44 ---A- - C:\WINDOWS\Prefetch\MBAMPT.EXE-325BB2B5.pf O45 - LFCP:[MD5.CD197A57F735EEC262825384BB49DD6B] - 09/11/2013 - 16:05:43 ---A- - C:\WINDOWS\Prefetch\MBAM-SETUP-1.75.0.1300.EXE-28068177.pf O45 - LFCP:[MD5.9AE3172FE1BF8466D7F4F143300C39AB] - 09/11/2013 - 16:06:13 ---A- - C:\WINDOWS\Prefetch\MBAM-SETUP-1.75.0.1300.TMP-1DBCA029.pf O45 - LFCP:[MD5.A011849A8665B9A35ED3B91BA0C03358] - 09/11/2013 - 16:11:34 ---A- - C:\WINDOWS\Prefetch\MBAMSERVICE.EXE-02CB9980.pf O45 - LFCP:[MD5.0D673D57F58ACA046BAD23AE177B2793] - 09/11/2013 - 18:03:53 ---A- - C:\WINDOWS\Prefetch\MAJAGEXFR.TMP-3A07E3B8.pf O45 - LFCP:[MD5.75542733E2BE694D8F5B5BA4F7E47ED7] - 09/11/2013 - 18:30:18 ---A- - C:\WINDOWS\Prefetch\INSTALLMANAGER.EXE-10BB1F36.pf O45 - LFCP:[MD5.4C42BD3DC2F5D5A23A722254242A583C] - 09/11/2013 - 18:43:05 ---A- - C:\WINDOWS\Prefetch\DUUQUUPDATESETUP.EXE-21E1E75B.pf O45 - LFCP:[MD5.D82E121F7A61AEA5D5C317F3BEE4530C] - 09/11/2013 - 18:43:15 ---A- - C:\WINDOWS\Prefetch\DUUQUUPDATE.EXE-324FAE61.pf O45 - LFCP:[MD5.36CA50CA6677F76902FF4B1F3F6024FB] - 09/11/2013 - 19:42:14 ---A- - C:\WINDOWS\Prefetch\AVGWDSVC.EXE-00C4A3CB.pf O45 - LFCP:[MD5.AD036DCC6A50025C0C3435FEE03A4480] - 09/11/2013 - 19:42:14 ---A- - C:\WINDOWS\Prefetch\MDNSRESPONDER.EXE-02F30C6E.pf O45 - LFCP:[MD5.D4F5B765F037D854346C80670BC03451] - 09/11/2013 - 19:42:18 ---A- - C:\WINDOWS\Prefetch\FTRTSVC.EXE-3AF61018.pf O45 - LFCP:[MD5.C2FE7479D4021FDF1A1F29731FC2F9E0] - 09/11/2013 - 19:42:18 ---A- - C:\WINDOWS\Prefetch\MBAMSCHEDULER.EXE-319271D7.pf O45 - LFCP:[MD5.EEC0712D36420281DFA1F5DAC66053DA] - 09/11/2013 - 19:42:24 ---A- - C:\WINDOWS\Prefetch\MBAMGUI.EXE-1286D63B.pf O45 - LFCP:[MD5.52A3E1A6EAA5CB032BDE4B3B4EEF1ECB] - 09/11/2013 - 19:42:25 ---A- - C:\WINDOWS\Prefetch\OULOOKUP.EXE-36CF8D1D.pf O45 - LFCP:[MD5.A7776BFC114B284272236A9CCC21265B] - 09/11/2013 - 19:42:26 ---A- - C:\WINDOWS\Prefetch\OUINDICATOR.EXE-3B2DAB90.pf O45 - LFCP:[MD5.B3B45D030939D83E0095E97C125432EE] - 09/11/2013 - 19:42:27 ---A- - C:\WINDOWS\Prefetch\OULAUNCHAPP.EXE-2DBF5E82.pf O45 - LFCP:[MD5.292A0FB34358D14275BDC57B576C72CC] - 09/11/2013 - 19:42:28 ---A- - C:\WINDOWS\Prefetch\NOTIFICATIONMAIL_3.3.0_NOTIFI-043CD4B3.pf O45 - LFCP:[MD5.9463FAD454C2E0701AB584A26F9A5601] - 09/11/2013 - 19:43:01 ---A- - C:\WINDOWS\Prefetch\UNINSTALLMAILNOTIFIERTMP.EXE-392A960C.pf O45 - LFCP:[MD5.31C9779C2DD9B2736DC8D8486510D8F5] - 09/11/2013 - 19:43:06 ---A- - C:\WINDOWS\Prefetch\TSKILL.EXE-0108F24A.pf O45 - LFCP:[MD5.D97BCB96E0098CBE2AAD20F1FE3982BA] - 09/11/2013 - 19:43:13 ---A- - C:\WINDOWS\Prefetch\AU_.EXE-2C41200D.pf O45 - LFCP:[MD5.E0A21015094FBC9788D64E0A0903BEDF] - 09/11/2013 - 19:45:02 ---A- - C:\WINDOWS\Prefetch\SETUPORANGEUPDATE.EXE-1ED461C6.pf O45 - LFCP:[MD5.029CB5CD37B8CF34F0FBB0BF76C7CD29] - 09/11/2013 - 19:45:56 ---A- - C:\WINDOWS\Prefetch\SETUPORANGEUPDATEMINI_G2R1_CO-284F9DF1.pf O45 - LFCP:[MD5.CBAA6014F475A4240BD20CEF0BB8485D] - 09/11/2013 - 19:46:28 ---A- - C:\WINDOWS\Prefetch\SETUPORANGEUPDATEGUI_G2R1_COR-2CA3581A.pf O45 - LFCP:[MD5.963DDDD1BEE779EF098033D86F3B9297] - 09/11/2013 - 19:47:00 ---A- - C:\WINDOWS\Prefetch\NET.EXE-01A53C2F.pf O45 - LFCP:[MD5.86D06848E1364A080F816CF637FF9A20] - 09/11/2013 - 19:47:11 ---A- - C:\WINDOWS\Prefetch\NET1.EXE-029B9DB4.pf O45 - LFCP:[MD5.069D4DCDCBB094F5D837A4FAF1C1DF73] - 09/11/2013 - 19:47:40 ---A- - C:\WINDOWS\Prefetch\NEROCHECK.EXE-092C6DFA.pf O45 - LFCP:[MD5.FDDE8E33AD2C083FA3425860A2A0DCDB] - 09/11/2013 - 19:47:51 ---A- - C:\WINDOWS\Prefetch\OUSOFTWAREMANAGER.EXE-1975BB60.pf O45 - LFCP:[MD5.5DE5EC07A5835C70634BC8AD9B8B2E81] - 09/11/2013 - 19:48:14 ---A- - C:\WINDOWS\Prefetch\DRAGDIAG.EXE-0317E0C9.pf O45 - LFCP:[MD5.E1707D5B9055B19EFE5C8D3B977BC6A4] - 09/11/2013 - 19:48:58 ---A- - C:\WINDOWS\Prefetch\SESSIONMANAGER.EXE-287366F2.pf O45 - LFCP:[MD5.38BAA3204EDB2057978FB76978B8B755] - 09/11/2013 - 19:49:04 ---A- - C:\WINDOWS\Prefetch\CAMSERVICE.EXE-2E8B63E0.pf O45 - LFCP:[MD5.85C4CD355AB75A8AE1279F69D74688B8] - 09/11/2013 - 19:49:04 ---A- - C:\WINDOWS\Prefetch\HPWUSCHD2.EXE-02F6D2DD.pf O45 - LFCP:[MD5.47B751B821862A889E7ECD68D7A06320] - 09/11/2013 - 19:49:04 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1218E1AC.pf O45 - LFCP:[MD5.0F86CDFFEC224AE1855ED33715AFDA6A] - 09/11/2013 - 19:49:06 ---A- - C:\WINDOWS\Prefetch\QTTASK.EXE-342507FB.pf O45 - LFCP:[MD5.C253D73B5D906DAD15645E8CAE9E57CE] - 09/11/2013 - 19:49:06 ---A- - C:\WINDOWS\Prefetch\VPROT.EXE-3383BE79.pf O45 - LFCP:[MD5.F733EE18190E33EAED986C0F008741C2] - 09/11/2013 - 19:49:08 ---A- - C:\WINDOWS\Prefetch\OUNOTIFICATION.EXE-13B72674.pf O45 - LFCP:[MD5.E5C3AF51CC2973B813BB506E2102A0A6] - 09/11/2013 - 19:49:41 ---A- - C:\WINDOWS\Prefetch\ADOBEARM.EXE-1095AC0A.pf O45 - LFCP:[MD5.5A242AF9631A3364B6A6F3BA4109FD72] - 09/11/2013 - 19:51:06 ---A- - C:\WINDOWS\Prefetch\MBAM.EXE-0BEE0439.pf O45 - LFCP:[MD5.0A80EF77FBA0A4EAF12ECDA900381841] - 09/11/2013 - 19:53:57 ---A- - C:\WINDOWS\Prefetch\NCLRSSRV.EXE-272D824E.pf O45 - LFCP:[MD5.69634B896CE48C3803FCB71BBC20E883] - 09/11/2013 - 19:59:51 ---A- - C:\WINDOWS\Prefetch\DUUQUUPDATE.EXE-385D0B0C.pf O45 - LFCP:[MD5.732D7A2463DE7AE192A017E52EE78C00] - 09/11/2013 - 20:26:47 ---A- - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf O45 - LFCP:[MD5.874D70BBC9D76AE1AEAD42D6D34CEB49] - 09/11/2013 - 20:26:47 ---A- - C:\WINDOWS\Prefetch\MMC.EXE-1EF9AA05.pf O45 - LFCP:[MD5.EB4EF5F4942A87DCED93EBE24F1C8347] - 09/11/2013 - 20:28:08 ---A- - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf O45 - LFCP:[MD5.50A907F688F232A4FBC0AA712E2F66D4] - 09/11/2013 - 20:54:20 ---A- - C:\WINDOWS\Prefetch\UPSTV_FR_8.EXE-20C204E8.pf O45 - LFCP:[MD5.9BE419E35863E07A9286F652DFD10997] - 09/11/2013 - 20:54:58 ---A- - C:\WINDOWS\Prefetch\MAJAGEXFR.EXE-1C0CBF97.pf O45 - LFCP:[MD5.2232E2326F51D5257E64CBE891455647] - 09/11/2013 - 20:55:01 ---A- - C:\WINDOWS\Prefetch\MAJAGEXFR.TMP-271778B3.pf O45 - LFCP:[MD5.7EA6CE39E78B1C22F74C843F0DB2D09F] - 09/11/2013 - 21:03:41 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4489B61B.pf O45 - LFCP:[MD5.921314CB4E4935CD33FF3DC34111132C] - 09/11/2013 - 21:05:53 ---A- - C:\WINDOWS\Prefetch\INSTALLMANAGER.EXE-2DE6E72D.pf O45 - LFCP:[MD5.8B8A7910F6982D6A9027AA347F9DB1E1] - 09/11/2013 - 21:06:33 ---A- - C:\WINDOWS\Prefetch\PRICEPEEP_510001_0101.EXE-29D350F3.pf =>Adware.PricePeep O45 - LFCP:[MD5.16D00475A19C4AF861EAAB7756861DBC] - 09/11/2013 - 21:06:36 ---A- - C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf O45 - LFCP:[MD5.9189959FCDDEC056C5E2CFB65F7894E7] - 09/11/2013 - 21:07:37 ---A- - C:\WINDOWS\Prefetch\INSTALLUTIL.EXE-11853084.pf O45 - LFCP:[MD5.93ED288D7709CFA4E9B5D5A7DFE90AAB] - 09/11/2013 - 21:08:06 ---A- - C:\WINDOWS\Prefetch\WAJAM_VALIDATE.EXE-2E2D19EE.pf =>Toolbar.Wajam O45 - LFCP:[MD5.D42945F9A5453D47685FC5FCF070F1A9] - 09/11/2013 - 21:08:15 ---A- - C:\WINDOWS\Prefetch\UNINS000.EXE-15535578.pf O45 - LFCP:[MD5.3FA70A0411C0DB505569A8FA78E48AEE] - 09/11/2013 - 21:08:23 ---A- - C:\WINDOWS\Prefetch\PACKAGE_ADDLYRICS_OFFER_MULTI-38EFD06F.pf =>Adware.AddLyrics O45 - LFCP:[MD5.68F3722287AB6F32FECC84A8AEFF7BF4] - 09/11/2013 - 21:08:25 ---A- - C:\WINDOWS\Prefetch\PACKAGE_ADDLYRICS_OFFER_MULTI-3B7B28CA.pf =>Adware.AddLyrics O45 - LFCP:[MD5.D80E6DC0F3C570188BA50EF005172DB1] - 09/11/2013 - 21:09:38 ---A- - C:\WINDOWS\Prefetch\LYRICSPACK.EXE-1A23EF69.pf =>Adware.AddLyrics O45 - LFCP:[MD5.BFA7F28B80409A7518EFB0CA341CCD0D] - 09/11/2013 - 21:11:23 ---A- - C:\WINDOWS\Prefetch\NOKIA_PC_SUITE_FRE.EXE-04C196A2.pf O45 - LFCP:[MD5.5905F6D38B7AA4430151B4D03596616A] - 09/11/2013 - 21:11:33 ---A- - C:\WINDOWS\Prefetch\MSI31.TMP-20191AC5.pf O45 - LFCP:[MD5.A3170BC09457722A7819FFC199A83378] - 09/11/2013 - 21:12:40 ---A- - C:\WINDOWS\Prefetch\MSI33.TMP-354C6A37.pf O45 - LFCP:[MD5.0748B7BBB47003124BFE57C104756BD6] - 09/11/2013 - 21:13:04 ---A- - C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf O45 - LFCP:[MD5.30BFA8CCAF2A62BB4D0D5FFEC3D6CCFA] - 09/11/2013 - 21:15:35 ---A- - C:\WINDOWS\Prefetch\_IU14D2N.TMP-0664C8DE.pf O45 - LFCP:[MD5.9BD2A36CD0CE361ACC598F5B7C488BB1] - 09/11/2013 - 21:20:22 ---A- - C:\WINDOWS\Prefetch\AVGMFAPX.EXE-021BCBDE.pf O45 - LFCP:[MD5.7E3AF5C7A63093595975F111B3A54981] - 09/11/2013 - 21:26:05 ---A- - C:\WINDOWS\Prefetch\AVGUI.EXE-02705C04.pf O45 - LFCP:[MD5.8AC2371C3820D7DFE387B12D71E1A397] - 09/11/2013 - 21:31:02 ---A- - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:[MD5.3543E256F77D34C9C9F94881B38BFBD6] - 09/11/2013 - 21:31:03 ---A- - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf O45 - LFCP:[MD5.EF932E29F988E940E1201687B70EC028] - 09/11/2013 - 21:31:04 ---A- - C:\WINDOWS\Prefetch\DEDICARZSERVICE.EXE-028A2996.pf O45 - LFCP:[MD5.FF8B3CFA9FB8434275C28AB56BE90636] - 09/11/2013 - 21:31:04 ---A- - C:\WINDOWS\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-3629C61D.pf =>Toolbar.Google O45 - LFCP:[MD5.6DB08F82271F6589A7A93E3A0A65CD52] - 09/11/2013 - 21:31:04 ---A- - C:\WINDOWS\Prefetch\MSCORSVW.EXE-1366B4F5.pf O45 - LFCP:[MD5.0ED17BFF77D15E39208C225574AA513D] - 09/11/2013 - 21:31:04 ---A- - C:\WINDOWS\Prefetch\MSMSGS.EXE-2B6052DE.pf O45 - LFCP:[MD5.D29622B4810B170DAB38D65650A1EA52] - 09/11/2013 - 21:31:04 ---A- - C:\WINDOWS\Prefetch\NOKIASUITE.EXE-1471BF38.pf O45 - LFCP:[MD5.57DDC3CB2C3B610636D617351BC31AA8] - 09/11/2013 - 21:31:04 ---A- - C:\WINDOWS\Prefetch\ORANGEINSIDE.EXE-2DEBFDB6.pf O45 - LFCP:[MD5.4F6A862524405D8C2C06E372D04D73DB] - 09/11/2013 - 21:31:04 ---A- - C:\WINDOWS\Prefetch\READER_SL.EXE-089975CC.pf O45 - LFCP:[MD5.DEC1563AF78EEB5BDF121024DC53D23F] - 09/11/2013 - 21:31:04 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-442074F1.pf O45 - LFCP:[MD5.868B2FBEC80C9FD4A7CD89918BDF2D55] - 09/11/2013 - 21:31:04 ---A- - C:\WINDOWS\Prefetch\TOSBTMNG1.EXE-01605D64.pf O45 - LFCP:[MD5.7AC8CA07D28D300BEE72A2343406E24A] - 09/11/2013 - 21:31:05 ---A- - C:\WINDOWS\Prefetch\ADOBE GAMMA LOADER.EXE-0A47CFD1.pf O45 - LFCP:[MD5.84D827D5363A82171758D843B658FBB6] - 09/11/2013 - 21:31:06 ---A- - C:\WINDOWS\Prefetch\HPQTHB08.EXE-060DCF16.pf O45 - LFCP:[MD5.E7815F7C56FCEE864250EB092C0B335A] - 09/11/2013 - 21:31:06 ---A- - C:\WINDOWS\Prefetch\HPQTRA08.EXE-17E37E7E.pf O45 - LFCP:[MD5.FEBF7818150680EDC2EA2B707D1D74CB] - 09/11/2013 - 21:31:08 ---A- - C:\WINDOWS\Prefetch\TOSBTMNG.EXE-33568774.pf O45 - LFCP:[MD5.6A6A4C7C3843CC04AEA91154CC042409] - 09/11/2013 - 21:31:09 ---A- - C:\WINDOWS\Prefetch\PHLEAUTORUN.EXE-15B88BA5.pf O45 - LFCP:[MD5.0F8307B6E69698C93B3D178E095AE711] - 09/11/2013 - 21:31:14 ---A- - C:\WINDOWS\Prefetch\WINDOWSSEARCH.EXE-20C0F767.pf O45 - LFCP:[MD5.B56347C7393FBDA3F7FF45FCC6964AEE] - 09/11/2013 - 21:31:16 ---A- - C:\WINDOWS\Prefetch\GOOGLEUPDATERSERVICE.EXE-3AB369BE.pf O45 - LFCP:[MD5.5C42126F9CD0456ABBF02B93781AC552] - 09/11/2013 - 21:31:16 ---A- - C:\WINDOWS\Prefetch\MDM.EXE-1EFE14A5.pf O45 - LFCP:[MD5.209D5AC6CC1556D014A907B6FEA4F4AD] - 09/11/2013 - 21:31:17 ---A- - C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-27588DA3.pf O45 - LFCP:[MD5.5B765B1666829E64A1C146FD0BAEDDFF] - 09/11/2013 - 21:31:18 ---A- - C:\WINDOWS\Prefetch\OUCORE.EXE-10371D4D.pf O45 - LFCP:[MD5.469D172E0BAB293BDB90CAFD074B3FFA] - 09/11/2013 - 21:31:21 ---A- - C:\WINDOWS\Prefetch\AVGNSX.EXE-290E4141.pf O45 - LFCP:[MD5.D4C520D5254301CD866247CC4C08F133] - 09/11/2013 - 21:31:21 ---A- - C:\WINDOWS\Prefetch\PCTSPK.EXE-3B895960.pf O45 - LFCP:[MD5.8AB33D686590676BF463B6ECD8A81148] - 09/11/2013 - 21:31:21 ---A- - C:\WINDOWS\Prefetch\TOSA2DP.EXE-2CD6EF15.pf O45 - LFCP:[MD5.46730A17BC19A09E25482B5CEE34B2E2] - 09/11/2013 - 21:31:22 ---A- - C:\WINDOWS\Prefetch\HPZIPM12.EXE-145E7369.pf O45 - LFCP:[MD5.98CD2BB1009C8690C5C25F5E288A838D] - 09/11/2013 - 21:31:22 ---A- - C:\WINDOWS\Prefetch\SOFTWAREUPDATE.EXE-36CCAB7B.pf O45 - LFCP:[MD5.7899AF190208C880E458EFD6D2CC4496] - 09/11/2013 - 21:31:22 ---A- - C:\WINDOWS\Prefetch\TOSBTHSP.EXE-16937FCE.pf O45 - LFCP:[MD5.D4D5C9E6E017DCB845F8C65250135AE5] - 09/11/2013 - 21:31:22 ---A- - C:\WINDOWS\Prefetch\UPDATER.EXE-23F4D955.pf O45 - LFCP:[MD5.250B06F118AC8C42745C36E88C3C1D75] - 09/11/2013 - 21:31:28 ---A- - C:\WINDOWS\Prefetch\AVGCSRVX.EXE-1D2A6D14.pf O45 - LFCP:[MD5.6768FC0A4BDDCBE306C1A1DAE5EF9C25] - 09/11/2013 - 21:31:36 ---A- - C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf O45 - LFCP:[MD5.20D691B63317373470B8339F391DF9E5] - 09/11/2013 - 21:31:38 ---A- - C:\WINDOWS\Prefetch\HPQIMZONE.EXE-038F0838.pf O45 - LFCP:[MD5.FD2440362E961B5767967DE2340F6E37] - 09/11/2013 - 21:31:55 ---A- - C:\WINDOWS\Prefetch\UPDATEGLINDORUS.EXE-030F597D.pf =>PUP.Glindorus O45 - LFCP:[MD5.5B1E107685EEB38F4D6EE22B38798003] - 09/11/2013 - 21:32:29 ---A- - C:\WINDOWS\Prefetch\TOOLBARUPDATER.EXE-18227723.pf O45 - LFCP:[MD5.681B61916ED9959418BEB99D535D9D6C] - 09/11/2013 - 21:32:34 ---A- - C:\WINDOWS\Prefetch\SEARCHINDEXER.EXE-1AD3307F.pf O45 - LFCP:[MD5.A8900AC1913B39B52D56FB4EACBD9EDF] - 09/11/2013 - 21:32:41 ---A- - C:\WINDOWS\Prefetch\LOGGINGSERVER.EXE-26A00963.pf O45 - LFCP:[MD5.B507A42682D085D991BE0D3517869949] - 09/11/2013 - 21:33:02 ---A- - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf O45 - LFCP:[MD5.13277D96F1370CB3DB9F07F18CEC870F] - 09/11/2013 - 21:33:17 ---A- - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf O45 - LFCP:[MD5.40907E8397A53FBB809905578FE2F959] - 09/11/2013 - 21:33:25 ---A- - C:\WINDOWS\Prefetch\FIXCFG.EXE-3624A3E2.pf O45 - LFCP:[MD5.7D6AE4E4F44EAEA35A4AB54532B05A47] - 09/11/2013 - 21:34:10 ---A- - C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf O45 - LFCP:[MD5.87A54C95222413BA0E164A4A11FF642F] - 09/11/2013 - 21:34:18 ---A- - C:\WINDOWS\Prefetch\HPQSTE08.EXE-18A7280B.pf O45 - LFCP:[MD5.5179883CB43216B009C48AE55C9F86AF] - 09/11/2013 - 21:34:26 ---A- - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf O45 - LFCP:[MD5.D71C098C42A08884AAEB1BA2741E1226] - 09/11/2013 - 21:35:48 ---A- - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf O45 - LFCP:[MD5.27E13F05343B2DD0899E58353A068329] - 09/11/2013 - 21:37:13 ---A- - C:\WINDOWS\Prefetch\AVGDIAGEX.EXE-2AFDF178.pf O45 - LFCP:[MD5.CE166B91ED3B9BB294367E6E1D484708] - 09/11/2013 - 21:37:22 ---A- - C:\WINDOWS\Prefetch\SERVICELAYER.EXE-191F07A8.pf O45 - LFCP:[MD5.8F422DBFBD6652E752E5CF4EED2BF3BF] - 09/11/2013 - 21:37:32 ---A- - C:\WINDOWS\Prefetch\NCLINSTALLER.EXE-35BFFB75.pf O45 - LFCP:[MD5.C968C6D125FCE074346FAE371A6211D0] - 09/11/2013 - 21:37:39 ---A- - C:\WINDOWS\Prefetch\NCLUSBSRV.EXE-104CBA51.pf O45 - LFCP:[MD5.BBA345BEBEE49BCD884431B5450018C7] - 09/11/2013 - 21:37:52 ---A- - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf O45 - LFCP:[MD5.E13E427A60F20E9FC228F4D89F992E91] - 09/11/2013 - 21:39:22 ---A- - C:\WINDOWS\Prefetch\NCLMSBTSRV.EXE-07359B9E.pf O45 - LFCP:[MD5.14CC0AF71CFDCF92F915857DB338D516] - 09/11/2013 - 21:39:38 ---A- - C:\WINDOWS\Prefetch\NCLTOBTSRV.EXE-393630CF.pf O45 - LFCP:[MD5.EDDD31B8F33F6DC51195A888ED918B40] - 09/11/2013 - 21:41:10 ---A- - C:\WINDOWS\Prefetch\HPRBLOG.EXE-16B72A6F.pf O45 - LFCP:[MD5.CA4D6FEB0FB36B52C8830203BF55552E] - 09/11/2013 - 21:41:37 ---A- - C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf O45 - LFCP:[MD5.A7422E6C8169B1B97BCB2EC220F34A38] - 09/11/2013 - 21:42:59 ---A- - C:\WINDOWS\Prefetch\HPQPPROP.EXE-09AA9678.pf O45 - LFCP:[MD5.DABA3F276320A8B866827DE44F8C6071] - 09/11/2013 - 21:43:02 ---A- - C:\WINDOWS\Prefetch\HPQTBX01.EXE-28FA88E4.pf O45 - LFCP:[MD5.6F3FA79D6CB8E09E9D7B2BDD3AF8DF1D] - 09/11/2013 - 21:43:36 ---A- - C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf O45 - LFCP:[MD5.FDE239E82F730CFD52BF64CF2FEA5FD1] - 09/11/2013 - 21:46:17 ---A- - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf O45 - LFCP:[MD5.C30EBE93985268B8638E46108BD981E8] - 09/11/2013 - 21:48:10 ---A- - C:\WINDOWS\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-34BC5027.pf O45 - LFCP:[MD5.2408171E3302CF8A003591051F61CE60] - 09/11/2013 - 22:19:33 ---A- - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf O45 - LFCP:[MD5.8F64D64C361D8E881F2B274FDE9331E3] - 09/11/2013 - 22:19:37 ---A- - C:\WINDOWS\Prefetch\SEARCHPROTOCOLHOST.EXE-34E0253A.pf O45 - LFCP:[MD5.516E460043A9BF2EA363BD8310A5B9DD] - 09/11/2013 - 22:19:39 ---A- - C:\WINDOWS\Prefetch\SEARCHFILTERHOST.EXE-148579FB.pf O45 - LFCP:[MD5.130A22DCEB035808A55BD53839F4B37A] - 09/11/2013 - 22:31:44 ---A- - C:\WINDOWS\Prefetch\SCRIPTHELPER.EXE-2B9FD180.pf O45 - LFCP:[MD5.15C213CDC29187003895356EAC1D9117] - 09/11/2013 - 22:34:38 ---A- - C:\WINDOWS\Prefetch\AVGCMGR.EXE-2CB174F9.pf O45 - LFCP:[MD5.427B1BEB3C1A8C6772258ACFF1983448] - 09/11/2013 - 22:41:50 ---A- - C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-1E123D86.pf O45 - LFCP:[MD5.ADB6BF3C49F187BF62ACE869FB85CD5E] - 09/11/2013 - 22:42:48 ---A- - C:\WINDOWS\Prefetch\HPQUSGH.EXE-0FFFF703.pf ~ Prefetcher: 130 Scanned in 00mn 03s ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\rundll32.exe" [Enabled] Clé orpheline O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dpvsetup.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\dpvsetup.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\mmc.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\mmc.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\rtcshare.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\rtcshare.exe O47 - AAKE:Key Export SP - "C:\Program Files\NetMeeting\conf.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\NetMeeting\conf.exe O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\iexplore.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe O47 - AAKE:Key Export SP - "C:\Program Files\Hercules\Hercules DualPix HD Webcam\Station2.exe" [Enabled] .(.Guillemot Corporation S.A..) -- C:\Program Files\Hercules\Hercules DualPix HD Webcam\Station2.exe O47 - AAKE:Key Export SP - "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA.) -- C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Earth\client\googleearth.exe" [Enabled] .(.Google.) -- C:\Program Files\Google\Google Earth\client\googleearth.exe =>.Google Inc O47 - AAKE:Key Export SP - "E:\fscommand\CKSocketServer.exe" [Enabled] .(...) -- E:\fscommand\CKSocketServer.exe (.not file.) O47 - AAKE:Key Export SP - "D:\fscommand\CKSocketServer.exe" [Enabled] .(...) -- D:\fscommand\CKSocketServer.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P..) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P..) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P..) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" [Enabled] .(..) -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Hewlett-Packard.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" [Enabled] .(.Hewlett-Packard.) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" [Enabled] .(.Hewlett-Packard.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P..) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" [Enabled] .(.Hewlett-Packard Development Company, L.P..) -- C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe O47 - AAKE:Key Export SP - "C:\Program Files\orange\Assistance Livebox\dist\ST2.exe" [Enabled] .(.Orange.) -- C:\Program Files\orange\Assistance Livebox\dist\ST2.exe O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG2013\avgmfapx.exe" [Enabled] .(.AVG Technologies CZ, s.r.o..) -- C:\Program Files\AVG\AVG2013\avgmfapx.exe O47 - AAKE:Key Export SP - "C:\Program Files\orange\OrangeUpdate\Service\OUCore.exe" [Enabled] .(.Orange SA.) -- C:\Program Files\orange\OrangeUpdate\Service\OUCore.exe O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc..) -- C:\Program Files\Bonjour\mDNSResponder.exe O47 - AAKE:Key Export SP - "C:\Program Files\orange\Assistance Livebox\dedicarz\DedicarzService.exe" [Enabled] .(..) -- C:\Program Files\orange\Assistance Livebox\dedicarz\DedicarzService.exe O47 - AAKE:Key Export SP - "C:\Program Files\orange\Assistance Livebox\dedicarz\LiveboxManager.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\orange\Assistance Livebox\dedicarz\LiveboxManager.exe O47 - AAKE:Key Export SP - "C:\Program Files\orange\Assistance Livebox\dedicarz\PluginLivebox.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\orange\Assistance Livebox\dedicarz\PluginLivebox.exe O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG2013\avgnsx.exe" [Enabled] .(.AVG Technologies CZ, s.r.o..) -- C:\Program Files\AVG\AVG2013\avgnsx.exe O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG2013\avgdiagex.exe" [Enabled] .(.AVG Technologies CZ, s.r.o..) -- C:\Program Files\AVG\AVG2013\avgdiagex.