encore gomeo

vanda33 · le 6 février 2011

bonsoir

je suis incapable de me débarrasser de gomeo.

j'ai fais cette analyse pour gagner du temps.

merci de m'aider

.

======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======

.

Mis à jour par C_XX le 19/05/10 à 19:20

Contact: AdRemover.contact@gmail.com

Site web: Orange

.

Lancé à: 23:01:04 le 06/02/2011 | Mode normal | Option: SCAN

Exécuté de: C:\Ad-Remover\ADR.exe

SE: Microsoft Windows 7 Édition Familiale Premium ( - X64)

Nom du PC: PCMATHIEU (MEDIONPC MS-7616)

Utilisateur actuel: mathieu

.

============== ÉLÉMENT(S) TROUVÉ(S) ==============

.

============== SCAN ADDITIONNEL ==============

.

* Mozilla FireFox Version 3.6.13 (fr) *

.

C:\Users\mathieu\..\eg9tope1.default\prefs.js - browser.download.dir: C:\\Users\\mathieu\\Desktop\\telechargement

C:\Users\mathieu\..\eg9tope1.default\prefs.js - browser.startup.homepage: hxxp://www.closermag.fr/

C:\Users\mathieu\..\eg9tope1.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.13

.

* Internet Explorer Version 8.0.7600.16385 *

.

[HKCU\Software\Microsoft\Internet Explorer\Main]

.

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\Windows\system32\blank.htm

Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896

Show_ToolBar: yes

Start Page: hxxp://fr.msn.com/

Use Search Asst: no

.

[HKLM\Software\Microsoft\Internet Explorer\Main]

.

AutoHide: yes

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Delete_Temp_Files_On_Exit: yes

Enable Browser Extensions: yes

Local Page: C:\Windows\SysWOW64\blank.htm

Search bar: hxxp://search.msn.com/spbasic.htm

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Start Page: hxxp://fr.msn.com/

Use Search Asst: no

.

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

.

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

.

========================================

.

C:\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Ad-Remover\Backup: 14 Fichier(s)

.

C:\Ad-Report-CLEAN[1].txt - 2417 Octet(s)

C:\Ad-Report-SCAN[1].txt - 2265 Octet(s)

.

Fin à: 23:02:20, 06/02/2011

.

============== E.O.F - SCAN[1] ==============

et celle ci :

Rapport de ZHPDiag v1.27.1526 par Nicolas Coolman, Update du 05/02/2011

Run by mathieu at 2/6/2011 8:55:48 PM

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v8.0.7600.16385

---\\ System Information

Windows 7 Home Premium Edition, 64-bit (Build 7600)

Processor: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel

Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 6135.1 MB (76% free)

System Restore: Activé (Enable)

System drive C: has 1239 GB (90%) free of 1366 GB

---\\ Logged in mode

Computer Name: PCMATHIEU

User Name: mathieu

All Users Names: mathieu, HomeGroupUser$, Administrateur,

Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

---\\ Environnement Variables

%AppData%=C:\Users\mathieu\AppData\Roaming

%LocalAppData%=C:\Users\mathieu\AppData\Local

%StartMenu%=C:\Users\mathieu\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 1239 Go of 1366 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 9 Go of 30 Go)

E:\ CD-ROM drive (Free 0 Go of 7 Go)

F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

---\\ Recherche particulière de fichiers génériques

[MD5.9AAAEC8DAC27AA17B053E6352AD233AE] - (.Microsoft Corporation - Explorateur Windows.) (.10/31/2009 7:34:59 AM.) -- C:\Windows\Explorer.exe [2870272]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.7/14/2009 2:14:45 AM.) -- C:\Windows\System32\Wininit.exe [96256]

---\\ Processus lancés

[MD5.20000000000000000000000054EE1800] - (.Pas de propriétaire - Pas de description.) -- C:\Users\mathieu\AppData\Roaming\dwm.exe [197632]

[MD5.21000000000000000000000054EE1800] - (.Pas de propriétaire - Pas de description.) -- C:\Users\mathieu\AppData\Roaming\Microsoft\conhost.exe [179712]

[MD5.23000000000000000000000054EE1800] - (.Pas de propriétaire - Pas de description.) -- C:\Users\mathieu\AppData\Local\Temp\csrss.exe [186368]

[MD5.E24B0CCA60B7566BC568C4D2C1395B97] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3372856]

[MD5.E98EA7471918E1987075815DC4C61001] - (.Yahoo! Inc. - Yahoo! Widgets.) -- C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe [4742184]

[MD5.25107F58D1B8F60D67D1EE95798C0DE8] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696]

[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720]

[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768]

[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552]

[MD5.0E20A3213ED010FC4997D1EF48082ABC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [912344]

[MD5.FAB4D825200D62750002EE903005816D] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [629760]

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

M3 - MFPP: Plugins - [mathieu] -- C:\Users\mathieu\AppData\Roaming\Mozilla\Firefox\Profiles\eg9tope1.default\searchplugins\SearchquWebSearch.xml

M0 - MFSP: prefs.js [mathieu - eg9tope1.default] http://www.closermag.fr/

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook (R0,R1,R3)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKUS\S-1-5-21-3681760128-1791446671-3754266726-1001\Software\Microsoft\Internet Explorer\Main,Start Page = Search

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:61131

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1

R1 - HKUS\S-1-5-21-3681760128-1791446671-3754266726-1001\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll

R3 - URLSearchHook: (no name) - {b9e20919-fa55-471f-989b-b107bf8de785} Clé orpheline

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIAEE.exe

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (.not file.)

O4 - HKCU\..\Run: [KiesHelper] . (.MSC - MainStage.) -- C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe

O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Wow6432Node\Run: [iAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Wow6432Node\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Wow6432Node\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe

O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe

O4 - HKLM\..\Wow6432Node\Run: [KeePass 2 PreLoad] . (.Dominik Reichl - KeePass.) -- C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe

O4 - HKLM\..\Wow6432Node\Run: [conhost] . (.Pas de propriétaire - Pas de description.) -- C:\Users\mathieu\AppData\Roaming\Microsoft\conhost.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-3681760128-1791446671-3754266726-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-21-3681760128-1791446671-3754266726-1001\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (.not file.)

O4 - HKUS\S-1-5-21-3681760128-1791446671-3754266726-1001\..\Run: [KiesHelper] . (.MSC - MainStage.) -- C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe

O4 - HKUS\S-1-5-21-3681760128-1791446671-3754266726-1001\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

O4 - Global Startup: C:\Users\mathieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk . (.Yahoo! Inc..) -- C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\mathieu\Desktop\KeePass Password Safe.lnk . (.Dominik Reichl.) -- C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe

O4 - Global Startup: C:\Documents And Settings\mathieu\Desktop\portable.lnk . (.Pas de propriétaire.) -- \\CHRISTINE130371\Users\christine

O4 - Global Startup: C:\Documents And Settings\mathieu\Desktop\Son - Raccourci.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mathieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\mathieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\mathieu\Desktop\KeePass Password Safe.lnk . (.Dominik Reichl.) -- C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe

O4 - Global Startup: C:\Users\mathieu\Desktop\portable.lnk . (.Pas de propriétaire.) -- \\CHRISTINE130371\Users\christine

O4 - Global Startup: C:\Users\mathieu\Desktop\Son - Raccourci.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\KeePass Password Safe.lnk . (.Dominik Reichl.) -- C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe

O4 - Global Startup: C:\Users\mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk . (.MSC.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe

O4 - Global Startup: C:\Users\mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr

O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: eBay.fr - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Explorer\Custom\eBay.ico

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{9D6482DE-A795-45A8-88CF-DB9EB4EC1F35}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS1\Services\Tcpip\..\{9D6482DE-A795-45A8-88CF-DB9EB4EC1F35}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS2\Services\Tcpip\..\{9D6482DE-A795-45A8-88CF-DB9EB4EC1F35}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: C:\Windows\system32\drivers\afd.sys (AMD External Events Utility) - Clé orpheline

O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)

---\\ Redirection du fichier Hosts (O1)

O1 - Hosts: 85.239.180.42 personal.nl.avira-update.com

O1 - Hosts: 149.49.231.120 professional.nl.avira-update.com

O1 - Hosts: 206.118.81.39 premium.nl.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

O1 - Hosts: 85.239.180.42 perspeak.avira-update.com

O1 - Hosts: 149.49.231.120 profpeak.avira-update.com

O1 - Hosts: 206.118.81.39 prempeak.avira-update.com

O1 - Hosts: 238.56.64.168 personal.avira-update.com

O1 - Hosts: 103.2.5.202 professional.avira-update.com

O1 - Hosts: 154.93.127.134 premium.avira-update.com

O1 - Hosts: 175.150.191.39 perspeak.avira-update.com

O1 - Hosts: 137.114.84.161 profpeak.avira-update.com

O1 - Hosts: 101.92.109.40 prempeak.avira-update.com

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At1.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At10.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At11.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At12.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At13.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At14.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At15.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At16.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At17.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At18.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At19.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At2.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At20.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At21.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At22.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At23.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At24.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At25.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At26.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At27.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At28.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At29.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At3.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At30.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At31.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At32.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At33.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At34.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At35.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At36.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At37.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At38.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At39.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At4.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At40.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At41.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At42.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At43.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At44.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At45.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At46.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At47.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At48.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At49.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At5.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At50.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At51.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At52.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At53.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At6.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At7.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At8.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At9.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At1] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At10] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At11] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At12] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At13] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At14] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At15] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At16] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At17] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At18] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At19] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At2] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At20] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At21] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At22] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At23] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At24] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At25] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At26] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At27] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At28] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At29] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At3] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At30] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At31] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At32] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At33] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At34] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At35] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At36] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At37] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At38] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At39] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At4] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At40] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At41] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At42] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At43] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At44] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At45] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At46] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At47] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At48] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At49] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At5] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At50] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At51] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At52] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At53] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At6] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At7] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At8] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.7AC0CA876D094DC2CF9E41118086A826] [APT] [At9] (.Pas de propriétaire.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe

[MD5.45AD8AA455CA1535C57CC3DD71A60A7A] [APT] [GlaryInitialize] (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities\initialize.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

---\\ Logiciels installés (O42)

O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM] -- {4140EA03-7C3F-063D-B437-ADE98B912CF9}

O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Reader 9.4.1 MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}

O42 - Logiciel: Audacity 1.2.6 - (.Pas de propriétaire.) [HKLM][64Bits] -- Audacity_is1

O42 - Logiciel: Auslogics Disk Defrag - (.Auslogics Software Pty Ltd.) [HKLM][64Bits] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM][64Bits] -- Avira AntiVir Desktop

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM][64Bits] -- conduitEngine

O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: CyberLink PowerDVD Copy - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}

O42 - Logiciel: CyberLink PowerDVD Copy - (.CyberLink Corp..) [HKLM][64Bits] -- {E3D04529-6EDB-11D8-A372-0050BAE317E1}

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities

O42 - Logiciel: FormatFactory 2.60 - (.Free Time.) [HKLM][64Bits] -- FormatFactory

O42 - Logiciel: Free Video Converter V 2.9 - (.Koyote Soft.) [HKLM][64Bits] -- Free Video Converter_is1

O42 - Logiciel: GIMP 2.6.11 - (.The GIMP Team.) [HKLM][64Bits] -- WinGimp-2.0_is1

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710}

O42 - Logiciel: Glary Utilities 2.30.0.1066 - (.Glarysoft Ltd.) [HKLM][64Bits] -- Glary Utilities_is1

O42 - Logiciel: GoodSync - (.Siber Systems.) [HKLM] -- {B26B00DA-2E5D-4CF2-83C5-911198C0F009}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Intel® Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}

O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}

O42 - Logiciel: Java 6 Update 23 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: KeePass Password Safe 2.13 - (.Dominik Reichl.) [HKLM][64Bits] -- KeePassPasswordSafe2_is1

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: MSXML 4.0 SP3 Parser (KB973685) - (.Microsoft Corporation.) [HKLM][64Bits] -- {859DFA95-E4A6-48CD-B88E-A3E483E89B44}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Medion Home Cinema - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}

O42 - Logiciel: Medion Home Cinema - (.CyberLink Corp..) [HKLM][64Bits] -- {AB770FDE-8087-4C98-9A85-BD64262C104C}

O42 - Logiciel: Mes Photos d'identité v1.1 - (.Jsoft.fr.) [HKLM][64Bits] -- Mes Photos d'identité_is1

O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM][64Bits] -- Messenger Plus! Live

O42 - Logiciel: MessengerPlusLive France TB Toolbar - (.MessengerPlusLive France TB.) [HKLM][64Bits] -- MessengerPlusLive_France_TB Toolbar

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [FRA] - (.Microsoft Corporation.) [HKLM][64Bits] -- {BCC80EF3-E106-4AEA-8C57-F217F9BC7358}

O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {06E6E30D-B498-442F-A943-07DE41D7F785}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {350AA351-21FA-3270-8B7A-835434E766AD}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox (3.6.13)

O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM][64Bits] -- {266517E6-D866-439D-919C-B8B1A52E6080}

O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM][64Bits] -- {34610DE0-3C13-42CA-8E32-01FFA38AB6E8}