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe ~ Keys Export: 43 Scanned in 00mn 01s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\system32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\WINDOWS\system32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\system32\wdigest.dll ~ LSA: 6 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys ~ CSB: 23 Scanned in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ IFEO: Scanned in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{5b3569c4-0925-11dd-bbbd-0090d0c82858}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\System32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"L3CODECA.ACM"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\L3CODECA.ACM O52 - TDSD: \drivers.desc\"tssoft32.acm"="DSP Group TrueSpeech Audio CODEC" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm O52 - TDSD: \drivers.desc\"ir32_32.dll"="Indeo codec by Intel" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \drivers.desc\"ir41_32.ax"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax ~ TDSD: 16 Scanned in 00mn 00s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\InCD [Key] . (.Ahead Software AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe ~ SMSR Keys: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ~ MSCP: 6 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0 ~ MWPS: 6 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"= O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 ~ MWPE Keys: 4 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.819BF44085104BE6527B86A88ACF856B] - 04/08/2004 - 06:32:31 ---A- . (.VIA Technologies, Inc. - VIA Audio WDM Driver.) -- C:\WINDOWS\system32\Drivers\ac97via.sys [84480] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/09/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] ~ Drivers: 6 Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 06/11/2013 - 22:46:44 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Adobe\Acrobat\11.0\JSCache\GlobSettings [24] O61 - LFC: 06/11/2013 - 22:46:44 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Adobe\Acrobat\11.0\ReaderMessages [25600] O61 - LFC: 06/11/2013 - 22:46:44 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Adobe\Acrobat\11.0\Security\CRLCache\48B76449F3D5FEFA1133AA805E420F0FCA643651.crl [898] O61 - LFC: 06/11/2013 - 22:46:44 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Adobe\Acrobat\11.0\Security\CRLCache\A9B8213768ADC68AF64FCC6409E8BE414726687F.crl [36163] O61 - LFC: 06/11/2013 - 22:46:44 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Adobe\Acrobat\11.0\Security\services_rdr.dat [10240] O61 - LFC: 06/11/2013 - 22:46:44 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Adobe\Acrobat\11.0\Security\services_rdri.dat [24152] O61 - LFC: 06/11/2013 - 22:46:44 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Adobe\Acrobat\11.0\Security\services_rdrk.dat [180] O61 - LFC: 06/11/2013 - 22:46:46 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\Content\0797C381B2F87EB5A1D5573BD15BA4F4 [37213] O61 - LFC: 06/11/2013 - 22:46:47 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\MetaData\0797C381B2F87EB5A1D5573BD15BA4F4 [132] O61 - LFC: 06/11/2013 - 22:46:48 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\Office\Fichiers récents\LOGO dden.lnk [490] O61 - LFC: 06/11/2013 - 22:46:48 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\Office\Fichiers récents\LOGO.lnk [370] O61 - LFC: 06/11/2013 - 22:46:48 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\Office\Word10.pip [1928] O61 - LFC: 06/11/2013 - 22:46:48 --H-- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\Office\Fichiers récents\index.dat [1726] O61 - LFC: 06/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\AYSOHFZ1.txt [656] O61 - LFC: 06/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Adobe\Acrobat\11.0\AdobeCMapFnt11.lst [512] O61 - LFC: 06/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Adobe\Acrobat\11.0\AdobeComFnt11.lst [34042] O61 - LFC: 06/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Adobe\Acrobat\11.0\Cache\AcroFnt11.lst [8244] O61 - LFC: 06/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Adobe\Acrobat\11.0\Cache\RdLang_rdlang32.fra [12195328] O61 - LFC: 06/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Adobe\Acrobat\11.0\SharedDataEvents [3072] O61 - LFC: 06/11/2013 - 22:47:14 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Adobe\Acrobat\11.0\UserCache.bin [84698] O61 - LFC: 06/11/2013 - 22:47:14 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Avg2013\log\avgmsgdisp.log.1 [131172] O61 - LFC: 06/11/2013 - 22:47:14 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Avg2013\log\avgui.log.2 [131083] O61 - LFC: 06/11/2013 - 22:47:21 -SHA- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\acrord32_sbx\Cookies\index.dat [16384] O61 - LFC: 06/11/2013 - 22:47:21 -SHA- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\acrord32_sbx\Fichiers Internet temporaires\Content.IE5\index.dat [32768] O61 - LFC: 06/11/2013 - 22:47:21 -SHA- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\acrord32_sbx\History\History.IE5\index.dat [16384] O61 - LFC: 06/11/2013 - 22:47:34 ---A- . (...) -- C:\Documents and Settings\Perso\Recent\DDEN.lnk [352] O61 - LFC: 06/11/2013 - 22:47:34 ---A- . (...) -- C:\Documents and Settings\Perso\Recent\courrier aux prés ' quad.).lnk [645] O61 - LFC: 06/11/2013 - 22:47:34 ---A- . (...) -- C:\Documents and Settings\Perso\Recent\dden_logo[1].lnk [575] O61 - LFC: 06/11/2013 - 22:47:35 ---A- . (...) -- C:\Documents and Settings\Perso\Recent\LOGO dden.lnk [560] O61 - LFC: 06/11/2013 - 22:47:35 ---A- . (...) -- C:\Documents and Settings\Perso\Recent\LOGO.lnk [352] O61 - LFC: 07/11/2013 - 22:47:14 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Avg2013\log\avgcfg.log.1 [65591] O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\272512937d9e61a4.fb [630] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\272512937d9e61a4__exp__1384085924 [630] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\28bc8f716fd76a47.fb [1291] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\28bc8f716fd76a47__exp__1384085923 [1291] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\32c84fe32bb74d60.fb [661] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\32c84fe32bb74d60__exp__1384085925 [661] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\3927e21b4337933d.fb [13087] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\3927e21b4337933d__exp__1384085922 [13087] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\590ba23ce359fd0c.fb [639] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\590ba23ce359fd0c__exp__1384085925 [639] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\651c5d3cdbfb8bd1.fb [627] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\651c5d3cdbfb8bd1__exp__1384085924 [627] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\6c59ac5e7e7a3ad0.fb [398] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\6c59ac5e7e7a3ad0__exp__1384085924 [398] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\6d03dad1035885d3.fb [668] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\6d03dad1035885d3__exp__1384085926 [668] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\935ee77178548e84.fb [6067] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\935ee77178548e84__exp__1384085923 [6067] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\ad10a52aff5e038d.fb [366] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\ad10a52aff5e038d__exp__1384085923 [366] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\c1fa887b03019701.fb [663] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\c1fa887b03019701__exp__1384085926 [663] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:45 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\c4d28dca2e7648be.fb [586] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:46 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\c4d28dca2e7648be__exp__1384085923 [586] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:46 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\d201ef9910cd39de.fb [1045] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:46 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\d201ef9910cd39de__exp__1384085924 [1045] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:46 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\f998975c9cc711ee.fb [1071] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:46 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG Secure Search\cache\f998975c9cc711ee__exp__1384085925 [1071] =>Toolbar.AVGSearch O61 - LFC: 09/11/2013 - 22:46:46 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG2013\cfgall\userawacs.cfg [36700] O61 - LFC: 09/11/2013 - 22:46:46 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\AVG2013\cfgall\userguistate.cfg [69540] O61 - LFC: 09/11/2013 - 22:46:46 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\HP\CRMLogs\BrandAuthentication.htm [4770] O61 - LFC: 09/11/2013 - 22:46:46 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [506] O61 - LFC: 09/11/2013 - 22:46:46 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\Content\398EE64D66758B5715368AA94044B13A [1754] O61 - LFC: 09/11/2013 - 22:46:46 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\Content\616AD1AB067CFD351D6C0EF6F3E12F40 [535] O61 - LFC: 09/11/2013 - 22:46:46 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\Content\62B5AF9BE9ADC1085C3C56EC07A82BF6 [112875] O61 - LFC: 09/11/2013 - 22:46:46 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\Content\C27229390F3F6926292942FB717A1F0F [7032] O61 - LFC: 09/11/2013 - 22:46:46 -SHA- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\Credentials\S-1-5-21-1202660629-492894223-1343024091-1003\Credentials [1356] O61 - LFC: 09/11/2013 - 22:46:47 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\MetaData\398EE64D66758B5715368AA94044B13A [110] O61 - LFC: 09/11/2013 - 22:46:47 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\MetaData\616AD1AB067CFD351D6C0EF6F3E12F40 [134] O61 - LFC: 09/11/2013 - 22:46:47 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\MetaData\62B5AF9BE9ADC1085C3C56EC07A82BF6 [124] O61 - LFC: 09/11/2013 - 22:46:47 -S-A- . (...) -- C:\Documents and Settings\Perso\Application Data\Microsoft\CryptnetUrlCache\MetaData\C27229390F3F6926292942FB717A1F0F [120] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\crypv.oi [310] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\menuWin.xml [924] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\menuWin\email.bmp [822] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\menuWin\orange.bmp [822] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\menuWin\search.bmp [822] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\menuWin\sms.bmp [822] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\AddFavorites_html\AddFavorites.html [392] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\orange_html\orange.html [334] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html [534] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\sendmail_html\sendmail.html [335] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\sendsms_html\sendsms.html [379] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html [524] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html [540] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\src\translate_html\translate.html [395] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (.Orange.) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\OIExt.dll [190976] O61 - LFC: 09/11/2013 - 22:46:50 ---A- . (.Orange.) -- C:\Documents and Settings\Perso\Application Data\Orange\OrangeInside\try.txt [190976] O61 - LFC: 09/11/2013 - 22:46:51 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\PC Suite\Settings\PCCSConfig.dat [446] O61 - LFC: 09/11/2013 - 22:46:56 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\ZHP\Log.txt [53044] =>.Nicolas Coolman O61 - LFC: 09/11/2013 - 22:46:56 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\ZHP\TestsZHPDiag.txt [3256] =>.Nicolas Coolman O61 - LFC: 09/11/2013 - 22:46:57 ---A- . (...) -- C:\Documents and Settings\Perso\Application Data\ZHP\ZHPDiag.txt [75309] =>.Nicolas Coolman O61 - LFC: 09/11/2013 - 22:47:09 ---A- . (...) -- C:\Documents and Settings\Perso\Bureau\ZHPDiag.lnk [1523] =>.Nicolas Coolman O61 - LFC: 09/11/2013 - 22:47:09 ---A- . (...) -- C:\Documents and Settings\Perso\Bureau\ZHPFix.lnk [1628] =>.Nicolas Coolman O61 - LFC: 09/11/2013 - 22:47:09 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\008HARUY.txt [501] O61 - LFC: 09/11/2013 - 22:47:09 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\0N0GEQSL.txt [330] O61 - LFC: 09/11/2013 - 22:47:09 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\1RGVCE6K.txt [549] O61 - LFC: 09/11/2013 - 22:47:09 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\1WVE22N9.txt [961] O61 - LFC: 09/11/2013 - 22:47:09 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\226KW6TS.txt [190] O61 - LFC: 09/11/2013 - 22:47:09 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\396VMCX3.txt [88] O61 - LFC: 09/11/2013 - 22:47:09 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\3T2DKJX4.txt [429] O61 - LFC: 09/11/2013 - 22:47:09 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\4SY97M0K.txt [390] O61 - LFC: 09/11/2013 - 22:47:09 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\59N7M9UJ.txt [79] O61 - LFC: 09/11/2013 - 22:47:09 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\60KMPQST.txt [86] O61 - LFC: 09/11/2013 - 22:47:09 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\6ZDBWVF4.txt [80] O61 - LFC: 09/11/2013 - 22:47:09 ---A- . (.Nicolas Coolman.) -- C:\Documents and Settings\Perso\Bureau\ZHPDiag2.exe [6846820] =>.Nicolas Coolman O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\75IWZGF5.txt [867] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\7HPC9PB0.txt [174] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\97QJ8XMR.txt [1912] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\BFPXZEIL.txt [360] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\BRH8C1IZ.txt [273] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\E13YEVWF.txt [94] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\F796OIVI.txt [65] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\FFSLYHMY.txt [87] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\FITK399R.txt [89] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\FKO96KAB.txt [260] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\G8RHQHB7.txt [89] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\GMOZXJH4.txt [146] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\GQ5MML3D.txt [208] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\HXRFMZFA.txt [446] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\I1R8SE93.txt [492] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\IZF2ARQA.txt [183] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\KHD055JD.txt [125] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\KHW6P6JS.txt [64] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\LR8Y3FVH.txt [936] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\MVZ93EWJ.txt [179] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\N1L24Z8E.txt [391] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\NT3223SY.txt [154] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\O92D9VAU.txt [444] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\O9LGRH89.txt [202] O61 - LFC: 09/11/2013 - 22:47:10 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\OE6KMFS3.txt [206] O61 - LFC: 09/11/2013 - 22:47:10 -SHA- . (...) -- C:\Documents and Settings\Perso\Cookies\index.dat [131072] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\PG7WQNTQ.txt [372] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\Q0KSUE0U.txt [730] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\R0IQQFQK.txt [376] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\R9GTS8LM.txt [89] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\RGYRYT4O.txt [427] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\S7KUV86L.txt [174] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\SANX7HNQ.txt [100] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\SI5HQIWA.txt [345] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\SOR09PDM.txt [878] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\T25645GS.txt [72] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\T2M4N6MW.txt [615] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\T81GTB1V.txt [116] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\U5S2B7G5.txt [534] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\UCYJDHB2.txt [84] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\V2WJWTS8.txt [393] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\VKEQ6A20.txt [613] O61 - LFC: 09/11/2013 - 22:47:12 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\W3YIEKRS.txt [104] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\WDCU7HLG.txt [151] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\WEB3JJG6.txt [225] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\WL4IZLYX.txt [147] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\WYG0KKXN.txt [103] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\XRASHNI3.txt [202] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\XVF5QMUF.txt [358] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\Y0ZDRNRD.txt [214] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\YP8YOH03.txt [375] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\ZIETLO27.txt [453] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Cookies\ZLDAX8P5.txt [110] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\2424 video.url [52] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\AVON.url [244] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Communauté Orange Jeux.url [194] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Dino-RPG.url [214] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Facebook Accueil.url [1001] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Google.url [174] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Grocado, les jeux gagnants.url [170] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Guide des stations de radio.url [197] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Internet Explorer 7 - Présentation rapide.url [160] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Jeunesse.url [51] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Liens\Hotmail.url [207] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Liens\Orange.url [212] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Liens\Sites suggérés.url [302] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Liens\Telechargez la messagerie instantanée Windows live - Windowslive.url [223] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Liens\Téléchargez vos jeux PC.url [222] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\MSN.com.url [119] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Marmiton 39000 recettes de cuisine ! Recettes commentées et notées pour toutes les cuisines. - Accueil - Marmiton.org.url [593] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Microsoft Store.url [161] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Pour Elles.url [52] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Site Internet Explorer sur Microsoft.com.url [160] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Sites Web Microsoft\Internet Explorer 7 - Présentation rapide.url [133] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Sites Web Microsoft\Microsoft Store.url [161] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Sites Web Microsoft\Site Internet Explorer sur Microsoft.com.url [160] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Sites Web Microsoft\Windows Marketplace.url [133] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Voyage.url [50] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Wibo Werk 1892 -.url [180] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\Windows Marketplace.url [160] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\hotmail.url [497] O61 - LFC: 09/11/2013 - 22:47:13 ---A- . (...) -- C:\Documents and Settings\Perso\Favoris\marmiton.org\http--www.marmiton.org-.url [239] O61 - LFC: 09/11/2013 - 22:47:13 -SHA- . (...) -- C:\Documents and Settings\Perso\IECompatCache\index.dat [868352] O61 - LFC: 09/11/2013 - 22:47:13 -SHA- . (...) -- C:\Documents and Settings\Perso\IETldCache\index.dat [262144] O61 - LFC: 09/11/2013 - 22:47:14 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse [0] O61 - LFC: 09/11/2013 - 22:47:14 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Avg2013\log\avgdecider.log.1 [65592] O61 - LFC: 09/11/2013 - 22:47:14 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Avg2013\log\avgui.log.1 [131171] O61 - LFC: 09/11/2013 - 22:47:14 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Avg2013\log\krnlapi.log.1 [1024026] O61 - LFC: 09/11/2013 - 22:47:14 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\eorezo\eorezo\1.10\eorezo.cyl [131] =>PUP.Eorezo O61 - LFC: 09/11/2013 - 22:47:16 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ammjbfijeglcdlnlnhlkdhgjnlgmpehe_0.localstorage [3072] O61 - LFC: 09/11/2013 - 22:47:16 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [90656] O61 - LFC: 09/11/2013 - 22:47:17 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt [0] O61 - LFC: 09/11/2013 - 22:47:17 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf [786] O61 - LFC: 09/11/2013 - 22:47:17 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\HP\Digital Imaging\handle.dat [179] O61 - LFC: 09/11/2013 - 22:47:17 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Identities\{58463217-591A-4AC3-8357-2F19B0066F7C}\Microsoft\Outlook Express\Boîte de réception.dbx [7805936] =>.Microsoft Corporation O61 - LFC: 09/11/2013 - 22:47:17 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Identities\{58463217-591A-4AC3-8357-2F19B0066F7C}\Microsoft\Outlook Express\Folders.dbx [74720] =>.Microsoft Corporation O61 - LFC: 09/11/2013 - 22:47:17 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Identities\{58463217-591A-4AC3-8357-2F19B0066F7C}\Microsoft\Outlook Express\Offline.dbx [9656] =>.Microsoft Corporation O61 - LFC: 09/11/2013 - 22:47:17 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\IsolatedStorage\3shdl25v.tbl\1la21x2t.idj\StrongName.xitmqsrqvpqpovqi5kx5u3ghwej4ru23\identity.dat [515] O61 - LFC: 09/11/2013 - 22:47:18 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\797JJFUW\aimfar.solution.weborama[1].xml [13] O61 - LFC: 09/11/2013 - 22:47:18 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\797JJFUW\telechargement.zebulon[1].xml [305] O61 - LFC: 09/11/2013 - 22:47:18 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\M3HZVLE5\hades.bubblestat[1].xml [13] O61 - LFC: 09/11/2013 - 22:47:18 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\QBSK2C7J\www.zebulon[1].xml [13] O61 - LFC: 09/11/2013 - 22:47:18 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\VTACIJMZ\googleads.g.doubleclick[1].xml [13] O61 - LFC: 09/11/2013 - 22:47:18 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\VTACIJMZ\www.google[1].xml [555] O61 - LFC: 09/11/2013 - 22:47:18 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{83769C30-4980-11E3-A55C-002191FC5661}.dat [5120] O61 - LFC: 09/11/2013 - 22:47:18 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{44D39710-4936-11E3-A558-002191FC5661}.dat [3584] O61 - LFC: 09/11/2013 - 22:47:18 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{89A11CEF-4980-11E3-A55C-002191FC5661}.dat [3584] O61 - LFC: 09/11/2013 - 22:47:18 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{89A11CEE-4980-11E3-A55C-002191FC5661}.dat [5632] O61 - LFC: 09/11/2013 - 22:47:18 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{89A11CF0-4980-11E3-A55C-002191FC5661}.dat [5632] O61 - LFC: 09/11/2013 - 22:47:18 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\frameiconcache.dat [17620] O61 - LFC: 09/11/2013 - 22:47:18 -SHA- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-1202660629-492894223-1343024091-1003\Credentials [2970] O61 - LFC: 09/11/2013 - 22:47:18 -SHA- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat [32768] O61 - LFC: 09/11/2013 - 22:47:18 -SHA- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat [32768] O61 - LFC: 09/11/2013 - 22:47:20 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Nokia\Nokia Data Store\DataBase\MDataStore.db3 [561152] O61 - LFC: 09/11/2013 - 22:47:20 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Nokia\Nokia Data Store\Thumbnail\DataBase\MDataStore.db3 [1032192] O61 - LFC: 09/11/2013 - 22:47:20 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Nokia\Nokia Suite\CDC\statistics.dat [78403] O61 - LFC: 09/11/2013 - 22:47:20 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Nokia\Nokia Suite\Cache\recentMessagesModel.dat [728] O61 - LFC: 09/11/2013 - 22:47:20 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\Toshiba\BluetoothStack\V1.0\SDP03461.sdb [4004] O61 - LFC: 09/11/2013 - 22:47:20 -SHA- . (...) -- C:\Documents and Settings\Perso\Local Settings\Historique\History.IE5\MSHist012013110920131110\index.dat [32768] O61 - LFC: 09/11/2013 - 22:47:20 -SHA- . (...) -- C:\Documents and Settings\Perso\Local Settings\Historique\History.IE5\index.dat [917504] O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\CalendarViewLog.txt [0] O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\ins330\OptimizerPro.exe [6565456] =>PUP.OptimizerPro O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\ins330\glindorus_2709-e3c075a1.exe [202696] =>PUP.Glindorus O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (.Box ore.) -- C:\Documents and Settings\Perso\Local Settings\Temp\ins330\OBBoxore_0307-76302122.exe [663269] =>Adware.Boxore O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (.Duuqu Group.) -- C:\Documents and Settings\Perso\Local Settings\Temp\GUM1E.tmp\DuuquCrashHandler.exe [98360] O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (.Duuqu Group.) -- C:\Documents and Settings\Perso\Local Settings\Temp\GUM1E.tmp\DuuquUpdate.exe [98360] O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (.Duuqu Group.) -- C:\Documents and Settings\Perso\Local Settings\Temp\GUM1E.tmp\DuuquUpdateBroker.exe [59448] O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (.Duuqu Group.) -- C:\Documents and Settings\Perso\Local Settings\Temp\GUM1E.tmp\DuuquUpdateHelper.msi [45056] O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (.Duuqu Group.) -- C:\Documents and Settings\Perso\Local Settings\Temp\GUM1E.tmp\DuuquUpdateOnDemand.exe [59960] O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (.Duuqu Group.) -- C:\Documents and Settings\Perso\Local Settings\Temp\GUM1E.tmp\goopdate.dll [806968] O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (.Duuqu Group.) -- C:\Documents and Settings\Perso\Local Settings\Temp\GUM1E.tmp\goopdateres_en.dll [27192] O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (.Duuqu Group.) -- C:\Documents and Settings\Perso\Local Settings\Temp\GUM1E.tmp\goopdateres_ru.dll [28216] O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (.Duuqu Group.) -- C:\Documents and Settings\Perso\Local Settings\Temp\GUM1E.tmp\npDuuquUpdate3.dll [236088] O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (.Duuqu Group.) -- C:\Documents and Settings\Perso\Local Settings\Temp\GUM1E.tmp\psmachine.dll [156728] O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (.Duuqu Group.) -- C:\Documents and Settings\Perso\Local Settings\Temp\GUM1E.tmp\psuser.dll [156728] O61 - LFC: 09/11/2013 - 22:47:21 ---A- . (.Microsoft Corporation.) -- C:\Documents and Settings\Perso\Local Settings\Temp\is-EVK0R.tmp\_isetup\_shfoldr.dll [23312] O61 - LFC: 09/11/2013 - 22:47:22 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\MMCULog2.txt [2] O61 - LFC: 09/11/2013 - 22:47:22 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\MSI4c31.LOG [376] O61 - LFC: 09/11/2013 - 22:47:22 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\MSI7717e.LOG [382] O61 - LFC: 09/11/2013 - 22:47:22 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\is-N64FB.tmp\InstallManager.exe [248577] O61 - LFC: 09/11/2013 - 22:47:22 ---A- . (.Dzbnwmqkwiaiu.) -- C:\Documents and Settings\Perso\Local Settings\Temp\is-NH3DD.tmp\lyricspack.exe [5554295] =>Adware.AddLyrics O61 - LFC: 09/11/2013 - 22:47:22 ---A- . (.Microsoft Corporation.) -- C:\Documents and Settings\Perso\Local Settings\Temp\is-N64FB.tmp\_isetup\_shfoldr.dll [23312] O61 - LFC: 09/11/2013 - 22:47:22 ---A- . (.Microsoft Corporation.) -- C:\Documents and Settings\Perso\Local Settings\Temp\is-P9LOL.tmp\_isetup\_shfoldr.dll [23312] O61 - LFC: 09/11/2013 - 22:47:22 R--A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nCommsTempNokia\Nokia Sans Wide BolIta v3.1.ttf [156520] O61 - LFC: 09/11/2013 - 22:47:22 R--A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nCommsTempNokia\Nokia Sans Wide Bold v3.1.ttf [160428] O61 - LFC: 09/11/2013 - 22:47:22 R--A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nCommsTempNokia\Nokia Sans Wide Italic v3.1.ttf [157296] O61 - LFC: 09/11/2013 - 22:47:22 R--A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nCommsTempNokia\Nokia Sans Wide v3.1.ttf [143840] O61 - LFC: 09/11/2013 - 22:47:22 R--A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nCommsTempNokia\Nokia Standard Multi Bold v2.1.ttf [216212] O61 - LFC: 09/11/2013 - 22:47:22 R--A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nCommsTempNokia\Nokia Standard Multi v2.1.ttf [214508] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\NGLALog.txt [185] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsi2F.tmp\Bhmoiwhqkwud.exe [0] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsi2F.tmp\System.dll [11264] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsi2F.tmp\WrapperUtils.dll [71168] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\FindProcDLL.dll [3584] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\GetVersion.dll [6656] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\Math.dll [67584] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\Offer1.zip [8112] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\Offer2.zip [22387] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\OfferScreen_163.html [10841] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\OfferScreen_187.html [32407] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\blowfish.dll [22528] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\img187_1.png [8675] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\inner.png [2675] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\installog.txt [0] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\manlib.dll [26112] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\nsDialogs.dll [9728] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\nsManWeb.dll [68096] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\nsisunz.dll [40960] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\output.txt [0] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\registry.dll [25088] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\serlib.dll [16384] O61 - LFC: 09/11/2013 - 22:47:23 ---A- . (.Duuqu Group.) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\DuuquUpdateSetup.exe [492088] O61 - LFC: 09/11/2013 - 22:47:24 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\System.dll [11264] O61 - LFC: 09/11/2013 - 22:47:24 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\nsj1D.tmp\UserInfo.dll [4096] O61 - LFC: 09/11/2013 - 22:47:25 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\Uninst.bat [639] O61 - LFC: 09/11/2013 - 22:47:25 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\WERef95.dir00\mbamservice.exe.mdmp [0] O61 - LFC: 09/11/2013 - 22:47:25 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\toolbar_log.txt [10255452] O61 - LFC: 09/11/2013 - 22:47:25 ---A- . (...) -- C:\Documents and Settings\Perso\Local Settings\Temp\{E3CE6AB8-D621-4A41-A63D-0F956FE08AFA}\setup.exe [6426328] O61 - LFC: 09/11/2013 - 22:47:26 ---A- . (...) -- C:\Documents and Settings\Perso\Mes documents\AdwCleaner_1.606_En.exe [581957] O61 - LFC: 09/11/2013 - 22:47:34 -SHA- . (...) -- C:\Documents and Settings\Perso\PrivacIE\index.dat [13271040] O61 - LFC: 09/11/2013 - 22:47:35 ---A- . (...) -- C:\Documents and Settings\Perso\Recent\Erreur d'installation HP - XP.lnk [583] O61 - LFC: 09/11/2013 - 22:47:35 ---A- . (...) -- C:\Documents and Settings\Perso\UserData\index.dat [32768] ~ 122 Fichiers temporaires (Temporary files) ~ 132 Fichiers cookies (Cookies files) ~ Files: 288 Scanned in 00mn 52s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 17/08/2011 - C:\WINDOWS\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\alg.exe (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV O64 - Services: CurCS - 04/07/2013 - C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVGIDSAgent) .(.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - LEGACY_AVGIDSAGENT O64 - Services: CurCS - 20/07/2013 - C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys (AVGIDSDriver) .(.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Driver..) - LEGACY_AVGIDSDRIVER O64 - Services: CurCS - 20/07/2013 - C:\WINDOWS\system32\DRIVERS\avgidshx.sys (AVGIDSHX) .(.