O42 - Logiciel: PS3 Media Server - (.Pas de propriétaire.) [HKLM][64Bits] -- PS3 Media Server

O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D

O42 - Logiciel: PassportPhoto (remove) - (.Pas de propriétaire.) [HKCU] -- PassportPhoto

O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3

O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}

O42 - Logiciel: Realtek Ethernet Controller Driver For Windows Vista and Later - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}

O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A}

O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841

O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

O42 - Logiciel: Transcode Server - (.Realtek.) [HKLM][64Bits] -- {9769B84A-8A2E-4517-AFD0-E781180EC277}

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228

O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM][64Bits] -- {76810709-A7D3-468D-9167-A1780C1E766C}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}

O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM][64Bits] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM][64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM][64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B9A92DA-6374-4872-B646-253F18624D5F}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}

O42 - Logiciel: Yahoo! Install Manager - (.Pas de propriétaire.) [HKLM][64Bits] -- YInstHelper

O42 - Logiciel: Yahoo! Widgets - (.Yahoo! Inc..) [HKLM][64Bits] -- Yahoo! Widget Engine

O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM][64Bits] -- eMule

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ATI]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Conduit]

[HKCU\Software\AppDataLow\Software\MarkAny]

[HKCU\Software\AppDataLow\Software\MessengerPlusLive_France_TB]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\PriceGong]

[HKCU\Software\AppDataLow\Software\conduitEngine]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow\Toolbar]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Audacity]

[HKCU\Software\Auslogics]

[HKCU\Software\Avira]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\CyberLink]

[HKCU\Software\EPSON]

[HKCU\Software\Emjysoft]

[HKCU\Software\FreeTime]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\GlarySoft]

[HKCU\Software\Google]

[HKCU\Software\Haali]

[HKCU\Software\IM Providers]

[HKCU\Software\JavaSoft]

[HKCU\Software\Jsoft.fr]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Micromega Software System]

[HKCU\Software\Mozilla]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\PC SOFT]

[HKCU\Software\PS3 Media Server]

[HKCU\Software\Patchou]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\Samsung]

[HKCU\Software\Siber Systems]

[HKCU\Software\Wow6432Node]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKCU\Software\eMule]

[HKCU\Software\onthegoSoft]

[HKLM\Software\AMD]

[HKLM\Software\ATI Technologies]

[HKLM\Software\ATI]

[HKLM\Software\Audible]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\EPSON]

[HKLM\Software\Google]

[HKLM\Software\Intel]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\ODBC]

[HKLM\Software\PC Connectivity Solution]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\RTLSetup]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SAMSUNG]

[HKLM\Software\SRS Labs]

[HKLM\Software\Siber Systems]

[HKLM\Software\Sonic]

[HKLM\Software\Waves Audio]

[HKLM\Software\Wow6432Node]

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 9/10/2010 - 10:42:12 PM ----D- C:\Program Files\ATI

O43 - CFD: 9/10/2010 - 10:42:56 PM ----D- C:\Program Files\ATI Technologies

O43 - CFD: 12/15/2010 - 1:00:24 PM ----D- C:\Program Files\CCleaner

O43 - CFD: 7/14/2009 - 4:20:10 AM ----D- C:\Program Files\Common Files

O43 - CFD: 2/3/2011 - 2:20:40 PM ----D- C:\Program Files\DIFX

O43 - CFD: 12/14/2010 - 10:58:26 PM ----D- C:\Program Files\DVD Maker

O43 - CFD: 12/15/2010 - 8:48:40 AM ----D- C:\Program Files\Google

O43 - CFD: 12/15/2010 - 2:20:34 PM ----D- C:\Program Files\Internet Explorer

O43 - CFD: 7/14/2009 - 8:45:56 AM ----D- C:\Program Files\Microsoft Games

O43 - CFD: 7/14/2009 - 6:32:40 AM ----D- C:\Program Files\MSBuild

O43 - CFD: 12/14/2010 - 11:00:08 AM ----D- C:\Program Files\PlayReady

O43 - CFD: 9/10/2010 - 10:47:36 PM ----D- C:\Program Files\Realtek

O43 - CFD: 7/14/2009 - 6:32:40 AM ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 2/3/2011 - 2:20:48 PM ----D- C:\Program Files\SAMSUNG

O43 - CFD: 1/5/2011 - 12:11:02 PM ----D- C:\Program Files\Siber Systems

O43 - CFD: 7/14/2009 - 6:09:28 AM --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 12/14/2010 - 11:00:36 PM ----D- C:\Program Files\Windows Defender

O43 - CFD: 12/14/2010 - 11:00:36 PM ----D- C:\Program Files\Windows Journal

O43 - CFD: 12/18/2010 - 10:51:06 AM ----D- C:\Program Files\Windows Live

O43 - CFD: 12/15/2010 - 2:20:28 PM ----D- C:\Program Files\Windows Mail

O43 - CFD: 12/15/2010 - 2:20:28 PM ----D- C:\Program Files\Windows Media Player

O43 - CFD: 7/14/2009 - 6:32:40 AM ----D- C:\Program Files\Windows NT

O43 - CFD: 12/14/2010 - 11:00:36 PM ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 7/14/2009 - 6:32:40 AM ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 12/14/2010 - 11:00:38 PM ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 12/18/2010 - 10:51:02 AM ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 7/14/2009 - 4:20:10 AM ----D- C:\Program Files\Common Files\Services

O43 - CFD: 7/14/2009 - 4:20:10 AM ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 12/14/2010 - 11:00:36 PM ----D- C:\Program Files\Common Files\System

O43 - CFD: 12/16/2010 - 12:16:26 PM ----D- C:\ProgramData\Adobe

O43 - CFD: 1/11/2011 - 8:41:52 AM ----D- C:\ProgramData\Apple

O43 - CFD: 1/11/2011 - 8:42:20 AM ----D- C:\ProgramData\Apple Computer

O43 - CFD: 7/14/2009 - 6:08:58 AM -SH-D- C:\ProgramData\Application Data

O43 - CFD: 9/10/2010 - 10:46:08 PM ----D- C:\ProgramData\ATI

O43 - CFD: 12/14/2010 - 11:23:18 AM ----D- C:\ProgramData\Avira

O43 - CFD: 10/21/2010 - 1:02:08 PM ----D- C:\ProgramData\CyberLink

O43 - CFD: 7/14/2009 - 6:08:58 AM -SH-D- C:\ProgramData\Desktop

O43 - CFD: 7/14/2009 - 6:08:58 AM -SH-D- C:\ProgramData\Documents

O43 - CFD: 12/15/2010 - 1:35:20 PM ----D- C:\ProgramData\eMule

O43 - CFD: 12/15/2010 - 1:27:48 PM ----D- C:\ProgramData\EPSON

O43 - CFD: 7/14/2009 - 6:08:58 AM -SH-D- C:\ProgramData\Favorites

O43 - CFD: 1/5/2011 - 12:11:04 PM ----D- C:\ProgramData\GoodSync

O43 - CFD: 1/11/2011 - 8:20:54 AM ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 12/15/2010 - 6:02:54 PM ----D- C:\ProgramData\Messenger Plus!

O43 - CFD: 12/18/2010 - 10:51:16 AM -S--D- C:\ProgramData\Microsoft

O43 - CFD: 1/11/2011 - 9:45:30 AM ----D- C:\ProgramData\Nero

O43 - CFD: 12/15/2010 - 8:48:40 AM ----D- C:\ProgramData\Partner

O43 - CFD: 2/3/2011 - 2:32:16 PM ----D- C:\ProgramData\PC Suite

O43 - CFD: 2/3/2011 - 2:20:34 PM ----D- C:\ProgramData\Samsung

O43 - CFD: 2/6/2011 - 8:12:20 PM ----D- C:\ProgramData\Spybot - Search & Destroy

O43 - CFD: 7/14/2009 - 6:08:58 AM -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 12/15/2010 - 1:04:40 PM ----D- C:\ProgramData\Sun

O43 - CFD: 9/10/2010 - 11:55:30 PM ----D- C:\ProgramData\Temp

O43 - CFD: 7/14/2009 - 6:08:58 AM -SH-D- C:\ProgramData\Templates

O43 - CFD: 12/15/2010 - 5:25:16 PM ----D- C:\Users\mathieu\AppData\Roaming\Adobe

O43 - CFD: 12/14/2010 - 11:01:20 AM ----D- C:\Users\mathieu\AppData\Roaming\ATI

O43 - CFD: 1/11/2011 - 8:23:42 AM ----D- C:\Users\mathieu\AppData\Roaming\Auslogics

O43 - CFD: 2/4/2011 - 5:14:16 PM ----D- C:\Users\mathieu\AppData\Roaming\Avira

O43 - CFD: 1/13/2011 - 10:52:24 AM ----D- C:\Users\mathieu\AppData\Roaming\Emjysoft

O43 - CFD: 1/11/2011 - 8:45:30 AM ----D- C:\Users\mathieu\AppData\Roaming\FreeVideoConverter

O43 - CFD: 1/11/2011 - 8:10:44 AM ----D- C:\Users\mathieu\AppData\Roaming\GlarySoft

O43 - CFD: 2/6/2011 - 12:13:20 AM ----D- C:\Users\mathieu\AppData\Roaming\GoodSync

O43 - CFD: 1/28/2011 - 12:00:02 PM ----D- C:\Users\mathieu\AppData\Roaming\gtk-2.0

O43 - CFD: 12/14/2010 - 11:00:46 AM ----D- C:\Users\mathieu\AppData\Roaming\Identities

O43 - CFD: 12/14/2010 - 11:01:26 AM ----D- C:\Users\mathieu\AppData\Roaming\Intel Corporation

O43 - CFD: 1/13/2011 - 11:03:00 AM ----D- C:\Users\mathieu\AppData\Roaming\jsoft.fr

O43 - CFD: 1/16/2011 - 10:20:48 AM ----D- C:\Users\mathieu\AppData\Roaming\KeePass

O43 - CFD: 12/14/2010 - 9:25:12 PM ----D- C:\Users\mathieu\AppData\Roaming\Macromedia

O43 - CFD: 1/11/2011 - 8:20:58 AM ----D- C:\Users\mathieu\AppData\Roaming\Malwarebytes

O43 - CFD: 7/14/2009 - 8:44:40 AM ----D- C:\Users\mathieu\AppData\Roaming\Media Center Programs

O43 - CFD: 2/6/2011 - 8:12:20 PM -S--D- C:\Users\mathieu\AppData\Roaming\Microsoft

O43 - CFD: 2/4/2011 - 4:59:28 PM ----D- C:\Users\mathieu\AppData\Roaming\Mozilla

O43 - CFD: 12/15/2010 - 1:10:42 PM ----D- C:\Users\mathieu\AppData\Roaming\OpenOffice.org

O43 - CFD: 1/20/2011 - 8:18:34 AM ----D- C:\Users\mathieu\AppData\Roaming\passport_photo

O43 - CFD: 2/3/2011 - 2:32:16 PM ----D- C:\Users\mathieu\AppData\Roaming\PC Suite

O43 - CFD: 1/9/2011 - 8:57:14 PM ----D- C:\Users\mathieu\AppData\Roaming\PMS

O43 - CFD: 2/3/2011 - 2:18:04 PM ----D- C:\Users\mathieu\AppData\Roaming\Samsung

O43 - CFD: 1/17/2011 - 8:20:36 PM ----D- C:\Users\mathieu\AppData\Roaming\vlc

O43 - CFD: 9/10/2010 - 11:36:18 PM ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 1/11/2011 - 8:41:54 AM ----D- C:\Program Files (x86)\Apple Software Update

O43 - CFD: 9/10/2010 - 10:42:36 PM ----D- C:\Program Files (x86)\ATI Technologies

O43 - CFD: 1/11/2011 - 8:31:56 AM ----D- C:\Program Files (x86)\Audacity

O43 - CFD: 1/11/2011 - 8:22:46 AM ----D- C:\Program Files (x86)\Auslogics

O43 - CFD: 12/14/2010 - 11:23:18 AM ----D- C:\Program Files (x86)\Avira

O43 - CFD: 2/3/2011 - 2:17:12 PM ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 12/15/2010 - 6:01:56 PM ----D- C:\Program Files (x86)\Conduit

O43 - CFD: 12/15/2010 - 6:01:56 PM ----D- C:\Program Files (x86)\ConduitEngine

O43 - CFD: 10/21/2010 - 1:02:56 PM ----D- C:\Program Files (x86)\CyberLink

O43 - CFD: 12/15/2010 - 1:35:00 PM ----D- C:\Program Files (x86)\eMule

O43 - CFD: 12/15/2010 - 1:28:46 PM ----D- C:\Program Files (x86)\EPSON

O43 - CFD: 1/11/2011 - 8:45:30 AM ----D- C:\Program Files (x86)\Free Video Converter