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Helper Dri.) - LEGACY_AVGIDSHX O64 - Services: CurCS - 10/09/2013 - C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys (AVGIDSShim) .(.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Loader Dri.) - LEGACY_AVGIDSSHIM O64 - Services: CurCS - 20/07/2013 - C:\WINDOWS\system32\DRIVERS\avgldx86.sys (Avgldx86) .(.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - LEGACY_AVGLDX86 O64 - Services: CurCS - 20/07/2013 - C:\WINDOWS\system32\DRIVERS\avglogx.sys (Avglogx) .(.AVG Technologies CZ, s.r.o. - AVG Logging Driver.) - LEGACY_AVGLOGX O64 - Services: CurCS - 01/07/2013 - C:\WINDOWS\system32\DRIVERS\avgmfx86.sys (Avgmfx86) .(.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - LEGACY_AVGMFX86 O64 - Services: CurCS - 05/09/2013 - C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AvgRkx86) .(.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) - LEGACY_AVGRKX86 O64 - Services: CurCS - 21/03/2013 - C:\WINDOWS\system32\DRIVERS\avgtdix.sys (AvgTdiX) .(.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - LEGACY_AVGTDIX O64 - Services: CurCS - 02/10/2013 - C:\WINDOWS\system32\drivers\avgtpx86.sys (avgtp) .(.AVG Technologies - Pas de description.) - LEGACY_AVGTP O64 - Services: CurCS - 23/07/2013 - C:\Program Files\AVG\AVG2013\avgwdsvc.exe (avgwd) .(.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - LEGACY_AVGWD O64 - Services: CurCS - 30/08/2011 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (BthServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BTHSERV O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC O64 - Services: CurCS - 10/06/2013 - C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe (Dedicarz Service) .(.Pas de propriétaire - DedicarzService.) - LEGACY_DEDICARZ_SERVICE O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP O64 - Services: CurCS - 28/09/2001 - C:\WINDOWS\system32\drivers\dmload.sys (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\svchost.exe (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR O64 - Services: CurCS - 05/08/2009 - C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys (fssfltr) .(.Microsoft Corporation - Family Safety Filter Driver (TDI).) - LEGACY_FSSFLTR O64 - Services: CurCS - 11/12/2007 - C:\Program Files\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (FTRTSVC) .(.France Telecom SA - Pas de description.) - LEGACY_FTRTSVC O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\msgpc.sys (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV O64 - Services: CurCS - 20/10/2009 - C:\WINDOWS\system32\Drivers\HTTP.sys (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP O64 - Services: CurCS - 29/07/2008 - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (idsvc) .(.Microsoft Corporation - Windows CardSpace.) - LEGACY_IDSVC O64 - Services: CurCS - 04/06/2004 - C:\WINDOWS\system32\Drivers\InCDfs.sys (InCDfs) .(.Ahead Software AG - InCD File System Driver.) - LEGACY_INCDFS O64 - Services: CurCS - 04/06/2004 - C:\Program Files\Ahead\InCD\InCDsrv.exe (InCDsrv) .(.Ahead Software AG - incdsrv.) - LEGACY_INCDSRV O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\ipnat.sys (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS O64 - Services: CurCS - 09/11/2013 - C:\DOCUME~1\Perso\LOCALS~1\Temp\mbr.sys (mbr) .(...) - LEGACY_MBR O64 - Services: CurCS - 20/06/2003 - C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe (MDM) .(.Microsoft Corporation - Machine Debug Manager.) - LEGACY_MDM O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\Drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Mount Manager.) - LEGACY_MOUNTMGR O64 - Services: CurCS - 15/07/2011 - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - 21/04/2011 - C:\WINDOWS\system32\Drivers\Mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\Drivers\NDIS.sys (NDIS) .(.Microsoft Corporation - NDIS 5.1 wrapper driver.) - LEGACY_NDIS O64 - Services: CurCS - 08/07/2011 - C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA O64 - Services: CurCS - 11/02/2011 - C:\WINDOWS\system32\drivers\npf.sys (npf) .(.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) - LEGACY_NPF O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\Drivers\PartMgr.sys (PartMgr) .(.Microsoft Corporation - Partition Manager.) - LEGACY_PARTMGR O64 - Services: CurCS - 23/08/2001 - C:\WINDOWS\system32\pctspk.exe (Pctspk) .(.PCtel, Inc. - PCTSPK.EXE.) - LEGACY_PCTSPK O64 - Services: CurCS - 09/08/2007 - C:\WINDOWS\system32\HPZipm12.exe (Pml Driver HPZ12) .(.HP - PML Driver.) - LEGACY_PML_DRIVER_HPZ12 O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE O64 - Services: CurCS - 28/09/2001 - C:\WINDOWS\system32\DRIVERS\rasacd.sys (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\rdbss.sys (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - 28/09/2001 - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (RemoteRegistry) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_REMOTEREGISTRY O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE O64 - Services: CurCS - 13/11/2007 - C:\WINDOWS\system32\DRIVERS\secdrv.sys (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS O64 - Services: CurCS - 22/04/2012 - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (ServiceLayer) .(.Nokia - ServiceLayer Module.) - LEGACY_SERVICELAYER O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION O64 - Services: CurCS - 17/08/2010 - C:\WINDOWS\system32\spoolsv.exe (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\sr.sys (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE O64 - Services: CurCS - 17/02/2011 - C:\WINDOWS\system32\DRIVERS\srv.sys (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV O64 - Services: CurCS - 20/06/2008 - C:\WINDOWS\system32\DRIVERS\tcpip.sys (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES O64 - Services: CurCS - 28/08/2012 - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTomHOMEService) .(.TomTom - Windows Service for TomTom HOME.) - LEGACY_TOMTOMHOMESERVICE O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\vmodem.sys (Vmodem) .(.PCTEL, INC. - HSP Modem Modem Device Driver.) - LEGACY_VMODEM O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\vpctcom.sys (Vpctcom) .(.PCtel, Inc. - HSP Modem Virtual Control Device.) - LEGACY_VPCTCOM O64 - Services: CurCS - 02/10/2013 - C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe (vToolbarUpdater17.0.12) .(.AVG Secure Search - ToolbarU Application.) - LEGACY_VTOOLBARUPDATER17.0.12 =>Toolbar.AVGSearch O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\vvoice.sys (Vvoice) .(.PCtel, Inc. - HSP Modem device driver.) - LEGACY_VVOICE O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\wanarp.sys (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC O64 - Services: CurCS - 26/05/2008 - C:\WINDOWS\system32\SearchIndexer.exe (WSearch) .(.Microsoft Corporation - Microsoft Windows Search Indexer.) - LEGACY_WSEARCH O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV O64 - Services: CurCS - 13/07/2009 - C:\WINDOWS\system32\DRIVERS\WudfPf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (WudfSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUDFSVC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC ~ Legacy: 163 Scanned in 00mn 03s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (...) -- Bad: (C:\WINDOWS\system32\shell32.dll) Good: (control.exe "%1",%*) =>Broken.OpenCommand O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S ~ FASS Keys: 9 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <MSN Explorer> <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - () - http://search.live.com O69 - SBI: SearchScopes [HKCU] {18c33654-a3d1-4882-9035-c9188f6544aa} - (iadah) - http://www.iadah.com O69 - SBI: SearchScopes [HKCU] {2AFC0B8D-A64D-46C0-AD35-FA6DA6D5522A} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {2ec61f9f-edd6-4035-b020-2aaf8b3d60e4} - (YouGoo) - http://www.yougoo.fr =>Hijacker.YouGoo O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {7E7F69CF-878F-4E49-962B-9DE5E2EB6886} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://isearch.avg.com =>Toolbar.AVGSearch O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Live Search) - http://search.live.com O69 - SBI: SearchScopes [HKCU] {A531D99C-5A22-449b-83DA-872725C6D0ED} - (Recherche alOt) - http://search.alot.com O69 - SBI: SearchScopes [HKCU] {A6E0A12A-1B70-4AE9-B4EA-0638CE2CE280} - (Live Search) - http://search.live.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\system32\appmgmts.dll [176640] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496] O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [78336] O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464] O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll [24576] O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [127488] O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040] O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\System32\es.dll [253952] O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504] O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [99840] O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096] O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792] O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll [198144] O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll [247808] =>.Microsoft Corporation O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248] O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560] O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\system32\seclogon.dll [18944] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\system32\ipnathlp.dll [332800] O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\System32\srsvc.dll [171520] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\WINDOWS\system32\tapisrv.dll [249856] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\System32\w32time.dll [178176] O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll [483840] O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\system32\advapi32.dll [685568] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Service Terminal Server.) -- C:\WINDOWS\system32\termsrv.dll [297984] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [409088] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400] O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024] O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896] O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [27136] O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\system32\qagentrt.dll [293376] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\system32\kmsvc.dll [61440] ~ Services: 41 Scanned in 00mn 01s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.9A317D3BF6170A293853929083E087D0] [sPRF][24/01/2013] (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\dt.dat [26900] [MD5.34BB03E514C7625321D8979F6ABB8CBE] [sPRF][15/02/2007] (...) -- C:\Documents and Settings\Perso\Local Settings\Application Data\fusioncache.dat [128] [MD5.5FB1440B030621C81EAB90D34E2993CC] [sPRF][09/11/2013] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Documents and Settings\Perso\Bureau\ZHPDiag2.exe [6846820] ~ Files: 3 Scanned in 00mn 00s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "000021090200C0400000000000F01FEC" . (.Module de compatibilité pour Microsoft Office System 2007.) -- C:\WINDOWS\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe O90 - PUC: "0100643057937624F993D14C4705097B" . (.Encyclopédie Microsoft Encarta 2003.) -- C:\WINDOWS\Installer\{03460010-3975-4267-9F39-1DC4745090B7}\EESTD.ICO O90 - PUC: "16B3DA692EAE2E11E9278BCAF689CC3E" . (.Google Earth.) -- C:\WINDOWS\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\ARPPRODUCTICON.exe O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\WINDOWS\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon O90 - PUC: "20EA469772190C249A71C24EDCE4EFB3" . (.Nokia Suite.) -- C:\WINDOWS\Installer\{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}\ARPPRODUCTICON.exe O90 - PUC: "243493A986A4ABE4586A555B954F7E00" . (.Microsoft .NET Framework 1.1 French Language Pack.) -- C:\WINDOWS\Installer\{9A394342-4A68-4EBA-85A6-55B559F4E700}\ndpsetup.ico O90 - PUC: "2A7527EE2A93F2D4D9CA9F2FB5A81E8D" . (.Skype™ 5.10.) -- C:\WINDOWS\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe O90 - PUC: "41DC8ECD5FBF46449B4A1EE87453647C" . (.Assistant de connexion Windows Live.) -- C:\WINDOWS\Installer\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}\prodicon.ico O90 - PUC: "521D59DC299285843BFEF5F65BF2AB6D" . (.Skype Toolbars.) -- C:\WINDOWS\Installer\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}\IconUninstallIco =>Toolbar.Skype O90 - PUC: "53418D5DED8BFAC468F797892F9BC2CF" . (.Windows Live Contrôle parental.) -- C:\WINDOWS\Installer\{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}\fssicon.ico O90 - PUC: "68267DD57EB949849A099E509EA18C81" . (.Windows Live Mail.) -- C:\WINDOWS\Installer\{5DD76286-9BE7-4894-A990-E905E91AC818}\wlmail.exe =>.Microsoft Corporation O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.05) - Français.) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico O90 - PUC: "7CEBB04F4A2C00A4B942A750A5C22526" . (.Microsoft Office Live Add-in 1.5.) -- C:\WINDOWS\Installer\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}\ProductIcon O90 - PUC: "A0BC5702F62DAAD44B42059792B634AB" . (.Windows Live FolderShare.) -- C:\WINDOWS\Installer\{2075CB0A-D26F-4DAA-B424-5079296B43BA}\FolderShare48x48.ico O90 - PUC: "A12B436470CC693498C0B2188666F1AE" . (.Windows Live Writer.) -- C:\WINDOWS\Installer\{4634B21A-CC07-4396-890C-2B8168661FEA}\ApplicationIcon.ico O90 - PUC: "B2F5519759897D9468219D52080EEDB5" . (.Bonjour.) -- C:\WINDOWS\Installer\{79155F2B-9895-49D7-8612-D92580E0DE5B}\Bonjour.ico O90 - PUC: "BFB6BBEC807D99F46A33CB62000EE16F" . (.TOSHIBA Bluetooth Stack for Windows by CSR and Apache.) -- C:\WINDOWS\Installer\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}\SCenter.exe O90 - PUC: "C040820900063D11C8EF00054038389C" . (.Microsoft Office XP Professional avec FrontPage.) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\misc.exe,6 O90 - PUC: "C4E4AFE2F5B77F841A0CA18A287B9A3C" . (.HP Update.) -- C:\WINDOWS\Installer\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}\ARPPRODUCTICON.exe O90 - PUC: "CC52075AE2F510D43B7860BD0105D034" . (.Nokia Connectivity Cable Driver.) -- C:\WINDOWS\Installer\{A57025CC-5F2E-4D01-B387-06DB10500D43}\ARPPRODUCTICON.exe O90 - PUC: "CDB2B5AD456F88A46A96D443CB87641A" . (.PC Connectivity Solution.) -- C:\WINDOWS\Installer\{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}\ARPPRODUCTICON.exe O90 - PUC: "CEB1F077178207E48B73BF5852FF3A1B" . (.Windows Live Messenger.) -- C:\WINDOWS\Installer\{770F1BEC-2871-4E70-B837-FB8525FFA3B1}\MsblIco.Exe O90 - PUC: "D95E131BC2026C34489C860F3C57141F" . (.Galerie de photos Windows Live.) -- C:\WINDOWS\Installer\{B131E59D-202C-43C6-84C9-68F0C37541F1}\WLXPhotoGalleryIcon.exe =>.Microsoft Corporation O90 - PUC: "DDB6C50237B7ED245850A990F3532A83" . (.Outil de téléchargement Windows Live.) -- C:\WINDOWS\Installer\{205C6BDD-7B73-42DE-8505-9A093F35A238}\RichUpload.ico O90 - PUC: "DDFF8D05DC09958448F1AA91167C67A7" . (.QuickTime.) -- C:\WINDOWS\Installer\{50D8FFDD-90CD-4859-841F-AA1961C7767A}\Installer.ico O90 - PUC: "E6EBDF634866B264EA89A9931A2B00CC" . (.HP Product Assistant.) -- C:\WINDOWS\Installer\{36FDBE6E-6684-462B-AE98-9A39A1B200CC}\ARPPRODUCTICON.exe O90 - PUC: "F75567D15F409FC4BA02A626B1D0257D" . (.MyPDFConverter.) -- C:\WINDOWS\Installer\{1D76557F-04F5-4CF9-AB20-6A621B0D52D7}\ARPPRODUCTICON.exe O90 - PUC: "FAEC7109A5EB37F4A8E08CE76279E155" . (.TomTom HOME.) -- C:\WINDOWS\Installer\{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}\ARPPRODUCTICON.exe ~ Update Products: 113 Scanned in 00mn 00s ---\\ Export de clés de registre aléatoires (O91) [HKLM\Software\9e8ddfb33ae848] => Clé orpheline ~ Export Key Software: Scanned in 00mn 00s ---\\ Enumère les données de la clé NameSpace (MNS) (O92) O92 - MNS: Dossiers Web - {BDEADF00-C265-11D0-BCED-00A0C90AB50F} ~ MNS: 1 Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.BBB258BD86D2D251A9F38FC5B5A1A1EE] [WIS][24/06/2012] (.Nokia - Microsoft_VC100_CRT_SP1.) -- C:\Windows\Installer\1424724.msi [29184] [MD5.649D8A714F0DA0720D75C0B3FC642583] [WIS][24/06/2012] (.Nokia - Nokia Connectivity Cable Driver.) -- C:\Windows\Installer\1424741.msi [337920] [MD5.B67B8705C680CD91A795CE759FB99362] [WIS][24/06/2012] (.Nokia - PC Connectivity Solution.) -- C:\Windows\Installer\1424777.msi [496128] [MD5.DA290387DF51683F6FD99E1EC207D25A] [WIS][24/06/2012] (.Nokia - Nokia Suite.) -- C:\Windows\Installer\1424a58.msi [1225728] [MD5.501ED500905B6C7235BF48ED75C8A075] [WIS][15/02/2007] (.DocumentViewerQFolder - DocumentViewerQFolder.) -- C:\Windows\Installer\147a61.msi [121344] [MD5.6E83154114B51DBB2D1EE4AF39F33B2B] [WIS][15/02/2007] (.CustomerResearchQFolder - CustomerResearchQFolder.) -- C:\Windows\Installer\147a69.msi [121344] [MD5.4333E5BEB659F96428EFB91573348EF2] [WIS][14/02/2011] (.Skype Technologies S.A. - Skype Toolbars.) -- C:\Windows\Installer\24b63f.msi [689152] =>Toolbar.Skype [MD5.8006E5BE1AB3CE6770CD729B31BB6515] [WIS][07/08/2010] (.Nokia - MSVC80_x86_v2.) -- C:\Windows\Installer\288a71e.msi [215552] [MD5.7DBCE9B24BEB7957DAD0FA495EFF6514] [WIS][06/08/2010] (.Nokia - MSVC80_x86.) -- C:\Windows\Installer\3132e4c.msi [163840] [MD5.0880AEB4F8CDE1F705BEA64300B5B0AD] [WIS][11/09/2012] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\3341233.msi [1648640] [MD5.A831FDD76933B8AF20B66E0E0663CB6E] [WIS][03/11/2010] (.Nokia - MSVC90_x86.) -- C:\Windows\Installer\344517.msi [78336] [MD5.80878C6E8DA2D0F4727E561BE9E86F7D] [WIS][15/02/2007] (.eSupportQFolder - eSupportQFolder.) -- C:\Windows\Installer\56c6a.msi [121344] [MD5.42725885578CA6C6E72D24C504D8869F] [WIS][15/02/2007] (.DeviceManagementQFolder - DeviceManagementQFolder.) -- C:\Windows\Installer\56c81.msi [121344] [MD5.36EFC41D28B408B618CC46423BC0F952] [WIS][15/02/2007] (.HP Image Transfer - HP Image Transfer.) -- C:\Windows\Installer\56c8d.msi [3155456] [MD5.FC493771D60F530F7C6DCECB3A716C46] [WIS][15/02/2007] (.FullDPAppQFolder - FullDPAppQFolder.) -- C:\Windows\Installer\d14c7.msi [121344] [MD5.701AE8F5B61D9CC9E9370619C237F774] [WIS][04/11/2006] (.Apple Computer, Inc. - QuickTime Installer.) -- C:\Windows\Installer\fb3bd6.msi [7421952] [MD5.AFD798846D13F62CC0957934DEC71B39] [WIS][16/02/2011] (.Secure Digital Services - MyPDFConverter.) -- C:\Windows\Installer\fe2484.msi [2167808] =>Adware.SPointer ~ WIS: 116 Scanned in 00mn 22s ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 09/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 04/07/2013 4939312 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG2013\avgidsagent.exe SR - | Auto 23/07/2013 283136 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG2013\avgwdsvc.exe SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 10/06/2013 1966960 | (Dedicarz Service) . (...) - C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe SR - | Auto 11/12/2007 65536 | C:\Program Files\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (FTRTSVC) . (.France Telecom SA.) - C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe SS - | Auto 28/08/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 28/08/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Auto 07/10/2011 194104 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe SR - | Auto 04/06/2004 1151090 | (InCDsrv) . (.Ahead Software AG.) - C:\Program Files\Ahead\InCD\InCDsrv.exe SS - | Disabled 12/04/2010 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe SS - | Auto 29/08/2013 1073160 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe SR - | Auto 23/08/2001 86016 | (Pctspk) . (.PCtel, Inc..) - C:\WINDOWS\system32\pctspk.exe SR - | Auto 09/08/2007 73728 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe SR - | Demand 22/04/2012 720936 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe SS - | Auto 09/11/2013 119408 | (Software_update) . (.The Software Group.) - C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore SS - | Demand 09/11/2013 119408 | (Software_update_m) . (.The Software Group.) - C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore SR - | Auto 28/08/2012 92632 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe SS - | Auto 07/11/2013 66336 | (Update glindorus) . (...) - C:\Program Files\glindorus\updateglindorus.exe =>PUP.Glindorus SR - | Auto 02/10/2013 1734680 | (vToolbarUpdater17.0.12) . (.AVG Secure Search.) - C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe =>Toolbar.AVGSearch ~ Services: Scanned in 00mn 26s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by Perso at 09/11/2013 22:49:52 device: opened successfully user: MBR read successfully Disk trace: called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll rdbss.sys viaide.sys PCIIDEX.SYS 1 nt!IofCallDriver[0x804E3735] >> \Device\Harddisk0\DR0[0x863D5030] 3 CLASSPNP[0xF7799FD7] >> nt!IofCallDriver[0x804E3735] >> \Device\Ide\IdeDeviceP0T0L0-3[0x86384D98] kernel: MBR read successfully user & kernel MBR OK ~ MBR: 12 Scanned in 00mn 02s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Perso at 09/11/2013 22:49:55 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ---\\ Scan Additionnel (O88) Database Version : 12993 - (09/11/2013) Clés trouvées (Keys found) : 117 Valeurs trouvées (Values found) : 3 Dossiers trouvés (Folders found) : 24 Fichiers trouvés (Files found) : 12 