O43 - CFD: 1/11/2011 - 8:47:38 AM ----D- C:\Program Files (x86)\FreeTime

O43 - CFD: 2/5/2011 - 8:32:28 AM ----D- C:\Program Files (x86)\Fun4IM

O43 - CFD: 1/20/2011 - 8:45:24 AM ----D- C:\Program Files (x86)\GIMP-2.0

O43 - CFD: 2/6/2011 - 8:12:20 PM ----D- C:\Program Files (x86)\Glary Utilities

O43 - CFD: 12/22/2010 - 10:46:32 AM ----D- C:\Program Files (x86)\Google

O43 - CFD: 2/3/2011 - 2:41:10 PM --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 9/10/2010 - 10:38:56 PM ----D- C:\Program Files (x86)\Intel

O43 - CFD: 1/11/2011 - 8:42:42 AM ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 2/2/2011 - 10:13:24 AM ----D- C:\Program Files (x86)\Java

O43 - CFD: 12/15/2010 - 1:05:48 PM ----D- C:\Program Files (x86)\JRE

O43 - CFD: 1/13/2011 - 11:02:34 AM ----D- C:\Program Files (x86)\Jsoft.fr

O43 - CFD: 1/14/2011 - 8:26:06 AM ----D- C:\Program Files (x86)\KeePass Password Safe 2

O43 - CFD: 1/11/2011 - 8:20:54 AM ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware

O43 - CFD: 2/3/2011 - 2:17:30 PM ----D- C:\Program Files (x86)\MarkAny

O43 - CFD: 12/15/2010 - 6:01:38 PM ----D- C:\Program Files (x86)\Messenger Plus! Live

O43 - CFD: 12/15/2010 - 6:01:56 PM ----D- C:\Program Files (x86)\MessengerPlusLive_France_TB

O43 - CFD: 12/14/2010 - 10:56:12 AM ----D- C:\Program Files (x86)\Microsoft

O43 - CFD: 1/6/2011 - 7:28:16 AM ----D- C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 12/14/2010 - 10:56:42 AM ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 9/10/2010 - 10:51:44 PM ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 1/11/2011 - 8:13:12 AM ----D- C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 7/14/2009 - 6:32:40 AM ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 9/10/2010 - 10:52:44 PM ----D- C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 12/15/2010 - 1:05:46 PM ----D- C:\Program Files (x86)\OpenOffice.org 3

O43 - CFD: 2/3/2011 - 2:40:26 PM ----D- C:\Program Files (x86)\PC Connectivity Solution

O43 - CFD: 1/9/2011 - 8:32:22 PM ----D- C:\Program Files (x86)\PS3 Media Server

O43 - CFD: 1/11/2011 - 8:42:42 AM ----D- C:\Program Files (x86)\QuickTime

O43 - CFD: 12/15/2010 - 7:37:36 PM ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 7/14/2009 - 6:32:40 AM ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 2/3/2011 - 2:42:02 PM ----D- C:\Program Files (x86)\Samsung

O43 - CFD: 2/6/2011 - 8:12:20 PM ----D- C:\Program Files (x86)\Spybot - Search & Destroy

O43 - CFD: 9/10/2010 - 10:47:46 PM --H-D- C:\Program Files (x86)\Temp

O43 - CFD: 7/14/2009 - 5:57:08 AM --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 12/15/2010 - 1:16:18 PM ----D- C:\Program Files (x86)\VideoLAN

O43 - CFD: 12/14/2010 - 11:00:38 PM ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 12/18/2010 - 10:51:42 AM ----D- C:\Program Files (x86)\Windows Live

O43 - CFD: 12/15/2010 - 2:20:28 PM ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 12/15/2010 - 2:20:28 PM ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 7/14/2009 - 6:32:40 AM ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 12/14/2010 - 11:00:38 PM ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 7/14/2009 - 6:32:42 AM ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 2/4/2011 - 8:31:04 PM ----D- C:\Program Files (x86)\Windows Searchqu Toolbar

O43 - CFD: 12/14/2010 - 11:00:38 PM ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 1/4/2011 - 8:23:08 AM ----D- C:\Program Files (x86)\Yahoo!

O43 - CFD: 2/6/2011 - 8:55:52 PM ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 12/18/2010 - 10:51:02 AM ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 7/14/2009 - 4:20:10 AM ----D- C:\Program Files\Common Files\Services

O43 - CFD: 7/14/2009 - 4:20:10 AM ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 12/14/2010 - 11:00:36 PM ----D- C:\Program Files\Common Files\System

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 1/11/2011 - 9:21:13 AM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\ativpsrm.bin [0]

O44 - LFC:[MD5.3FBC17ECAE69B85DC629540275B6CDEF] - 1/20/2011 - 1:13:54 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\EPISMF00.SWB [16574]

O44 - LFC:[MD5.665CA731416A26DC72BB190ABC49E728] - 1/29/2011 - 5:00:20 PM ---A- . (.Devguru Co., Ltd. - Device Error Recovery SDK(x86).) -- C:\Windows\System32\dgderapi.dll [821824]

O44 - LFC:[MD5.4800AF7942570A82943BF49E69A2EFF5] - 1/29/2011 - 5:00:24 PM ---A- . (.(?)???? - (?)???? ContentSAFER ?? ???.) -- C:\Windows\MASetupCaller.dll [325552]

O44 - LFC:[MD5.BBF1106FEF85FD9049506FA8AD454D75] - 1/29/2011 - 5:00:24 PM ---A- . (.(?)???? - KTMusic Download ActiveX Module.) -- C:\Windows\MAMCityDownload.ocx [90112]

O44 - LFC:[MD5.35783FF1CCAB7CFBFE799EF8D6476C0D] - 1/29/2011 - 5:00:24 PM ---A- . (.Pas de propriétaire - NYEDownload MFC ?? ????.) -- C:\Windows\MusiccityDownload.exe [30568]

O44 - LFC:[MD5.7D9096473F95233EF2B99C59A683E772] - 2/3/2011 - 1:53:09 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\PerfStringBackup.INI [1576940]

O44 - LFC:[MD5.FC9B1089CDB494396CE68670FF5EC3D4] - 2/3/2011 - 1:53:09 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc009.dat [110082]

O44 - LFC:[MD5.E43802506CEADABB63CDEC07E1713BBD] - 2/3/2011 - 1:53:09 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc00C.dat [135046]

O44 - LFC:[MD5.1A292D7490D8A033A84F673B0246F489] - 2/3/2011 - 1:53:09 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh009.dat [619894]

O44 - LFC:[MD5.37A8D141B571732F7F226C2B593D13BE] - 2/3/2011 - 1:53:09 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh00C.dat [718336]

O44 - LFC:[MD5.1667A0F0E7161176DB6AB4ECACF4E307] - 2/3/2011 - 2:17:26 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\aqua_bitmap.cpp [2006]

O44 - LFC:[MD5.48D9D00C2E0E72C3D4F52772C80355F6] - 2/3/2011 - 2:20:28 PM ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\System32\drivers\TFsExDisk.Sys [16448]

O44 - LFC:[MD5.B823D2587D9C726E2CD0EBBEA2D23B5F] - 2/5/2011 - 8:32:26 AM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [1270]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2/5/2011 - 8:32:31 AM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.0C03EAE1D64F6DD789B99429984C4AF8] - 2/6/2011 - 8:13:10 PM -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.640DAD2C12AB9C0D0D3070666B6CCF80] - 2/6/2011 - 8:13:11 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [224]

O44 - LFC:[MD5.33000000000000000000000054EE1800] - 2/6/2011 - 8:16:36 PM ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1169287]

O44 - LFC:[MD5.4300E55BEA67DDC01CD4425F62EA2E55] - 2/6/2011 - 8:20:31 PM --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [10096]

O44 - LFC:[MD5.4300E55BEA67DDC01CD4425F62EA2E55] - 2/6/2011 - 8:20:31 PM --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [10096]

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\EPSON Stylus DX4200 Series [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIAEE.exe

O53 - SMSR:HKLM\...\startupreg\TranscodeServer [Key] . (.Pas de propriétaire - TranscodeServer MFC Application.) -- C:\Program Files (x86)\Realtek\Transcode Server\TranscodeServer.exe

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 7/14/2009 - 2:52:21 AM ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 7/14/2009 - 2:52:21 AM ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 7/14/2009 - 2:52:21 AM ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 7/14/2009 - 2:52:21 AM ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.7A4B413614C055935567CF88A9734D38] - 7/14/2009 - 2:52:21 AM ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [106576]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 7/14/2009 - 2:52:20 AM ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.B4AD0CACBAB298671DD6F6EF7E20679D] - 7/14/2009 - 2:52:21 AM ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [28752]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 7/14/2009 - 2:52:21 AM ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 7/14/2009 - 2:52:21 AM ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.2D648572BA9A610952FCAFBA1E119C2D] - 5/6/2010 - 10:21:46 AM ---A- . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtiHdmi.sys [125456]

O58 - SDL:[MD5.74687C33C4AD25A975BBB1EA1E8B3884] - 5/27/2010 - 6:39:12 PM ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [6856192]

O58 - SDL:[MD5.C7F56ED86327A78E7F8A5CC503A98BD6] - 5/27/2010 - 5:25:36 PM ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [264192]

O58 - SDL:[MD5.39C2E2870FC0C2AE0595B883CBE716B4] - 12/17/2010 - 9:30:10 AM ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [83120]

O58 - SDL:[MD5.C98FA6E5AD0E857D22716BD2B8B1F399] - 8/17/2010 - 1:39:11 PM ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [116568]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 6/10/2009 - 9:34:23 PM ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 6/10/2009 - 9:41:06 PM ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 6/10/2009 - 9:41:06 PM ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 7/14/2009 - 2:19:07 AM ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 6/10/2009 - 9:41:10 PM ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 6/10/2009 - 9:41:10 PM ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 6/10/2009 - 9:41:10 PM ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 6/10/2009 - 9:34:28 PM ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 7/14/2009 - 2:52:31 AM ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.FFCCD922F305B8CFBA8D99F65E35EDD7] - 12/22/2009 - 3:31:04 AM ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x64).) -- C:\Windows\system32\drivers\dgderdrv.sys [20568]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 7/14/2009 - 2:47:48 AM ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 6/10/2009 - 9:34:33 PM ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 6/10/2009 - 9:31:59 PM ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 7/14/2009 - 2:47:48 AM ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [77888]

O58 - SDL:[MD5.ABBF174CB394F5C437410A788B7E404A] - 3/4/2010 - 3:51:40 AM ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys [540696]

O58 - SDL:[MD5.D83EFB6FD45DF9D55E9A1AFC63640D50] - 7/14/2009 - 2:48:04 AM ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410688]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 7/14/2009 - 2:48:04 AM ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 7/14/2009 - 2:48:04 AM ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 7/14/2009 - 2:48:04 AM ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 7/14/2009 - 2:48:04 AM ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 7/14/2009 - 2:48:04 AM ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.3D3C4B63F11F63F50253E734F0ACE9F2] - 12/20/2010 - 6:08:40 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [24152]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 7/14/2009 - 2:48:04 AM ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 7/14/2009 - 2:48:04 AM ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 7/14/2009 - 2:48:26 AM ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.3E38712941E9BB4DDBEE00AFFE3FED3D] - 7/14/2009 - 2:48:27 AM ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [149056]

O58 - SDL:[MD5.477DC4D6DEB99BE37084C9AC6D013DA1] - 7/14/2009 - 2:45:45 AM ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [167488]

O58 - SDL:[MD5.BC0018C2D29F655188A0ED3FA94FDB24] - 8/28/2008 - 11:44:42 AM ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\system32\drivers\pccsmcfdx64.sys [25600]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 7/14/2009 - 2:45:46 AM ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 7/14/2009 - 2:45:45 AM ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.365ED58B47B46DE8B1C5FA759B6FCD6E] - 11/5/2009 - 10:15:40 PM ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [291328]

O58 - SDL:[MD5.0ADF714079AE174A39D69036143E4C50] - 4/7/2010 - 2:17:44 AM ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2337440]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 6/10/2009 - 9:37:19 PM ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 7/14/2009 - 2:45:45 AM ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 7/14/2009 - 2:45:46 AM ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 7/14/2009 - 2:45:55 AM ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.48D9D00C2E0E72C3D4F52772C80355F6] - 12/22/2009 - 3:31:26 AM ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\system32\drivers\TFsExDisk.sys [16448]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 7/14/2009 - 2:45:55 AM ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 7/14/2009 - 2:45:55 AM ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 12/20/2010 - 6:09:00 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys [38224]

O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 2/23/2008 - 3:38:33 AM ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\SysWOW64\drivers\pxhelp20.sys [43872]

O58 - SDL:[MD5.48D9D00C2E0E72C3D4F52772C80355F6] - 12/22/2009 - 3:31:26 AM ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys [16448]

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPDiag_is1

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\atikmdag.sys - amdkmdag (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB

O64 - Services: CurCS - (.not file.) - BdSpy (BdSpy) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDSPY

O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP

O64 - Services: CurCS - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS

O64 - Services: CurCS - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS

O64 - Services: CurCS - C:\Windows\System32\Drivers\cng.sys - CNG (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG

O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC

O64 - Services: CurCS - C:\Windows\System32\drivers\dgderdrv.sys - dgderdrv (dgderdrv) .(.Devguru Co., Ltd - Device Error Recovery SDK(x64).) - LEGACY_DGDERDRV