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] =>Toolbar.AVGSearch^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] =>Toolbar.Google^ [HKLM\SYSTEM\CurrentControlSet\Services\Software_update (Software_update] =>Adware.Boxore^ [HKLM\SYSTEM\CurrentControlSet\Services\Update glindorus] =>PUP.Glindorus^ [HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.0.12] =>Toolbar.AVGSearch^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D76557F-04F5-4CF9-AB20-6A621B0D52D7}] =>Adware.SPointer^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep] =>Adware.PricePeep^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}] =>Toolbar.Skype^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\glindorus] =>PUP.Glindorus^ [HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239}] =>Adware.GamesBar [HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch [HKLM\Software\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch [HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}] =>Adware.CometSystems [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a}] =>Rogue.Multiple [HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}] =>Spyware.Soft2PC [HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange [HKLM\Software\Classes\CLSID\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange [HKLM\Software\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a}] =>Adware.PopCap [HKLM\Software\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a}] =>Adware.PopCap [HKLM\Software\Classes\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca}] =>Adware.PopCap [HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{ec1a2105-5621-440f-987d-27ef428131d9}] =>Adware.BHO [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch [HKLM\Software\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe}] =>Adware.PopCap [HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OfferBox Browser] =>PUP.OfferBox [HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI] =>Toolbar.AVGSearch [HKLM\Software\Classes\AVG Secure Search.PugiObj] =>Toolbar.AVGSearch [HKLM\Software\Classes\AVG Secure Search.PugiObj.1] =>Toolbar.AVGSearch [HKLM\Software\Classes\popcaploader.popcaploaderctrl2] =>Adware.PopCap [HKLM\Software\Classes\popcaploader.popcaploaderctrl2.1] =>Adware.PopCap [HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch [HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch [HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch [HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch [HKCU\Software\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3] =>Adware.Zango [HKCU\Software\Microsoft\Installer\Features\9ee2330ae5f4470cac801baac83818c9] =>Adware.Zango [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08C06D61-F1F3-4799-86F8-BE1A89362C85}] =>Toolbar.Orange [HKLM\Software\Classes\CLSID\{08C06D61-F1F3-4799-86F8-BE1A89362C85}] =>Toolbar.Orange [HKLM\Software\europa casino] =>Spyware.OnlineGames [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\gamesbar] =>Adware.GamesBar [HKCU\Software\lollipop] =>Adware.Lollipop [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Iminent] =>Adware.IMBooster [HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKCU\Software\Tuto4pc] =>PUP.Eorezo [HKCU\Software\Tutorials] =>Spyware.AgenceExclusive [HKLM\Software\Tutorials] =>Spyware.AgenceExclusive [HKCU\Software\Winsudate] =>Adware.Gibmedia [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a938761b-202b-4828-87e4-f21fec37d02d}] =>Toolbar.PDFSuite [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a938761b-202b-4828-87e4-f21fec37d02d}] =>Toolbar.PDFSuite [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11aa5c56-b4e2-4b8f-803a-d340415532f3}] =>Toolbar.PDFSuite [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11aa5c56-b4e2-4b8f-803a-d340415532f3}] =>Toolbar.PDFSuite [HKLM\Software\Classes\Installer\Features\521D59DC299285843BFEF5F65BF2AB6D] =>Toolbar.Skype [HKLM\Software\Classes\Installer\Products\521D59DC299285843BFEF5F65BF2AB6D] =>Toolbar.Skype [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\521D59DC299285843BFEF5F65BF2AB6D] =>Toolbar.Skype [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo [HKLM\Software\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods [HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}] =>Adware.MapsGalaxy [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}] =>Adware.MapsGalaxy [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim [HKLM\Software\Classes\CLSID\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster [HKLM\Software\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch [HKLM\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh] =>Adware.WebCake [HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI.1] =>Toolbar.AVGSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo [HKLM\Software\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}] =>Adware.WebCake [HKLM\Software\Classes\CLSID\{BD5843ED-13C4-4EFF-ACE9-56CEE22BC087}] =>Toolbar.AVGSearch [HKLM\Software\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}] =>Toolbar.AVGSearch [HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox [HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector [HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:vProt =>Toolbar.AVGSearch^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^ C:\Documents and Settings\Perso\Application Data\Mozilla\Firefox\Profiles\2hqx91zn.default\extensions\plugin@getwebcake.com =>Adware.WebCake^ C:\Program Files\AVG Secure Search =>Toolbar.AVGSearch^ C:\Program Files\glindorus =>PUP.Glindorus^ C:\Program Files\PricePeep =>Adware.PricePeep^ C:\Program Files\Web Cake =>Adware.WebCake^ C:\Program Files\Fichiers communs\AVG Secure Search =>Toolbar.AVGSearch^ C:\Documents and Settings\All Users\Application Data\AVG Secure Search =>Toolbar.AVGSearch^ C:\Documents and Settings\All Users\Application Data\BoxUpdChk =>Adware.Boxore^ C:\Documents and Settings\All Users\Application Data\PopCap =>Adware.PopCap^ C:\Documents and Settings\All Users\Application Data\SpeedMaxPc =>PUP.SpeedMaxPc^ C:\Documents and Settings\Perso\Application Data\AVG Secure Search =>Toolbar.AVGSearch^ C:\Documents and Settings\Perso\Application Data\DriverCure =>PUP.DriverCure^ C:\Documents and Settings\Perso\Application Data\SpeedMaxPc =>PUP.SpeedMaxPc^ C:\Documents and Settings\Perso\Application Data\Web Cake =>Adware.WebCake^ C:\Documents and Settings\Perso\Local Settings\Application Data\AVG Secure Search =>Toolbar.AVGSearch^ C:\Documents and Settings\Perso\Local Settings\Application Data\eorezo =>PUP.Eorezo^ C:\Documents and Settings\Perso\Local Settings\Application Data\Lollipop =>Adware.Lollipop^ C:\Program Files\Duuqu =>Toolbar.DeltaSearch C:\Program Files\Software =>Adware.Boxore C:\Program Files\RegClean =>Rogue.RegistryPowerCleaner C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar =>Toolbar.AVGSearch C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign =>Toolbar.AVGSearch C:\Documents and Settings\Perso\Local Settings\Application Data\Duuqu =>Toolbar.DeltaSearch C:\Documents and Settings\Perso\Local Settings\Application Data\Temp\Iminent =>Adware.IMBooster C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch^ C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe =>Toolbar.AVGSearch^ C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe =>Toolbar.AVGSearch^ [HKCU\Software\AVG Secure Search] =>Toolbar.AVGSearch^ [HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro^ [HKCU\Software\TutoTag] =>Spyware.AgenceExclusive^ [HKCU\Software\WEDLMNGR] =>PUP.weDownloadManager^ [HKCU\Software\glindorus] =>PUP.Glindorus^ [HKCU\Software\tuto4pc] =>PUP.Eorezo^ [HKLM\Software\StaterTV] =>Adware.StarterTV^ C:\Windows\Installer\24b63f.msi =>Toolbar.Skype^ C:\Windows\Installer\fe2484.msi =>Adware.SPointer^ ~ Additionnel Scan: 306161 Items scanned in 01mn 41s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/27285539-adware-webcake =>Adware.WebCake ~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore ~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google ~ http://nicolascoolman.webs.com/apps/blog/show/29259213-adware-startertv =>Adware.StarterTV ~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution ~ http://nicolascoolman.webs.com/apps/blog/show/26666257-adware-popcap =>Adware.PopCap ~ http://nicolascoolman.webs.com/apps/blog/show/33429762-pup-glindorus =>PUP.Glindorus ~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer ~ http://nicolascoolman.webs.com/apps/blog/show/30898245-toolbar-skype =>Toolbar.Skype ~ http://nicolascoolman.webs.com/apps/blog/show/28204239-pup-optimizerpro =>PUP.OptimizerPro ~ http://nicolascoolman.webs.com/apps/blog/show/28947219-pup-speedmaxpc =>PUP.SpeedMaxPc ~ http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>Spyware.AgenceExclusive ~ http://nicolascoolman.webs.com/apps/blog/show/32930303-pup-wedownloadmanager =>PUP.weDownloadManager ~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop ~ http://nicolascoolman.webs.com/apps/blog/show/27469224-pup-eorezo =>PUP.EoRezo ~ http://nicolascoolman.webs.com/apps/blog/show/28063533-pup-drivercure =>PUP.DriverCure ~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam =>Toolbar.Wajam ~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics ~ http://nicolascoolman.webs.com/apps/blog/show/34922153-broken-opencommand =>Broken.OpenCommand ~ http://nicolascoolman.webs.com/apps/blog/show/28911851-hijacker-yougoo =>Hijacker.YouGoo ~ http://nicolascoolman.webs.com/apps/blog/show/26808625-adware-gamesbar =>Adware.GamesBar ~ http://nicolascoolman.webs.com/apps/blog/show/30234464-pup-toparcadehits =>PUP.ToparcadeHits ~ http://nicolascoolman.webs.com/apps/blog/show/26664342-adware-comet =>Adware.Comet ~ http://nicolascoolman.webs.com/apps/blog/show/26630554-spyware-soft2pc =>Spyware.Soft2PC ~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit ~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox =>PUP.OfferBox ~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster ~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch ~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon ~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma ~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo ~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods ~ http://nicolascoolman.webs.com/apps/blog/show/27157393-adware-mapsgalaxy =>Adware.MapsGalaxy ~ http://nicolascoolman.webs.com/apps/blog/show/32363262-adware-browsefox =>Adware.BrowseFox ~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector ~ http://nicolascoolman.webs.com/apps/blog/show/29295819-rogue-registrypowercleaner =>Rogue.RegistryPowerCleaner ~ MSI: 36 link(s) detected in 01mn 42s End of the scan (2214 lines in 07mn 24s)(0) Merci de votre aide
×
×
  • Créer...