O64 - Services: CurCS - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE

O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL

O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO

O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL

O64 - Services: CurCS - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP

O64 - Services: CurCS - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY

O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD

O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecpkg.sys - KSecPkg (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO

O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV

O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msisadrv.sys - msisadrv (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV

O64 - Services: CurCS - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP

O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL

O64 - Services: CurCS - C:\Windows\System32\drivers\pcw.sys - Performance Counters for Windows Driver (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW

O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH

O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED

O64 - Services: CurCS - C:\Windows\system32\drivers\qwavedrv.sys (QWAVEdrv) .(.Microsoft Corporation - Pilote du support de Microsoft Quality Wind.) - LEGACY_QWAVEDRV

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD

O64 - Services: CurCS - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR

O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR

O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV

O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP

O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX

O64 - Services: CurCS - C:\Windows\system32\Drivers\TFsExDisk.sys - TFsExDisk (TFsExDisk) .(.Teruten Inc - File System Mini Filter Drvier.) - LEGACY_TFSEXDISK

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS

O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\volsnap.sys - Storage volumes (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6

O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wfplwf.sys - WFP Lightweight Filter (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF

O64 - Services: CurCS - C:\Windows\system32\drivers\ws2ifsl.sys - Windows Socket 2.0 Non-IFS Service Provider Support Environment (ws2ifsl) .(.Microsoft Corporation - Couche IFS Winsock2.) - LEGACY_WS2IFSL

O64 - Services: CurCS - C:\Windows\System32\drivers\WudfPf.sys - User Mode Driver Frameworks Platform Driver (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {8165DBD1-7974-47E2-B0B0-CBAE102A4FA2} - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {8A96AF9E-4074-43b7-BEA3-87217BDA7403} [DefaultScope] - (Web Search) - Search

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.7AC0CA876D094DC2CF9E41118086A826] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe [79872]

[MD5.00000000000000000000000000000000] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\mathieu\AppData\Local\Temp\csrss.exe [186368]

[MD5.29CFC592DD549A5EBA660CD1382A4CB3] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\mathieu\AppData\Local\Temp\ns2.exe [179712]

[MD5.00000000000000000000000000000000] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\mathieu\AppData\Roaming\dwm.exe [197632]

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)

O87 - FAEL: "FPS-SpoolSvc-In-TCP" |In - Public - P6 - TRUE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)

O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" |Out - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\lsass.exe (.not file.)

O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.)

O87 - FAEL: "RemoteSvcAdmin-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe

O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe

O87 - FAEL: "{84A172AB-BB94-42CB-84C2-0A653B4EEDC9}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)

O87 - FAEL: "{7968F2E1-7773-47B6-9165-0CC4B8CB5B9E}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O87 - FAEL: "{6CA97D0E-C8EB-47FA-BC89-739BA4E8CDAA}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe

O87 - FAEL: "TCP Query User{FB27309C-187D-4B55-AD96-C2928353FAC7}C:\program files (x86)\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe

O87 - FAEL: "UDP Query User{D42C6EF9-1F6D-4BBD-B9F0-D32250FDE17E}C:\program files (x86)\emule\emule.exe" | In - Private - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe

O87 - FAEL: "TCP Query User{36A776FD-B6A7-41E1-A189-E056264AC66C}C:\program files (x86)\realtek\transcode server\transcodeserver.exe" | In - Private - P6 - TRUE | .(.Pas de propriétaire.) -- C:\program files (x86)\realtek\transcode server\transcodeserver.exe

O87 - FAEL: "UDP Query User{663604A0-6B54-484C-8B67-C90A74DA0576}C:\program files (x86)\realtek\transcode server\transcodeserver.exe" | In - Private - P17 - TRUE | .(.Pas de propriétaire.) -- C:\program files (x86)\realtek\transcode server\transcodeserver.exe

O87 - FAEL: "TCP Query User{E7456402-BA37-44D2-8B14-7444F023C1AE}C:\program files (x86)\realtek\transcode server\transcodeserver.exe" | In - Public - P6 - TRUE | .(.Pas de propriétaire.) -- C:\program files (x86)\realtek\transcode server\transcodeserver.exe

O87 - FAEL: "UDP Query User{6FEB54EF-E591-4A81-A39C-7EEFEA11EB3C}C:\program files (x86)\realtek\transcode server\transcodeserver.exe" | In - Public - P17 - TRUE | .(.Pas de propriétaire.) -- C:\program files (x86)\realtek\transcode server\transcodeserver.exe

O87 - FAEL: "{7E7DCB5F-6F14-4F4B-9134-6E99A8211D3D}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

O87 - FAEL: "TCP Query User{C3E80FE8-5DF2-484E-B418-5AD0F63F5261}C:\program files (x86)\java\jre6\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files (x86)\java\jre6\bin\javaw.exe

O87 - FAEL: "UDP Query User{2240B334-D4C7-4F29-BB70-1976EF2A3BB9}C:\program files (x86)\java\jre6\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc..) -- C:\program files (x86)\java\jre6\bin\javaw.exe

O87 - FAEL: "{0CD570A1-632F-47AA-B896-B03AD3C9A85C}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe

O87 - FAEL: "{B48DA975-10C7-4153-B943-1BD5F6735281}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 0 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe

SR - | Auto 8/17/2010 135336 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

SR - | Auto 12/17/2010 267944 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

SS - | Auto 12/14/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 6/11/2010 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

SR - | Auto 3/4/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

SS - | Demand 11/11/2008 620544 | (ServiceLayer) . (.Nokia..) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

SR - | Auto 7/14/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover

Run by mathieu at 2/6/2011 8:56:26 PM

device: opened successfully

user: error reading MBR

Disk trace:

error: Read Descripteur non valide

kernel: error reading MBR

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by mathieu at 2/6/2011 8:56:26 PM

Use the desktop link 'MBRCheck' to have full report

End of the scan (1455 lines in 38mn AMs)(0)

bernard53 · le 7 février 2011

Bonsoir

en premier ceci s.t.p

Téléchargez MyHosts sur votre bureau .

Pour le lancer, faites un double-clic sur l'icône de MyHosts qui se trouve sur votre bureau.

Le rapport " MyHosts.txt " s'ouvre quelques secondes après, copiez son contenu et postez-le sur le forum où vous vous faites aider.

Si par erreur vous avez fermé le rapport " MyHosts.txt " avant de le copier, vous pouvez le retrouver à la racine de votre disque système ( par exemple C:\MyHosts.txt ) .

IMPORTANT :

MyHosts doit être lancé sur une session ayant des droits "administrateur", toute exécution sur un compte "limité" entraînera l'apparition d'une fenêtre DOS vous demandant de le relancer à partir d'un compte administrateur.

Puis:

* Copie le tout le texte présent dans l'encadré ci-dessous (tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C)

[MD5.20000000000000000000000054EE1800] - (.Pas de propriétaire - Pas de description.) -- C:\Users\mathieu\AppData\Roaming\dwm.exe [197632]

[MD5.21000000000000000000000054EE1800] - (.Pas de propriétaire - Pas de description.) -- C:\Users\mathieu\AppData\Roaming\Microsoft\conhost.exe [179712]

[MD5.23000000000000000000000054EE1800] - (.Pas de propriétaire - Pas de description.) -- C:\Users\mathieu\AppData\Local\Temp\csrss.exe [186368]

M3 - MFPP: Plugins - [mathieu] -- C:\Users\mathieu\AppData\Roaming\Mozilla\Firefox\Profiles\eg9tope1.default\searchplugins\SearchquWebSearch.xml

R3 - URLSearchHook: (no name) - {b9e20919-fa55-471f-989b-b107bf8de785} Clé orpheline

OPT:O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

OPT:O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIAEE.exe

OPT:O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (.not file.)

OPT:O4 - HKCU\..\Run: [KiesHelper] . (.MSC - MainStage.) -- C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe

OPT:O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

OPT:O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

OPT:O4 - HKLM\..\Wow6432Node\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

OPT:O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java™ Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

OPT:O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe

OPT:O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe

OPT:O4 - HKUS\S-1-5-21-3681760128-1791446671-3754266726-1001\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (.not file.)

O4 - HKUS\S-1-5-21-3681760128-1791446671-3754266726-1001\..\Run: [KiesHelper] . (.MSC - MainStage.) -- C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe

OPT:O4 - HKUS\S-1-5-21-3681760128-1791446671-3754266726-1001\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

OPT:O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

OPT:O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

OPT:O4 - Global Startup: C:\Documents And Settings\mathieu\Desktop\portable.lnk . (.Pas de propriétaire.) -- \\CHRISTINE130371\Users\christine

O4 - Global Startup: C:\Documents And Settings\mathieu\Desktop\Son - Raccourci.lnk - Clé orpheline

O4 - Global Startup: C:\Users\mathieu\Desktop\portable.lnk . (.Pas de propriétaire.) -- \\CHRISTINE130371\Users\christine

O4 - Global Startup: C:\Users\mathieu\Desktop\Son - Raccourci.lnk - Clé orpheline

OPT:O4 - Global Startup: C:\Users\mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline

OPT:O4 - Global Startup: C:\Users\mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline

O9 - Extra button: eBay.fr - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Explorer\Custom\eBay.ico

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At1.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At10.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At11.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At12.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At13.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At14.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At15.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At16.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At17.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At18.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At19.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At2.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At20.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At21.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At22.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At23.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At24.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At25.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At26.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At27.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At28.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At29.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At3.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At30.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At31.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At32.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At33.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At34.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At35.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At36.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At37.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At38.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At39.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At4.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At40.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At41.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At42.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At43.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At44.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At45.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At46.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At47.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At48.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At49.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At5.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At50.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At51.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At52.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At53.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At6.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At7.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At8.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At9.job

O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM][64Bits] – conduitEngine

O42 - Logiciel: MessengerPlusLive France TB Toolbar - (.MessengerPlusLive France TB.) [HKLM][64Bits] -- MessengerPlusLive_France_TB Toolbar

[HKCU\Software\AppDataLow\Software\Conduit]

[HKCU\Software\AppDataLow\Software\MessengerPlusLive_France_TB]

[HKCU\Software\AppDataLow\Software\PriceGong]

[HKCU\Software\AppDataLow\Software\conduitEngine]

[HKCU\Software\AppDataLow\Toolbar]

O43 - CFD: 12/15/2010 - 6:01:56 PM ----D- C:\Program Files (x86)\Conduit

O43 - CFD: 12/15/2010 - 6:01:56 PM ----D- C:\Program Files (x86)\ConduitEngine

O43 - CFD: 2/5/2011 - 8:32:28 AM ----D- C:\Program Files (x86)\Fun4IM

O43 - CFD: 12/15/2010 - 6:01:56 PM ----D- C:\Program Files (x86)\MessengerPlusLive_France_TB

O43 - CFD: 2/4/2011 - 8:31:04 PM ----D- C:\Program Files (x86)\Windows Searchqu Toolbar

O64 - Services: CurCS - (.not file.) - BdSpy (BdSpy) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDSPY

. O69 - SBI: SearchScopes [HKCU] {8165DBD1-7974-47E2-B0B0-CBAE102A4FA2} - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {8A96AF9E-4074-43b7-BEA3-87217BDA7403} [DefaultScope] - (Web Search) – Search

[MD5.7AC0CA876D094DC2CF9E41118086A826] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\mathieu\AppData\Local\Temp\A50F.exe [79872]

[MD5.00000000000000000000000000000000] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\mathieu\AppData\Local\Temp\csrss.exe [186368]

[MD5.29CFC592DD549A5EBA660CD1382A4CB3] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\mathieu\AppData\Local\Temp\ns2.exe [179712]

[MD5.00000000000000000000000000000000] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\mathieu\AppData\Roaming\dwm.exe [197632]

Emptytemp

FirewallRaz

EmptyFlash

Puis Lance ZHPFix depuis le raccourci du bureau.

* Une fois l'outil ZHPFix ouvert, clique sur le bouton [H] ("coller les lignes Helper").

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment qui apparaitront.

Vérifie :

- que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

- que les lignes soient disposées les unes en dessous des autres.

* Puis clique sur le bouton [OK].

> À ce moment là, il apparaitra au début de chaque ligne une petite case vide. Ne touche plus à rien !

!! Déconnecte toi d'internet, désactive tes défenses (anti-virus, anti-spyware) et ferme bien toutes autres applications (navigateurs compris) !!

* Clique sur le bouton [Tous]. Vérifies que toutes les lignes soient bien cochées.

* Enfin clique sur le bouton [Nettoyer].

-> laisse travailler l'outil et ne touche à rien ...

Une fois terminée, un nouveau rapport s'affiche : copie/colle le contenu de ce dernier dans ta prochaine réponse ...

(ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ZHPFixReport.txt)

Important : s'il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le de suite !

Puis:

lance depuis le raccourci sur ton bureau 'MBRCheck

Tu mettras le rapport s.t.p

Puis:

Installe Malewarebytes' Antimalware,

Téléchargement

*** Met-le à jour puis choisi, Exécuter un examen complet

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.

:hello2:

Modifié le 7 février 2011 par bernard53

Connexion

Pas encore inscrit ?

encore gomeo

Messages recommandés

vanda33

bernard53

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer