fenetre publicitaire intempestive

[mimic8535]

bonjour

j'ai un malware qui resiste et qui me met une fenetre de pub a chaque clic sur un lien et impossible de l'enlever meme avec malware bytes je pense qu'il va falloir passer a la vitesse superieur et hijackthis

 

 

merci si vous pouvez me donner la procedure

[pear]

Bonjour,

 

Hijackthis ne vaut plus guère!

 

Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Décompresser le fichier ZHPDiag.fix sur le bureau

puis double-cliquer sur le fichier ZHPDiag.exe pour installer l'outil

Sur le bureau ,il y aura 3 icônes

 

Sous XP, double clic sur ZhpDiag

Sous Vista/7, faire un clic droit et Exécuter en tant qu'administrateur

Clic sur la Loupe pour lancer le scan

En cas de blocage sur O80, cliquez sur le tournevis pour le décocher

Postez en le rapport ZhpDiag.txt qui apparait sur le bureau

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Autre solution:

Aller sur le site :Ci-Joint

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

 

[mimic8535]

merci et voici le rapport

 

 

 

Rapport de ZHPDiag v1.27.2424 par Nicolas Coolman, Update du 22/07/2011

Run by yannick at 27/07/2011 18:22:00

Web site : ZHPDiag Outil de diagnostic

 

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.7601.17514 (Defaut)

MFIE: Mozilla Firefox 4.0 v

 

---\\ System Information

Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601)

~ Processor: x86 Family 15 Model 107 Stepping 2, AuthenticAMD

~ Operating System: 32 Bits

~ Boot mode: ~ Normal (Normal boot)

Total RAM: 3071 MB (42% free)

~ System Restore: Activé (Enable)

System drive C: has 4 GB (6%) free of 62 GB

 

---\\ Logged in mode

~ Computer Name: YANNICK-PC

~ User Name: yannick

~ All Users Names: yannick, HomeGroupUser$, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82

~ Logged in as Administrator

 

---\\ Environnement Variables

~ %AppData%=C:\Users\yannick\AppData\Roaming\

~ %Desktop%=C:\Users\yannick\Desktop\

~ %Favorites%=C:\Users\yannick\Favorites\

~ %LocalAppData%=C:\Users\yannick\AppData\Local\

~ %StartMenu%=C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Start Menu\

 

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 4 Go of 62 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 9 Go of 251 Go)

E:\ Hard drive, Flash drive, Thumb drive (Free 19 Go of 386 Go)

F:\ CD-ROM drive (Not Inserted)

G:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.04/06/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]

[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (....) (.14/07/2009 - 02:14:31.) -- C:\Windows\system32\rundll32.exe [44544]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]

[MD5.2CA020EACDC6DDB2BEA89FEA02C90945] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/06/2011 - 20:10:01.) -- C:\Windows\system32\wininet.dll [981504]

[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.02/07/2011 - 13:17:54.) -- C:\Windows\system32\Winlogon.exe [286720]

[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584]

[MD5.33C3093D09017CFE2E219F2472BFF6EB] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/07/2011 - 13:30:06.) -- C:\Windows\system32\drivers\ntfs.sys [1211264]

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 3/25

~ Mes musiques (My Musics) : 3/29

~ Mes Favoris (My Favorites) : 3/42

~ Mes Documents (My Documents) : 7/466

~ Mon Bureau (My Desktop) : 10/2002

~ Menu demarrer (Programs) : 7/62

 

 

 

---\\ Processus lancés

[MD5.F46F1EBC3F9DC2559B24AEEFC3D8206C] - (.Cisco Systems, Inc. - Network Magic Application.) -- C:\Program Files\Pure Networks\Network Magic\nmapp.exe [472112]

[MD5.73BFDC88C6EF9715CDF57134A438837A] - (.Cisco Systems, Inc. - Pure Networks Platform Assistant.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe [647216]

[MD5.AA47E00B08B3F05CBEC51FFB64F42FA9] - (.Nokia - Nokia M Platform.) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe [1531904]

[MD5.764EEB4BCA87921A629BBC52DE421E8E] - (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2054360]

[MD5.42E9F86C9DF502C16AA3B6A7505F3D34] - (.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\Program Files\Bywifi\bywifi.exe [2207744]

[MD5.A244E67F073377DE0E53D3068932B040] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [142120]

[MD5.0AEE5668EB59912F32FF245BFA72465F] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe [421888]

[MD5.255E405D801CF01247390F38F92D8042] - (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe [17408]

[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696]

[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]

[MD5.FE36976864A30EA91E14D024F8BF7DD8] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\yannick\AppData\Roaming\Dropbox\bin\Dropbox.exe [24176560]

[MD5.A82F90AA786032F770AD8CFBB1BE5D17] - (.Lavasoft Limited - Ad-Aware Tray Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [1191216]

[MD5.8C1BB9B145B46BFB71B5C3428CF56993] - (...) -- C:\Program Files\Hotspot Shield\bin\openvpntray.exe [107568]

[MD5.75B06ACD9D8DC0FE3603294E1899F496] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [47104]

[MD5.7AAF26E5CEC48A364FAB61A3505668FB] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632]

[MD5.356A22A5871AC798035E4082C0508F76] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]

[MD5.1A28CB38299AA0069555B95E5C7BE372] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\yannick\Desktop\ZHPDiag2.exe [2540574]

[MD5.9311F4604EA75FC10C3B783BEA71D813] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\Users\yannick\AppData\Local\Temp\is-GIPKQ.tmp\ZHPDiag2.tmp [715776]

[MD5.9311F4604EA75FC10C3B783BEA71D813] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\Users\yannick\AppData\Local\Temp\is-0RP9N.tmp\ZHPDiag2.tmp [715776]

[MD5.0E8A6A1BC5B08EA29E363EE5E06F7ECB] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [658944]

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\yannick\AppData\Roaming\Mozilla\Firefox\Profiles\ql6pwsec.default\prefs.js

M3 - MFPP: Plugins - [yannick] -- C:\Users\yannick\AppData\Roaming\Mozilla\Firefox\Profiles\ql6pwsec.default\searchplugins\munlock.xml

M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml

M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml

M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [yannick] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN:Firefox Plugin Navigator . (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npDivxPlayerPlugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin8.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.0.254.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation - NVIDIA 3D Vision plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, Copyright 2006-2009 Veetle Inc<br><a href="http://www..'>http://www..) -- C:\Program Files\Veetle\plugins\npVeetle.dll

P2 - FPN: [HKLM] [@veetle.com/veetlePlayerPlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, copyright 2006-2010 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\Player\npvlc.dll

M0 - MFSP: prefs.js [yannick - ql6pwsec.default] SFR: Téléphone, Forfait, Offres ADSL, Fibre, Mobile + Internet

M2 - MFEP: prefs.js [yannick - ql6pwsec.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.15 (.http://www.cacaoweb.org/.)

M2 - MFEP: prefs.js [yannick - ql6pwsec.default\maps@ovi.com] [] Ovi maps browser plugin v2.3.37.6 (.Nokia gate5 GmbH.)

M2 - MFEP: prefs.js [yannick - ql6pwsec.default\toolbar@mc.xul] [] Ma Galerie Marchande Mastercard v1.1 (.Plebicom.)

M2 - MFEP: prefs.js [yannick - ql6pwsec.default\undrm@readzik] [] readzik v1.0 (.readzik.)

M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{038dc421-b19e-4711-a218-1fd10de9163b}] [] Add N Edit Cookies v1.0.0.2 (.Michael Ryabushkin.)

M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{181F4BBC-2453-40D2-B42C-3135E3B07C7B}] [] Free software Gooofull toolbar v1.0.12 (.Abingerdale, Ltd..)

M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)

M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v7.1.20110512W (.Google Inc..)

M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{40a1f5d7-afc2-498f-b264-02668d616ff6}] [] Mega Manager Integration v1.1 (.Megaupload Limited.)

M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{75493B06-1504-4976-9A55-B6FE240FF0BF}] [] Barre de Confiance v3.0.1 (.Euro Information, groupe Credit Mutuel-CIC.)

M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.3 (.Michel Gutierrez.)

M2 - MFEP: prefs.js [yannick - ql6pwsec.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [] Vuze Remote Community Toolbar v3.5.0.12 (.Conduit Ltd..)

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKUS\S-1-5-21-118793773-1618462023-1890361634-1001\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Bing

R1 - HKUS\S-1-5-21-118793773-1618462023-1890361634-1001\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation

R3 - URLSearchHook: HotSpot Shield FR Toolbar - {f6af0697-ce5d-4718-ac5e-6613b6b3df09} . (.Conduit Ltd. - Conduit Toolbar.) (5, 7, 3, 1) -- C:\Program Files\HotSpot_Shield_FR\tbHot1.dll

R3 - URLSearchHook: HotSpot Shield FR Toolbar - {f6af0697-ce5d-4718-ac5e-6613b6b3df09} . (.Conduit Ltd. - Conduit Toolbar.) (5, 7, 3, 1) -- C:\Program Files\HotSpot_Shield_FR\tbHot1.dll

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

 

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} . (.SFR - Aide à la navigation SFR.) -- C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

O2 - BHO: BywifiBHO - {C4743D3E-20D7-4B52-84F2-5E4E277B2D82} . (.bywifi.com - Bywifi: Video Streaming Helper.) -- C:\Program Files\Bywifi\bywifiie.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HotSpot Shield FR Toolbar - {f6af0697-ce5d-4718-ac5e-6613b6b3df09} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\HotSpot_Shield_FR\tbHot1.dll

O2 - BHO: TBSB07458 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\PDF Enhancer 3.5\tbcore3.dll

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: HotSpot Shield FR Toolbar - {f6af0697-ce5d-4718-ac5e-6613b6b3df09} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\HotSpot_Shield_FR\tbHot1.dll

O3 - Toolbar: Free software Gooofull toolbar - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\PDF Enhancer 3.5\tbcore3.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [nmapp] . (.Cisco Systems, Inc. - Network Magic Application.) -- C:\Program Files\Pure Networks\Network Magic\nmapp.exe

O4 - HKLM\..\Run: [nmctxth] . (.Cisco Systems, Inc. - Pure Networks Platform Assistant.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe

O4 - HKLM\..\Run: [NokiaMServer] Clé orpheline

O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

O4 - HKLM\..\Run: [bywifi] . (.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\Program Files\Bywifi\bywifi.exe

O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [NokiaMusic FastStart] Clé orpheline

O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O4 - HKLM\..\Run: [NPSStartup] Clé orpheline

O4 - HKLM\..\Run: [unlockerAssistant] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe

O4 - HKLM\..\Run: [TrojanScanner] . (.Simply Super Software - Trojan Scanner.) -- C:\Program Files\Trojan Remover\Trjscan.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (.not file.)

O4 - HKUS\S-1-5-21-118793773-1618462023-1890361634-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-21-118793773-1618462023-1890361634-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-21-118793773-1618462023-1890361634-1001\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (.not file.)

O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mise à jour des licences ESET.lnk . (.GuillerSoft.) -- C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk . (.Dropbox, Inc..) -- C:\Users\yannick\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeRapid 0.83u1.lnk . (.Vity.) -- E:\Mes documents\Azureus Downloads\LOGICIELS VUZE\telecharger rapidement\FreeRAPID-0.83U1\FreeRapid-0.83u1\frd.exe

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\yannick\Desktop\9Giga Synchro.lnk . (.Agematis.) -- C:\Program Files\SFR\9Giga Synchro\9Giga_Synchro.exe

O4 - Global Startup: C:\Users\yannick\Desktop\AD-R.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe

O4 - Global Startup: C:\Users\yannick\Desktop\adsl TV.lnk . (.adsltv.org.) -- C:\Program Files\adslTV\adsltv.exe

O4 - Global Startup: C:\Users\yannick\Desktop\AirSnare.lnk . (.Digital Matrix.) -- C:\Program Files\AirSnare\AirSnare.exe

O4 - Global Startup: C:\Users\yannick\Desktop\Bywifi accélérateur de vidéo.lnk . (.bywifi.com.) -- C:\Program Files\Bywifi\bywifi.exe

O4 - Global Startup: C:\Users\yannick\Desktop\Bywifi convertisseur de vidéo.lnk . (...) -- C:\Program Files\Bywifi\bywifidl.exe

O4 - Global Startup: C:\Users\yannick\Desktop\cacaoweb.exe - Raccourci.lnk . (...) -- D:\LOGICIEL\pour enlever la limitation megavideo\cacaoweb.exe

O4 - Global Startup: C:\Users\yannick\Desktop\Driver Checker.lnk . (...) -- C:\Program Files\Driver Checker\DriverChecker.exe

O4 - Global Startup: C:\Users\yannick\Desktop\Dropbox.lnk . (.Dropbox, Inc..) -- C:\Users\yannick\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: C:\Users\yannick\Desktop\EPSON Scan.lnk . (.SEIKO EPSON CORP..) -- C:\Windows\twain_32\escndv\escndv.exe

O4 - Global Startup: C:\Users\yannick\Desktop\ETKA 7.2.lnk . (...) -- C:\Tecar Forum\ETKA 7.2\PROG\Etka7.exe

O4 - Global Startup: C:\Users\yannick\Desktop\Finish Downloading Brothersoft Download Manager.lnk . (.Conduit.) -- E:\Downloads\Brothersoftdownloader_for_View_Cookies_Firefox_Add_on.exe

O4 - Global Startup: C:\Users\yannick\Desktop\FLV Player.lnk . (...) -- C:\Program Files\FLV Player\FLVplayer.exe

O4 - Global Startup: C:\Users\yannick\Desktop\frd.exe - Raccourci.lnk . (.Vity.) -- C:\Users\yannick\Desktop\FreeRapid-0.85u1-b566\FreeRapid-0.85u1-build566\frd.exe

O4 - Global Startup: C:\Users\yannick\Desktop\FreeRapid 0.83u1.lnk . (.Vity.) -- E:\Mes documents\Azureus Downloads\LOGICIELS VUZE\telecharger rapidement\FreeRAPID-0.83U1\FreeRapid-0.83u1\frd.exe

O4 - Global Startup: C:\Users\yannick\Desktop\IrfanView Thumbnails.lnk . (.Irfan Skiljan.) -- C:\Program Files\IrfanView\i_view32.exe

O4 - Global Startup: C:\Users\yannick\Desktop\IrfanView.lnk . (.Irfan Skiljan.) -- C:\Program Files\IrfanView\i_view32.exe

O4 - Global Startup: C:\Users\yannick\Desktop\IsoBuster.lnk . (.Smart Projects.) -- C:\Program Files\Smart Projects\IsoBuster\IsoBuster.exe

O4 - Global Startup: C:\Users\yannick\Desktop\JDownloader.lnk . (.AppWork UG (haftungsbeschränkt).) -- C:\Program Files\JDownloader\JDownloader.exe

O4 - Global Startup: C:\Users\yannick\Desktop\Neuview Professional.lnk . (.QO Developments.) -- C:\Program Files\QO Developments\Neuview Media Player\Neuview Pro.exe

O4 - Global Startup: C:\Users\yannick\Desktop\Neuview Standard.lnk . (.QO Developments.) -- C:\Program Files\QO Developments\Neuview Media Player\Neuview Pro.exe

O4 - Global Startup: C:\Users\yannick\Desktop\NodLogin10c.lnk . (...) -- C:\Program Files\UlisesSoft\nodlogin.exe (.not file.)

O4 - Global Startup: C:\Users\yannick\Desktop\PC Inspector File Recovery.lnk . (...) -- C:\Program Files\Convar\PC Inspector File Recovery\Filerecovery.exe

O4 - Global Startup: C:\Users\yannick\Desktop\Peer2Me.lnk . (...) -- C:\Users\yannick\AppData\Roaming\Microsoft\Installer\{C783600B-C726-4481-9BBE-06F560CF8968}\ShortcutApp1_C783600BC72644819BBE06F560CF8968.exe

O4 - Global Startup: C:\Users\yannick\Desktop\SIW.lnk . (.Topala Software Solutions.) -- C:\Program Files\SIW\siw.exe

O4 - Global Startup: C:\Users\yannick\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

O4 - Global Startup: C:\Users\yannick\Desktop\Super Internet TV.lnk . (.Ahusoft.) -- C:\Program Files\Super Internet TV\Super Internet TV.exe

O4 - Global Startup: C:\Users\yannick\Desktop\Virtual DJ Trial.lnk . (.Atomix Productions.) -- C:\Users\yannick\Documents\VirtualDJ\virtualdj_trial.exe

O4 - Global Startup: C:\Users\yannick\Desktop\Vision Budget pour Windows.lnk . (.Patrick Bory.) -- C:\Program Files\VBW\vbw.exe

O4 - Global Startup: C:\Users\yannick\Desktop\VSO Image Resizer 4.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer 4\Resize.exe

O4 - Global Startup: C:\Users\yannick\Desktop\WBFS Manager 3.0.lnk . (...) -- C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe

O4 - Global Startup: C:\Users\yannick\Desktop\Wii Game Manager.lnk . (...) -- C:\Program Files\Wii Game Manager\Wii Game Manager.exe

O4 - Global Startup: C:\Users\yannick\Desktop\Wild Media Server (UPnP, DLNA, HTTP).lnk . (.Evgeny Lachinov.) -- C:\Program Files\Wild Media Server\wms.exe

O4 - Global Startup: C:\Users\yannick\Desktop\WinAVI Video Capture.lnk . (.ZjSoft.) -- C:\Program Files\WinAVI Video Capture\WinCAP.exe

O4 - Global Startup: C:\Users\yannick\Desktop\XP TCPIP Repair.lnk . (.WareSoft Software.) -- C:\Program Files\XP TCPIP Repair\netrepair.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\9Giga Synchro.lnk . (.Agematis.) -- C:\Program Files\SFR\9Giga Synchro\9Giga_Synchro.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk . (.Lavasoft Limited.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bywifi accélérateur de vidéo.lnk . (.bywifi.com.) -- C:\Program Files\Bywifi\bywifi.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bywifi convertisseur de vidéo.lnk . (...) -- C:\Program Files\Bywifi\bywifidl.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Driver Checker.lnk . (...) -- C:\Program Files\Driver Checker\DriverChecker.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\EASEUS Partition Master 4.1.1 Professional Edition.lnk . (.EASEUS.) -- C:\Program Files\EASEUS\EASEUS Partition Master 4.1.1 Professional Edition\bin\epm0.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ethereal.lnk . (.The Ethereal developer community, http://ww.) -- C:\Program Files\Ethereal\ethereal.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FreeRapid 0.83u1.lnk . (.Vity.) -- E:\Mes documents\Azureus Downloads\LOGICIELS VUZE\telecharger rapidement\FreeRAPID-0.83U1\FreeRapid-0.83u1\frd.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Image Converter One.lnk . (.ashongsoft.com.) -- C:\Program Files\AshongSoft\ImageConverterOne\imgcp.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IsoBuster.lnk . (.Smart Projects.) -- C:\Program Files\Smart Projects\IsoBuster\IsoBuster.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk . (.Nero AG.) -- C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk . (.Nero AG.) -- C:\Program Files\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nokia Ovi Player.lnk . (.Macrovision Corporation.) -- C:\Windows\Installer\{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}\NewShortcut2_CDF681E133824FFDB6C41A0530C561D

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PDFCreator.lnk . (.pdfforge http://www.pdfforge.org/.) -- C:\Program Files\PDFCreator\PDFCreator.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Pinnacle Instant DVD Recorder.lnk . (.Pinnacle Systems.) -- C:\Program Files\Pinnacle\Instant DVD Recorder\D2dWizard.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk . (...) -- C:\Program Files\Samsung\Kies\Kies.exe (.not file.)

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung New PC Studio.lnk . (.Samsung Electronics Co., Ltd..) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSGuide.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vision Budget pour Windows.lnk . (.Patrick Bory.) -- C:\Program Files\VBW\vbw.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VSO Image Resizer 4.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer 4\Resize.exe

O4 - Global Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk . (.Vuze Inc..) -- C:\Program Files\Vuze\Azureus.exe

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe

O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll

 

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: Bywifi: Video Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} . (.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\Program Files\Bywifi\bywifi.exe

O9 - Extra button: Bywifi: Video Downloader - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO

O9 - Extra button: Free software Gooofull toolbar - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} . (...) -- C:\Program Files\PDF Enhancer 3.5\favicon.ico

O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (...) -- C:\Program Files\PDF Enhancer 3.5\favicon.ico

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000010\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

 

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: NameServer = 85.17.255.198,46.19.33.120

O17 - HKLM\System\CS1\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: NameServer = 85.17.255.198,46.19.33.120

O17 - HKLM\System\CS2\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: NameServer = 85.17.255.198,46.19.33.120

O17 - HKLM\System\CS3\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: NameServer = 85.17.255.198,46.19.33.120

O17 - HKLM\System\CCS\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{E929AFC9-4F03-4B91-9359-1C3C6B32D418}: DhcpNameServer = 10.69.32.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{E929AFC9-4F03-4B91-9359-1C3C6B32D418}: DhcpNameServer = 10.69.32.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{E929AFC9-4F03-4B91-9359-1C3C6B32D418}: DhcpNameServer = 10.69.32.1

O17 - HKLM\System\CS3\Services\Tcpip\..\{584F5FD2-3A8E-4F13-AFEF-CF699C1914AA}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS3\Services\Tcpip\..\{E929AFC9-4F03-4B91-9359-1C3C6B32D418}: DhcpNameServer = 10.69.32.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

 

 

 

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} . (.Cisco Systems, Inc. - Pure Service Provider DLL.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll

O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\Windows\system32\FsUsbExService.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Hotspot Shield Service (HotspotShieldService) . (...) - C:\Program Files\Hotspot Shield\bin\openvpnas.exe

O23 - Service: Hotspot Shield Monitoring Service (HssWd) . (...) - C:\Program Files\Hotspot Shield\bin\hsswd.exe

O23 - Service: Lavasoft Ad-Aware Service (Lavasoft Ad-Aware Service) . (.Lavasoft Limited - Ad-Aware Service Application.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: Pure Networks Platform Service (nmservice) . (.Cisco Systems, Inc. - Pure Networks Platform Service.) - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 196.7.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: TeamViewer 4 (TeamViewer4) . (.TeamViewer GmbH - TeamViewer Service.) - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe

O23 - Service: TeamViewer 5 (TeamViewer5) . (.TeamViewer GmbH - TeamViewer Service.) - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

O23 - Service: SAMSUNG WiseLinkPro Service (WiselinkPro) . (...) - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Ad-Aware Update (Weekly).job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys

O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\System32\DRIVERS\ehdrv.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: (PCLEPCI) . (.Pinnacle Systems GmbH - PCLEPCI.) - C:\Windows\system32\drivers\pclepci.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: (Serial) . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) - C:\Windows\System32\DRIVERS\serial.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

O42 - Logiciel: 1.2.0 - (.Pas de propriétaire.) [HKLM] -- Image Converter One_is1

O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip

O42 - Logiciel: 9Giga Synchro v2.9.2 - (.SFR.) [HKLM] -- {D9267488-4DC9-4D6B-866D-40E19A23CC04}_is1

O42 - Logiciel: ACD FotoSlate 3.0 - (.ACD Systems Ltd.) [HKLM] -- {3476D911-4FBF-4009-9013-BF82F96564C0}

O42 - Logiciel: AV301P - (.OmniVision Technologies, Inc..) [HKLM] -- {DBAA6058-4960-4A46-8E84-4D71F23F3A84}

O42 - Logiciel: AVIcodec (remove only) - (.Pas de propriétaire.) [HKLM] -- AVIcodec

O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1

O42 - Logiciel: AVS Video Converter 6 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Video Converter 6_is1

O42 - Logiciel: AVS4YOU Software Navigator 1.3 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1

O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- Ad-Aware

O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- {DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Reader 9.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A92000000001}

O42 - Logiciel: AirSnare - (.Pas de propriétaire.) [HKLM] -- AirSnare

O42 - Logiciel: Android SDK Tools - (.Google Inc..) [HKLM] -- Android SDK Tools

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}

O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}

O42 - Logiciel: Aqua Real - (.Pas de propriétaire.) [HKLM] -- {1E66C7FF-F827-4AEF-A998-932EA824998B}

O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: AutoCAD Mechanical 2011 - (.Autodesk.) [HKLM] -- AutoCAD Mechanical 2011

O42 - Logiciel: AutoCAD Mechanical 2011 - (.Autodesk.) [HKLM] -- {5783F2D7-9005-040C-0002-0060B0CE6BBA}

O42 - Logiciel: AutoCAD Mechanical 2011 Version 2 - (.Autodesk.) [HKLM] -- AutoCAD Mechanical 2011 Version 2

O42 - Logiciel: Autodesk Design Review 2011 - (.Autodesk, Inc..) [HKLM] -- Autodesk Design Review 2011

O42 - Logiciel: Autodesk Inventor View 2011 - (.Autodesk.) [HKLM] -- {76D6189D-1532-0400-0000-DFC2EE337EAC}

O42 - Logiciel: Autodesk Inventor View 2011 Français - (.Autodesk.) [HKLM] -- Autodesk Inventor View 2011

O42 - Logiciel: Autodesk Material Library 2011 - (.Autodesk.) [HKLM] -- {9DEABCB6-B759-4D52-92F8-51B34A2B4D40}

O42 - Logiciel: Autodesk Material Library 2011 Base Image library - (.Autodesk.) [HKLM] -- {CD1E078C-A6B9-47DA-B035-6365C85C7832}

O42 - Logiciel: Autodesk Vault 2011 (Client) French Language Pack - (.Autodesk, Inc..) [HKLM] -- {41EEF558-3585-4028-8DF2-B182A0CE2D69}

O42 - Logiciel: Autodesk Vault 2011 (Client) - (.Autodesk, Inc..) [HKLM] -- Autodesk Vault 2011 (Client)

O42 - Logiciel: Autodesk Vault 2011 (Client) - (.Autodesk, Inc..) [HKLM] -- {41EEF558-3585-4020-8DF2-B182A0CE2D69}

O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth

O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {8A253629-0511-4854-8B4E-46E57E66005C}

O42 - Logiciel: Bywifi 2.0.1 - (.bywifi.com.) [HKLM] -- Bywifi

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Classic Silver Drivers - (.Hercules.) [HKLM] -- {8678BD65-D66E-48BB-8531-91D0EF8998A1}

O42 - Logiciel: CyberGestion - (.Pas de propriétaire.) [HKLM] -- {C964A549-C74A-11D3-B88A-00A0C9379093}

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: DLL Borland pour Vision Budget pour Windows - (.Pas de propriétaire.) [HKLM] -- VBWDLL_is1

O42 - Logiciel: DVD de bonus Studio 10 - (.Pas de propriétaire.) [HKLM] -- {6A012D9C-2E2E-405A-B87C-E909F5297C3F}

O42 - Logiciel: DWG TrueView 2011 - (.Autodesk.) [HKLM] -- DWG TrueView 2011

O42 - Logiciel: Disk Checker - (.Pas de propriétaire.) [HKLM] -- Disk Checker

O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}

O42 - Logiciel: DivX Player - (.DivX, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9}

O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters

O42 - Logiciel: DivX Plus Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}

O42 - Logiciel: Driver Checker v2.7.4 - (.driverchecker.com, Inc..) [HKLM] -- Driver Checker_is1

O42 - Logiciel: Driver Detective - (.PC Drivers HeadQuarters.) [HKLM] -- InstallShield_{7395D650-AE5D-4D68-B8FE-D3FA6B51467F}

O42 - Logiciel: Driver Detective - (.PC Drivers HeadQuarters.) [HKLM] -- {7395D650-AE5D-4D68-B8FE-D3FA6B51467F}

O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox

O42 - Logiciel: EASEUS Partition Master 4.1.1 Professional - (.EASEUS.) [HKLM] -- EASEUS Partition Master Professional Edition_is1

O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities

O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner

O42 - Logiciel: ESET Antivirus License Finder (MiNODLogin) - (.GuillerSoft.) [HKLM] -- MiNODLogin

O42 - Logiciel: ETKA 7.2 Final - (.Pas de propriétaire.) [HKLM] -- ETKA 7.2 Final

O42 - Logiciel: Ethereal 0.99.0 - (.The Ethereal developer community, http://www.ethereal.com.) [HKLM] -- Ethereal

O42 - Logiciel: FARO LS 1.1.406.58 - (.FARO Scanner Production.) [HKLM] -- {951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}

O42 - Logiciel: FLV Player - (.Frédéric Saunier.) [HKLM] -- FLVplayer

O42 - Logiciel: Free software Gooofull toolbar - (.Abingerdale, Ltd..) [HKLM] -- TBSB07458.TBSB07458Toolbar

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}

O42 - Logiciel: Google Earth Pro - (.Google.) [HKLM] -- {9578C0CD-8108-4379-9026-4601F59859A0}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Graines de Génie Cm2 - (.Mindscape.) [HKLM] -- {5C2E07B8-3043-4CA5-9D2A-04BB4414AAA5}

O42 - Logiciel: HP USB Disk Storage Format Tool - (.Pas de propriétaire.) [HKLM] -- {0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}

O42 - Logiciel: Hercules Webcam Deluxe - (.Hercules.) [HKLM] -- {E6F043EB-FEF5-4C34-95AF-99B3EB68F7D9}

O42 - Logiciel: Hercules Webcam Station Evolution SE - (.Hercules.) [HKLM] -- {C3C44248-B8F7-4B20-A5C7-994870B60F55}

O42 - Logiciel: HotSpot_Shield_FR Toolbar - (.Pas de propriétaire.) [HKLM] -- HotSpot_Shield_FR Toolbar

O42 - Logiciel: Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2461678

O42 - Logiciel: Hotspot Shield 1.49 - (.AnchorFree.) [HKLM] -- HotspotShield

O42 - Logiciel: ImgBurn - (.LIGHTNING UK!.) [HKLM] -- ImgBurn

O42 - Logiciel: IrfanView (remove only) - (.Irfan Skiljan.) [HKLM] -- IrfanView

O42 - Logiciel: IsoBuster 1.0 - (.Smart Projects.) [HKLM] -- IsoBuster_is1

O42 - Logiciel: J2SE Runtime Environment 5.0 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150010}

O42 - Logiciel: JDownloader - (.AppWork UG (haftungsbeschränkt).) [HKLM] -- JDownloader

O42 - Logiciel: Java DB 10.6.2.1 - (.Oracle.) [HKLM] -- {73EC658D-A1C6-40CA-8E86-E05821BAACE7}

O42 - Logiciel: Java 6 Update 26 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216026FF}

O42 - Logiciel: Java SE Development Kit 6 Update 26 - (.Oracle.) [HKLM] -- {32A3A4F4-B792-11D6-A78A-00B0D0160260}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: K!TV - (.Pas de propriétaire.) [HKLM] -- K!TV

O42 - Logiciel: K-Lite Codec Pack 5.5.3 (Full) BETA - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1

O42 - Logiciel: L&H TTS3000 Français - (.Pas de propriétaire.) [HKLM] -- LHTTSFRF

O42 - Logiciel: Le Club des TrouveTout CE2, La Cité Perdue - (.Pas de propriétaire.) [HKLM] -- Le Club des TrouveTout CE2, La Cité Perdue

O42 - Logiciel: MFCDLL Shared Library - Retail Version - (.Unknown.) [HKLM] -- {51D569E2-8A28-11D2-B962-006097C4DE24}

O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}

O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSXML 3.0 - (.Microsoft Corporation.) [HKLM] -- {930E3A4D-70B7-4D0D-AF8D-0B351A9B55BE}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Macromedia Flash Player 8 - (.Macromedia.) [HKLM] -- ShockwaveFlash

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft ® C Runtime Library - (.Unknown.) [HKLM] -- {51D569E0-8A28-11D2-B962-006097C4DE24}

O42 - Logiciel: Microsoft ® C++ Runtime Library - (.Unknown.) [HKLM] -- {51D569E3-8A28-11D2-B962-006097C4DE24}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}

O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended

O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}

O42 - Logiciel: Microsoft .NET Framework 4 Extended FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {043F86B7-EE12-3399-B2CA-D0B603D87963}

O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM] -- Money2005b

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Microsoft WSE 3.0 Runtime - (.Microsoft Corp..) [HKLM] -- {E3E71D07-CD27-46CB-8448-16D4FB29AA13}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Extended FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended FRA Language Pack

O42 - Logiciel: Module linguistique d'Autodesk Inventor View 2011 - Français - (.Autodesk.) [HKLM] -- {76D6189D-1532-0400-0001-DFC2EE337EAC}

O42 - Logiciel: Mozilla Firefox 4.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0 (x86 fr)

O42 - Logiciel: MyFreeCodec - (.Pas de propriétaire.) [HKCU] -- MyFreeCodec

O42 - Logiciel: NOD123 Serial Receivers 1.1.0 - (.ZProDuCTioN.) [HKLM] -- NOD123 Serial Receivers_is1

O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo

O42 - Logiciel: Nero 8 - (.Nero AG.) [HKLM] -- {B944FA21-81AF-4A77-8328-CE4F4CC51036}

O42 - Logiciel: Network Magic - (.Cisco Systems, Inc..) [HKLM] -- Network MagicUninstall

O42 - Logiciel: Neuview Standard and Professional 6.06 - (.QO Developments.) [HKLM] -- Neuview Pro_is1

O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}

O42 - Logiciel: Nokia Ovi Player - (.Nokia Ovi Player.) [HKLM] -- {50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}

O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- Nokia Ovi Suite

O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- {B6164ADA-55DA-4FA9-B78B-A7EB741742A1}

O42 - Logiciel: Nokia Ovi Suite Software Updater - (.Nokia Corporation.) [HKLM] -- {564B16F4-6B5B-47B0-9AB6-FF2E943947F7}

O42 - Logiciel: Nokia Software Updater - (.Nokia Corporation.) [HKLM] -- {9F59C3AE-81B0-4EF6-9762-D674BB079705}

O42 - Logiciel: Nokia_Multimedia_Common_Components_2_5 - (.Nokia.) [HKLM] -- {70B31335-50EE-4834-8431-27412CDE62BD}

O42 - Logiciel: Ovi Desktop Sync Engine - (.Nokia.) [HKLM] -- {F1C3541D-5B93-4131-B440-692FBA3DD250}

O42 - Logiciel: OviMPlatform - (.Nokia.) [HKLM] -- {8D100E0C-1A5A-43AD-93EF-76F94AE61C30}

O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {DCBC91E4-B72B-4E0A-97C9-D4EF389A132A}

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: PS3 Media Server - (.Pas de propriétaire.) [HKLM] -- PS3 Media Server

O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693

O42 - Logiciel: Peer2Me - (.Peer2Me.) [HKLM] -- {C783600B-C726-4481-9BBE-06F560CF8968}

O42 - Logiciel: Pilote vidéo Pinnacle - (.Pinnacle Systems.) [HKLM] -- {6DE721A5-5E89-4D74-994C-652BB3C0672E}

O42 - Logiciel: Pinnacle Instant DVD Recorder - (.Pinnacle Systems.) [HKLM] -- {C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}

O42 - Logiciel: Pinnacle Systems USB-2 Device Drivers - (.Pinnacle Systems.) [HKLM] -- {9870C7AE-7C6A-478D-9A75-35827382220F}

O42 - Logiciel: PlayFLV - (.Pas de propriétaire.) [HKLM] -- PlayFLV

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}

O42 - Logiciel: RDesc 2.27 - (.Bllua.) [HKLM] -- {8DD0F820-3656-4AB3-A7F4-005CAA2D0897}_is1

O42 - Logiciel: Realtek Ethernet Controller Driver For Windows 7 - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}

O42 - Logiciel: Réseau France Bayo 0013-Q0 - (.Bayo.) [HKLM] -- Réseau France Bayo_is1

O42 - Logiciel: Réseau France BdAlti - (.Bayo.) [HKLM] -- Réseau France BdAlti

O42 - Logiciel: Réseau France BdNyme - (.Bayo.) [HKLM] -- Réseau France BdNyme

O42 - Logiciel: SAMSUNG PC Share Manager - (.SAMSUNG.) [HKLM] -- InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}

O42 - Logiciel: SAMSUNG PC Share Manager - (.SAMSUNG.) [HKLM] -- {2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}

O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}

O42 - Logiciel: SD Formatter - (.SDA.) [HKLM] -- {3F9FB449-93DB-4C47-BB5B-7334C4D1736E}

O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit

O42 - Logiciel: SFR - Media Center - (.SFR.) [HKLM] -- SFR_Media Center

O42 - Logiciel: SIW version 2010.03.10 - (.Topala Software Solutions.) [HKLM] -- {AB67580-257C-45FF-B8F4-C8C30682091A}_is1

O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}

O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD0DE453-0804-4495-9C91-33D0F9AA5463}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2416472) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472

O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD907315-705A-4475-A1A0-2A1245803E4D}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A0173254-F442-4D04-9154-43FA157B83D0}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}

O42 - Logiciel: Skype™ 5.3 - (.Skype Technologies S.A..) [HKLM] -- {5335DADB-34BA-4AE8-A519-648D78498846}

O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

O42 - Logiciel: Super Internet TV v8.0 (Premium Edition) - (.Ahusoft.) [HKLM] -- Super Internet TV (Premium Edition)_is1

O42 - Logiciel: TeamViewer 4 - (.TeamViewer GmbH.) [HKLM] -- TeamViewer 4

O42 - Logiciel: TeamViewer 5 - (.TeamViewer GmbH.) [HKLM] -- TeamViewer 5

O42 - Logiciel: Trojan Remover 6.8.2 - (.Simply Super Software.) [HKLM] -- Trojan Remover_is1

O42 - Logiciel: TuneUp Companion 1.7.1 - (.TuneUp Media, Inc..) [HKLM] -- TuneUpMedia

O42 - Logiciel: Unlocker 1.9.1 - (.Cedrick Collomb.) [HKLM] -- Unlocker

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228

O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}

O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1365864D-4C58-489D-9982-844D75691CCC}

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2553975) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{59D8F1FE-7B08-4F0E-840C-D1BF93D22A6C}

O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421}

O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM] -- {3921A67A-5AB1-4E48-9444-C71814CF3027}

O42 - Logiciel: VLC media player 0.9.8a - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: VSO Image Resizer 4.0.0.54 - (.VSO-Software.) [HKLM] -- {8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1

O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM] -- Veetle TV

O42 - Logiciel: Virtual DJ - Atomix Productions - (.Pas de propriétaire.) [HKLM] -- Virtual DJ - Atomix Productions

O42 - Logiciel: Vision Budget pour Windows - (.PBORY.) [HKLM] -- VBW_is1

O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}

O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01

O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM] -- 8461-7759-5462-8226

O42 - Logiciel: WBFS Manager 3.0 - (.AlexDP.) [HKLM] -- WBFS Manager 3.0

O42 - Logiciel: WebEx Support Manager for Internet Explorer - (.WebEx Communications Inc..) [HKLM] -- {C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}

O42 - Logiciel: Wii Game Manager 1.5.0.1 - (.Pas de propriétaire.) [HKCU] -- Wii Game Manager 1.5.0.1

O42 - Logiciel: Wii Media Center X 0.92 - (.Red Kawa Inc..) [HKLM] -- Wii Media Center X

O42 - Logiciel: Wild Media Server (UPnP, DLNA, HTTP) - (.Evgeny Lachinov.) [HKLM] -- WMS

O42 - Logiciel: WinAVI Video Capture 2.0 - (.ZJ Computing, Inc..) [HKLM] -- WinAVI Video Capture_is1

O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst

O42 - Logiciel: Windows Genuine Advantage Validation v1.9.40.0 Cracked V5 - (.Wocarson.) [HKLM] -- {501FD5F3-7F17-46A1-958F-B7F125DE59F1}

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}

O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

O42 - Logiciel: Windows Movie Maker 2.6 - (.Microsoft Corporation.) [HKLM] -- {B3DAF54F-DB25-4586-9EF1-96D24BB14088}

O42 - Logiciel: WorldUnlock Codes Calculator - (.Pas de propriétaire.) [HKLM] -- WorldUnlock Codes Calculator

O42 - Logiciel: XP TCP/IP Repair - (.WareSoft Software.) [HKLM] -- XP TCP/IP Repair_is1

O42 - Logiciel: Yakoo Manager - (.Yakoo Inc.) [HKLM] -- {4C897421-74CF-4111-9222-A9713A040A5C}

O42 - Logiciel: adsl TV - (.Pas de propriétaire.) [HKLM] -- adsl TV

O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule

O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {5ECB3A3C-980B-4D12-9724-25DCB07A1F47}

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

O42 - Logiciel: proDAD Heroglyph 2.5 - (.Pas de propriétaire.) [HKLM] -- proDAD-Heroglyph-2.5

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\7-Zip]

[HKCU\Software\ACD Systems]

[HKCU\Software\ACE Compression Software]

[HKCU\Software\AVS4YOU]

[HKCU\Software\Ad-Remover]

[HKCU\Software\Adobe]

[HKCU\Software\Ahead]

[HKCU\Software\Ahusoft]

[HKCU\Software\AirSnare]

[HKCU\Software\AppDataLow\Software\Autodesk]

[HKCU\Software\AppDataLow\Software\Conduit]

[HKCU\Software\AppDataLow\Software\HotSpot_Shield_FR]

[HKCU\Software\AppDataLow\Software\MarkAny]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Monitored]

[HKCU\Software\AppDataLow\Software\settings]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\Ashongsoft]

[HKCU\Software\Autodesk]

[HKCU\Software\Azureus]

[HKCU\Software\BVRP Software]

[HKCU\Software\Bayo]

[HKCU\Software\Binary Noise]

[HKCU\Software\Bywifi]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\ComodoGroup]

[HKCU\Software\Convar]

[HKCU\Software\CoreVorbis]

[HKCU\Software\Cygnus Solutions]

[HKCU\Software\Cygwin]

[HKCU\Software\Digital River]

[HKCU\Software\DivXNetworks]

[HKCU\Software\DivX]

[HKCU\Software\Driver Checker]

[HKCU\Software\EASEUS]

[HKCU\Software\EPSON]

[HKCU\Software\ESET]

[HKCU\Software\Earth Resource Mapping]

[HKCU\Software\EasyBits]

[HKCU\Software\Far]

[HKCU\Software\Freeware]

[HKCU\Software\GNU]

[HKCU\Software\GSpot Appliance Corp]

[HKCU\Software\Gabest]

[HKCU\Software\Ghisler]

[HKCU\Software\Google]

[HKCU\Software\Haali]

[HKCU\Software\Headlight]

[HKCU\Software\Hercules]

[HKCU\Software\HotspotShield]

[HKCU\Software\IM Providers]

[HKCU\Software\ImgBurn]

[HKCU\Software\JEDI-VCL]

[HKCU\Software\JavaSoft]

[HKCU\Software\Lavasoft]

[HKCU\Software\Licenses]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\MONOGRAM]

[HKCU\Software\Macromedia]

[HKCU\Software\Magix]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MediaInfo]

[HKCU\Software\Mindscape]

[HKCU\Software\Mirabilis]

[HKCU\Software\Mobileleader]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\Myfree Codec]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Neuf]

[HKCU\Software\Nokia]

[HKCU\Software\Nseries]

[HKCU\Software\ODBC]

[HKCU\Software\PBORY]

[HKCU\Software\PDFCreator]

[HKCU\Software\PS3 Media Server]

[HKCU\Software\Peer2Me]

[HKCU\Software\Photodex]

[HKCU\Software\Pinnacle Systems]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Protexis]

[HKCU\Software\Pure Networks]

[HKCU\Software\QO Developments]

[HKCU\Software\RIT]

[HKCU\Software\SFR]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\Samsung]

[HKCU\Software\Siemens]

[HKCU\Software\Simply Super Software]

[HKCU\Software\SkypeApps]

[HKCU\Software\Skype]

[HKCU\Software\Smart Projects]

[HKCU\Software\SoftVTU]

[HKCU\Software\Softonic]

[HKCU\Software\Software]

[HKCU\Software\Sysinternals]

[HKCU\Software\TeamViewer]

[HKCU\Software\Trolltech]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VOB]

[HKCU\Software\VSO]

[HKCU\Software\Veetle]

[HKCU\Software\VictimeFUD]

[HKCU\Software\VirtualDJ]

[HKCU\Software\VirtualDub.org]

[HKCU\Software\WBFSGUI]

[HKCU\Software\WIISCRUBBER]

[HKCU\Software\WMS]

[HKCU\Software\Warelex]

[HKCU\Software\WideStream]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Xara]

[HKCU\Software\Xobni]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\ZjSoft]

[HKCU\Software\cacaoweb]

[HKCU\Software\eMule]

[HKCU\Software\ej-technologies]

[HKCU\Software\madFlac]

[HKCU\Software\mozilla.org]

[HKCU\Software\new]

[HKCU\Software\owned]

[HKCU\Software\unpacker]

[HKLM\Software\ACD Systems]

[HKLM\Software\ATI Technologies]

[HKLM\Software\AVS4YOU]

[HKLM\Software\Acorn]

[HKLM\Software\Adobe]

[HKLM\Software\Ahead]

[HKLM\Software\Aladdin Knowledge Systems]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\Audible]

[HKLM\Software\Autodesk]

[HKLM\Software\Azureus]

[HKLM\Software\BVRP Software]

[HKLM\Software\Bayo]

[HKLM\Software\Boris FX, Inc.]

[HKLM\Software\Borland]

[HKLM\Software\Caphyon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Codec Tweak Tool]

[HKLM\Software\Cygnus Solutions]

[HKLM\Software\Cygwin]

[HKLM\Software\DVC150]

[HKLM\Software\DivXNetworks]

[HKLM\Software\DivX]

[HKLM\Software\EPSON]

[HKLM\Software\ESET]

[HKLM\Software\Euro Information]

[HKLM\Software\Formosoft]

[HKLM\Software\GEAR Software]

[HKLM\Software\GNU]

[HKLM\Software\Gabest]

[HKLM\Software\Ghisler]

[HKLM\Software\Google]

[HKLM\Software\HPQ]

[HKLM\Software\HaaliMkx]

[HKLM\Software\Hercules Technologies]

[HKLM\Software\Hercules]

[HKLM\Software\Hewlett-Packard Company]

[HKLM\Software\HotSpot_Shield_FR]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\InterVideo]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\KLCodecPack]

[HKLM\Software\Kaydara]

[HKLM\Software\Khronos]

[HKLM\Software\L&H]

[HKLM\Software\Lavasoft]

[HKLM\Software\Licenses]

[HKLM\Software\MCCI]

[HKLM\Software\Macromedia]

[HKLM\Software\Macrovision]

[HKLM\Software\Magix]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MarkAny]

[HKLM\Software\MimarSinan]

[HKLM\Software\Mindscape]

[HKLM\Software\Mirabilis]

[HKLM\Software\MovieBox USB]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\Nero]

[HKLM\Software\Neuf]

[HKLM\Software\Nokia Mobile Phones]

[HKLM\Software\Nokia]

[HKLM\Software\ODBC]

[HKLM\Software\OMSI]

[HKLM\Software\OVTUsbCamera]

[HKLM\Software\OmniVision]

[HKLM\Software\PBORY]

[HKLM\Software\PC Connectivity Solution]

[HKLM\Software\PCSuite]

[HKLM\Software\PDFCreator]

[HKLM\Software\PegasusImaging]

[HKLM\Software\Pinnacle Systems]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Protexis]

[HKLM\Software\Pure Networks]

[HKLM\Software\RDesc]

[HKLM\Software\RS Software Lab]

[HKLM\Software\RTLSetup]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Samsung]

[HKLM\Software\Simply Super Software]

[HKLM\Software\Skype]

[HKLM\Software\Sonic]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\Swearware]

[HKLM\Software\Symantec]

[HKLM\Software\TeamViewer]

[HKLM\Software\Tekool]

[HKLM\Software\The Learning Company]

[HKLM\Software\Thraex Software]

[HKLM\Software\Topala Software Solutions]

[HKLM\Software\TrendMicro]

[HKLM\Software\UlisesSoft]

[HKLM\Software\VSO]

[HKLM\Software\Veetle]

[HKLM\Software\VideoLAN]

[HKLM\Software\VirtualDJ]

[HKLM\Software\Voice]

[HKLM\Software\Volatile]

[HKLM\Software\WebEx]

[HKLM\Software\WinPcap]

[HKLM\Software\WinRAR]

[HKLM\Software\Wocarson]

[HKLM\Software\Wow6432Node]

[HKLM\Software\Xara]

[HKLM\Software\ej-technologies]

[HKLM\Software\mozilla.org]

[HKLM\Software\proDAD]

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 22/11/2010 - 12:23:16 - [3079667] ----D- C:\Program Files\7-Zip

O43 - CFD: 28/02/2010 - 18:58:54 - [3928922] ----D- C:\Program Files\ACD Systems

O43 - CFD: 27/06/2011 - 11:19:22 - [124639998] ----D- C:\Program Files\Ad-Remover

O43 - CFD: 28/02/2010 - 18:59:02 - [241672417] ----D- C:\Program Files\Adobe

O43 - CFD: 28/02/2010 - 18:59:56 - [197632603] ----D- C:\Program Files\AdorageI-GfxDatas

O43 - CFD: 28/02/2010 - 18:59:56 - [2623436] ----D- C:\Program Files\AdorageI-SAL

O43 - CFD: 28/02/2010 - 19:00:02 - [83015707] ----D- C:\Program Files\adslTV

O43 - CFD: 05/05/2011 - 22:17:02 - [16127782] ----D- C:\Program Files\AirSnare

O43 - CFD: 20/07/2011 - 22:48:14 - [1942157421] ----D- C:\Program Files\Android

O43 - CFD: 01/04/2010 - 22:18:50 - [2306366] ----D- C:\Program Files\Apple Software Update

O43 - CFD: 20/09/2010 - 14:13:04 - [2267423] ----D- C:\Program Files\AshongSoft

O43 - CFD: 05/04/2011 - 21:39:12 - [2903234801] ----D- C:\Program Files\Autodesk

O43 - CFD: 28/02/2010 - 19:00:02 - [613826] ----D- C:\Program Files\AVIcodec

O43 - CFD: 31/12/2010 - 13:39:46 - [1279052] ----D- C:\Program Files\AviSynth 2.5

O43 - CFD: 02/04/2010 - 12:41:24 - [62870771] ----D- C:\Program Files\AVS4YOU

O43 - CFD: 16/02/2011 - 15:59:14 - [297372000] ----D- C:\Program Files\Bayo

O43 - CFD: 16/05/2010 - 18:05:10 - [600090] ----D- C:\Program Files\Bonjour

O43 - CFD: 26/03/2010 - 20:51:50 - [354581] ----D- C:\Program Files\Boris FX, Inc

O43 - CFD: 28/02/2010 - 19:00:02 - [400280] ----D- C:\Program Files\BVRP Software

O43 - CFD: 05/05/2010 - 13:11:06 - [21039875] ----D- C:\Program Files\Bywifi

O43 - CFD: 31/12/2010 - 15:21:54 - [3514104] ----D- C:\Program Files\CCleaner

O43 - CFD: 20/07/2011 - 21:49:58 - [1695810659] ----D- C:\Program Files\Common Files

O43 - CFD: 27/03/2010 - 01:11:32 - [0] ----D- C:\Program Files\COMODO

O43 - CFD: 15/03/2011 - 11:25:54 - [7202991] ----D- C:\Program Files\Convar

O43 - CFD: 11/01/2011 - 21:42:58 - [4582004] ----D- C:\Program Files\CyberMUT

O43 - CFD: 28/02/2010 - 19:00:16 - [800824] ----D- C:\Program Files\DIFX

O43 - CFD: 10/06/2011 - 14:20:48 - [1546094] ----D- C:\Program Files\Disk Checker

O43 - CFD: 21/11/2010 - 21:17:24 - [30748184] ----D- C:\Program Files\DivX

O43 - CFD: 23/03/2010 - 18:04:48 - [16] ----D- C:\Program Files\DMV

O43 - CFD: 23/04/2010 - 10:36:18 - [69824090] ----D- C:\Program Files\Driver Checker

O43 - CFD: 02/07/2011 - 12:55:24 - [83226644] ----D- C:\Program Files\DVD Maker

O43 - CFD: 21/10/2010 - 09:24:06 - [69540284] ----D- C:\Program Files\EASEUS

O43 - CFD: 01/05/2010 - 14:35:54 - [10906334] ----D- C:\Program Files\eMule

O43 - CFD: 07/06/2010 - 14:25:02 - [5596027] ----D- C:\Program Files\EPSON

O43 - CFD: 28/06/2011 - 09:58:46 - [53693203] ----D- C:\Program Files\ESET

O43 - CFD: 05/05/2011 - 22:18:30 - [54778177] ----D- C:\Program Files\Ethereal

O43 - CFD: 28/02/2010 - 19:00:16 - [10020691] ----D- C:\Program Files\ffdshow

O43 - CFD: 28/02/2010 - 19:26:30 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 28/02/2010 - 19:00:16 - [865238] ----D- C:\Program Files\FLV Player

O43 - CFD: 23/03/2010 - 18:07:36 - [4574753] ----D- C:\Program Files\Formosoft

O43 - CFD: 18/04/2011 - 17:41:12 - [965933315] ----D- C:\Program Files\GdgFRCM2

O43 - CFD: 02/01/2011 - 14:32:02 - [65163996] ----D- C:\Program Files\Google

O43 - CFD: 28/02/2010 - 20:24:34 - [72788197] ----D- C:\Program Files\Hercules

O43 - CFD: 15/08/2010 - 23:42:58 - [9681892] ----D- C:\Program Files\Hotspot Shield

O43 - CFD: 26/09/2010 - 18:43:00 - [5458785] ----D- C:\Program Files\HotSpot_Shield_FR

O43 - CFD: 28/02/2010 - 19:00:18 - [2409916] ----D- C:\Program Files\ImgBurn

O43 - CFD: 27/07/2011 - 17:59:26 - [96834815] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 02/07/2011 - 12:55:24 - [5898945] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 16/05/2010 - 18:09:46 - [1582707] ----D- C:\Program Files\iPod

O43 - CFD: 18/05/2011 - 11:35:58 - [1677566] ----D- C:\Program Files\IrfanView

O43 - CFD: 11/09/2010 - 09:08:02 - [127383063] ----D- C:\Program Files\iTunes

O43 - CFD: 20/07/2011 - 22:45:44 - [349202815] ----D- C:\Program Files\Java

O43 - CFD: 28/02/2010 - 19:00:36 - [51605484] ----D- C:\Program Files\JDownloader

O43 - CFD: 28/02/2010 - 19:00:36 - [306461897] ----D- C:\Program Files\K!TV

O43 - CFD: 28/02/2010 - 19:00:38 - [47509935] ----D- C:\Program Files\K-Lite Codec Pack

O43 - CFD: 20/07/2011 - 10:57:58 - [99191513] ----D- C:\Program Files\Lavasoft

O43 - CFD: 30/12/2010 - 20:05:14 - [33859208] ----D- C:\Program Files\MAGIX

O43 - CFD: 02/03/2010 - 00:13:56 - [4187112] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 19/07/2010 - 18:05:48 - [2530872] ----D- C:\Program Files\MarkAny

O43 - CFD: 14/07/2009 - 11:01:22 - [147813426] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 16/02/2011 - 15:31:16 - [73541575] ----D- C:\Program Files\Microsoft Money 2005

O43 - CFD: 02/07/2011 - 12:40:50 - [585436399] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 16/06/2011 - 13:31:32 - [38411899] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 28/02/2010 - 19:01:06 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 08/03/2010 - 23:58:22 - [14904] ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD: 08/03/2010 - 23:55:30 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8

O43 - CFD: 09/03/2010 - 11:37:46 - [3726168] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 05/04/2011 - 21:34:22 - [979309] ----D- C:\Program Files\Microsoft WSE

O43 - CFD: 25/06/2010 - 17:59:22 - [8175999] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 29/03/2010 - 19:25:46 - [3346036] ----D- C:\Program Files\Mindscape

O43 - CFD: 06/07/2009 - 14:52:32 - [0] ----D- C:\Program Files\Mobiola Web Camera 2 for S60 3rd Edition

O43 - CFD: 10/03/2010 - 13:06:34 - [9338826] ----D- C:\Program Files\Movie Maker 2.6

O43 - CFD: 27/06/2011 - 12:04:42 - [174937570] ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 08/03/2010 - 23:58:32 - [26521] ----D- C:\Program Files\MSBuild

O43 - CFD: 01/03/2010 - 10:50:42 - [0] ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 21/07/2010 - 15:41:04 - [10980822] ----D- C:\Program Files\MyFree Codec

O43 - CFD: 16/02/2011 - 16:01:28 - [658223] ----D- C:\Program Files\Navirad

O43 - CFD: 16/02/2011 - 16:01:22 - [658223] ----D- C:\Program Files\Navirad_UserTool

O43 - CFD: 27/11/2010 - 19:28:34 - [425851276] ----D- C:\Program Files\Nero

O43 - CFD: 16/02/2011 - 16:01:08 - [78202794] ----D- C:\Program Files\Nokia

O43 - CFD: 02/03/2010 - 20:28:32 - [64035497] ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD: 23/07/2011 - 10:04:54 - [0] ----D- C:\Program Files\PC Connectivity Solution

O43 - CFD: 25/04/2010 - 19:27:02 - [5196198] ----D- C:\Program Files\PC Drivers HeadQuarters

O43 - CFD: 21/07/2011 - 21:20:02 - [0] ----D- C:\Program Files\PdaNet 4.12

O43 - CFD: 21/07/2011 - 21:20:30 - [3148090] ----D- C:\Program Files\PdaNet for Android

O43 - CFD: 05/05/2011 - 05:12:24 - [16144860] ----D- C:\Program Files\PDF Enhancer 3.5

O43 - CFD: 28/09/2010 - 11:15:52 - [10863970] ----D- C:\Program Files\PDFCreator

O43 - CFD: 28/02/2010 - 19:01:20 - [710051] ----D- C:\Program Files\Peer2Me

O43 - CFD: 03/05/2010 - 10:02:22 - [5739669472] ----D- C:\Program Files\Pinnacle

O43 - CFD: 28/02/2010 - 19:02:12 - [450452] ----D- C:\Program Files\PlayFLV

O43 - CFD: 26/03/2010 - 16:36:16 - [72323617] ----D- C:\Program Files\proDAD

O43 - CFD: 05/04/2011 - 22:45:08 - [92230903] ----D- C:\Program Files\PS3 Media Server

O43 - CFD: 28/02/2010 - 19:02:22 - [48746834] ----D- C:\Program Files\Pure Networks

O43 - CFD: 12/03/2010 - 11:35:50 - [21664725] ----D- C:\Program Files\QO Developments

O43 - CFD: 25/04/2011 - 10:29:56 - [76482299] ----D- C:\Program Files\QuickTime

O43 - CFD: 23/04/2010 - 11:58:44 - [10414706] ----D- C:\Program Files\Realtek

O43 - CFD: 28/02/2010 - 19:02:24 - [7674692] ----D- C:\Program Files\Red Kawa

O43 - CFD: 14/07/2009 - 06:52:32 - [39159041] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 27/07/2011 - 18:12:14 - [368592215] ----D- C:\Program Files\Samsung

O43 - CFD: 28/02/2011 - 17:41:56 - [1167360] ----D- C:\Program Files\SDA

O43 - CFD: 20/05/2011 - 10:28:48 - [33648329] ----D- C:\Program Files\SFR

O43 - CFD: 26/03/2010 - 23:50:00 - [2626530] ----D- C:\Program Files\SIW

O43 - CFD: 15/05/2011 - 19:10:12 - [26785407] R---D- C:\Program Files\Skype

O43 - CFD: 13/11/2010 - 11:18:16 - [3378419] ----D- C:\Program Files\Smart Projects

O43 - CFD: 30/12/2010 - 20:10:18 - [0] ----D- C:\Program Files\Softonic_France

O43 - CFD: 17/06/2011 - 15:03:02 - [54881929] ----D- C:\Program Files\Spybot - Search & Destroy

O43 - CFD: 20/07/2011 - 22:46:26 - [28627757] ----D- C:\Program Files\Sun

O43 - CFD: 12/04/2010 - 14:09:06 - [39862607] ----D- C:\Program Files\Super Internet TV

O43 - CFD: 28/02/2010 - 19:02:26 - [12951624] ----D- C:\Program Files\TeamViewer

O43 - CFD: 10/04/2011 - 17:07:32 - [804318] ----D- C:\Program Files\trend micro

O43 - CFD: 11/06/2011 - 09:01:22 - [9727596] ----D- C:\Program Files\Trojan Remover

O43 - CFD: 11/09/2010 - 09:08:02 - [32594454] ----D- C:\Program Files\TuneUpMedia

O43 - CFD: 20/07/2011 - 11:22:50 - [0] ----D- C:\Program Files\UlisesSoft

O43 - CFD: 14/07/2009 - 06:53:24 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 03/06/2011 - 19:42:14 - [231967] ----D- C:\Program Files\Unlocker

O43 - CFD: 06/06/2011 - 23:10:04 - [5249722] ----D- C:\Program Files\VBW

O43 - CFD: 05/04/2011 - 11:21:06 - [10428379] ----D- C:\Program Files\Veetle

O43 - CFD: 31/05/2010 - 18:03:14 - [17595405] ----D- C:\Program Files\VirtualDJ

O43 - CFD: 29/08/2010 - 20:39:24 - [30585697] ----D- C:\Program Files\VSO

O43 - CFD: 05/04/2011 - 10:35:14 - [68324857] ----D- C:\Program Files\Vuze

O43 - CFD: 28/02/2010 - 19:02:28 - [3613615] ----D- C:\Program Files\WBFS

O43 - CFD: 03/01/2011 - 15:35:26 - [20133465] ----D- C:\Program Files\Wii Game Manager

O43 - CFD: 31/12/2010 - 12:43:26 - [41682274] R---D- C:\Program Files\Wild Media Server

O43 - CFD: 28/02/2010 - 19:02:28 - [3042638] ----D- C:\Program Files\WinAVI Video Capture

O43 - CFD: 02/07/2011 - 12:55:20 - [3050496] ----D- C:\Program Files\Windows Defender

O43 - CFD: 02/07/2011 - 12:55:24 - [7013496] ----D- C:\Program Files\Windows Journal

O43 - CFD: 17/05/2011 - 23:00:54 - [146141816] ----D- C:\Program Files\Windows Live

O43 - CFD: 02/07/2011 - 12:55:24 - [6181376] ----D- C:\Program Files\Windows Mail

O43 - CFD: 02/07/2011 - 12:55:24 - [6604034] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 28/02/2010 - 19:26:30 - [12197556] ----D- C:\Program Files\Windows NT

O43 - CFD: 02/07/2011 - 12:55:22 - [4417800] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 02/07/2011 - 12:55:24 - [189952] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 02/07/2011 - 12:55:24 - [6697786] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 05/05/2011 - 22:19:34 - [237572] ----D- C:\Program Files\WinPcap

O43 - CFD: 28/02/2010 - 19:02:32 - [3525785] ----D- C:\Program Files\WinRAR

O43 - CFD: 21/02/2011 - 13:06:44 - [735641] ----D- C:\Program Files\WorldUnlock Codes Calculator

O43 - CFD: 27/03/2010 - 00:13:12 - [952027] ----D- C:\Program Files\XP TCPIP Repair

O43 - CFD: 16/05/2011 - 11:35:14 - [4404809] ----D- C:\Program Files\Yakoo Manager

O43 - CFD: 27/07/2011 - 18:22:16 - [3933486] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 18/08/2010 - 11:48:30 - [1044974] ----D- C:\Program Files\ZProDuCTioN

O43 - CFD: 28/02/2010 - 19:00:04 - [7030206] ----D- C:\Program Files\Common Files\ACD Systems

O43 - CFD: 28/02/2010 - 19:00:04 - [6280934] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 16/05/2010 - 18:09:46 - [111126976] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 05/04/2011 - 21:36:58 - [553804516] ----D- C:\Program Files\Common Files\Autodesk Shared

O43 - CFD: 02/04/2010 - 12:40:40 - [66720720] ----D- C:\Program Files\Common Files\AVSMedia

O43 - CFD: 08/03/2010 - 23:58:22 - [92976] ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 12/03/2010 - 22:17:16 - [8058588] ----D- C:\Program Files\Common Files\DivX Shared

O43 - CFD: 06/10/2010 - 13:49:04 - [7771989] ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 27/06/2011 - 10:56:42 - [27202495] ----D- C:\Program Files\Common Files\Java

O43 - CFD: 20/07/2011 - 21:49:58 - [114688] ----D- C:\Program Files\Common Files\JFTech

O43 - CFD: 05/04/2011 - 21:28:50 - [1045491] ----D- C:\Program Files\Common Files\Macrovision Shared

O43 - CFD: 16/04/2010 - 19:04:50 - [889967] ----D- C:\Program Files\Common Files\MAGIX Services

O43 - CFD: 26/03/2010 - 15:19:10 - [7715099] ----D- C:\Program Files\Common Files\MAGIX Shared

O43 - CFD: 17/05/2011 - 22:55:58 - [259960376] ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 27/11/2010 - 19:30:04 - [135082248] ----D- C:\Program Files\Common Files\Nero

O43 - CFD: 28/02/2010 - 19:00:12 - [90350906] ----D- C:\Program Files\Common Files\Nokia

O43 - CFD: 03/05/2010 - 10:24:44 - [3385947] ----D- C:\Program Files\Common Files\Pinnacle

O43 - CFD: 28/02/2010 - 19:00:12 - [39662567] ----D- C:\Program Files\Common Files\Pure Networks Shared

O43 - CFD: 12/03/2010 - 22:17:44 - [3926944] ----D- C:\Program Files\Common Files\PX Storage Engine

O43 - CFD: 23/07/2011 - 09:54:36 - [318389] ----D- C:\Program Files\Common Files\Samsung

O43 - CFD: 14/07/2009 - 04:37:06 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 15/05/2011 - 19:09:54 - [2254216] ----D- C:\Program Files\Common Files\Skype

O43 - CFD: 14/07/2009 - 04:37:06 - [41103783] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 18/04/2010 - 18:36:26 - [0] ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD: 09/03/2010 - 11:36:18 - [44307943] ----D- C:\Program Files\Common Files\System

O43 - CFD: 28/02/2010 - 19:00:14 - [275764473] ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 17/04/2010 - 02:59:12 - [1835520] ----D- C:\Program Files\Common Files\xara

O43 - CFD: 28/02/2010 - 19:02:32 - [26342] ----D- C:\ProgramData\ACD Systems

O43 - CFD: 28/02/2010 - 19:02:32 - [78970619] ----D- C:\ProgramData\Adobe

O43 - CFD: 19/07/2010 - 17:09:44 - [28] ----D- C:\ProgramData\animationEngine

O43 - CFD: 19/03/2010 - 16:59:38 - [83518976] ----D- C:\ProgramData\Apple

O43 - CFD: 19/03/2010 - 17:23:58 - [84844261] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 05/04/2011 - 21:42:04 - [4001761] ----D- C:\ProgramData\Autodesk

O43 - CFD: 02/04/2010 - 11:30:12 - [0] ----D- C:\ProgramData\AVS4YOU

O43 - CFD: 28/02/2010 - 19:02:32 - [20] ----D- C:\ProgramData\Azureus

O43 - CFD: 28/02/2010 - 19:26:30 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 21/10/2010 - 10:44:04 - [219782] ----D- C:\ProgramData\DivX

O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 01/05/2010 - 14:36:12 - [0] ----D- C:\ProgramData\eMule

O43 - CFD: 28/02/2010 - 19:02:32 - [166466] ----D- C:\ProgramData\EPSON

O43 - CFD: 28/02/2010 - 19:02:32 - [236034218] ----D- C:\ProgramData\ESET

O43 - CFD: 28/02/2010 - 19:26:30 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 05/04/2011 - 22:05:02 - [51205] ----D- C:\ProgramData\FLEXnet

O43 - CFD: 05/07/2010 - 20:36:12 - [539844] ----D- C:\ProgramData\Google

O43 - CFD: 28/02/2010 - 19:02:34 - [3166] ----D- C:\ProgramData\Installations

O43 - CFD: 20/07/2011 - 11:07:40 - [407961646] ----D- C:\ProgramData\Lavasoft

O43 - CFD: 30/12/2010 - 20:04:46 - [5895042] ----D- C:\ProgramData\MAGIX

O43 - CFD: 02/03/2010 - 00:11:32 - [8810490] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 28/02/2010 - 19:26:30 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 17/05/2011 - 22:56:42 - [1963479431] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 14/07/2011 - 01:20:32 - [64194] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 28/02/2010 - 19:26:30 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 27/11/2010 - 19:28:34 - [5129316] ----D- C:\ProgramData\Nero

O43 - CFD: 28/02/2010 - 19:02:46 - [137032916] ----D- C:\ProgramData\Nokia

O43 - CFD: 28/02/2010 - 19:02:46 - [42852352] ----D- C:\ProgramData\NokiaMusic

O43 - CFD: 18/04/2010 - 18:53:46 - [155] ----D- C:\ProgramData\Norton

O43 - CFD: 16/04/2010 - 15:55:36 - [180901] ----D- C:\ProgramData\NortonInstaller

O43 - CFD: 02/03/2010 - 20:29:40 - [2243565] ----D- C:\ProgramData\NVIDIA

O43 - CFD: 28/02/2010 - 19:02:46 - [465501744] ----D- C:\ProgramData\OviInstallerCache

O43 - CFD: 25/04/2010 - 19:27:02 - [7350] ----D- C:\ProgramData\PC Drivers HeadQuarters

O43 - CFD: 28/02/2010 - 19:02:48 - [241395] ----D- C:\ProgramData\PC Suite

O43 - CFD: 03/05/2010 - 10:23:10 - [177106345] ----D- C:\ProgramData\Pinnacle

O43 - CFD: 28/02/2010 - 19:02:50 - [26436647] ----D- C:\ProgramData\Pinnacle Studio

O43 - CFD: 03/05/2010 - 10:23:40 - [76736] ----D- C:\ProgramData\Pinnacle Studio Ultimate

O43 - CFD: 28/02/2010 - 19:02:50 - [245202017] ----D- C:\ProgramData\Pure Networks

O43 - CFD: 28/02/2010 - 19:02:50 - [10299] ----D- C:\ProgramData\QuickTime

O43 - CFD: 23/07/2011 - 10:06:02 - [3673455] ----D- C:\ProgramData\Samsung

O43 - CFD: 20/05/2011 - 10:28:54 - [24] ----D- C:\ProgramData\SFR

O43 - CFD: 11/06/2011 - 09:01:16 - [7513077] ----D- C:\ProgramData\Simply Super Software

O43 - CFD: 15/05/2011 - 19:09:50 - [68820617] ----D- C:\ProgramData\Skype

O43 - CFD: 20/06/2011 - 10:39:26 - [9920498] ----D- C:\ProgramData\Skype Extras

O43 - CFD: 19/07/2011 - 22:47:36 - [100995376] ----D- C:\ProgramData\Spybot - Search & Destroy

O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 27/10/2010 - 13:59:26 - [294] ----D- C:\ProgramData\Sun

O43 - CFD: 18/04/2010 - 18:53:44 - [155] ----D- C:\ProgramData\Symantec

O43 - CFD: 27/06/2011 - 11:04:28 - [0] ---AD- C:\ProgramData\TEMP

O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 11/09/2010 - 09:08:02 - [104855] ----D- C:\ProgramData\TuneUpMedia

O43 - CFD: 28/02/2010 - 19:02:54 - [26483325] ----D- C:\ProgramData\webex

O43 - CFD: 31/12/2010 - 12:47:36 - [63736] ----D- C:\ProgramData\Wild Media Server

O43 - CFD: 05/05/2011 - 23:15:24 - [140764] ----D- C:\ProgramData\WindSolutions

O43 - CFD: 20/07/2011 - 10:58:18 - [27050867] --H-D- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}

O43 - CFD: 01/04/2010 - 22:23:46 - [541235] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

O43 - CFD: 19/03/2010 - 17:24:36 - [5062] ----D- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}

O43 - CFD: 28/02/2010 - 19:10:36 - [45230567] ----D- C:\Users\yannick\AppData\Roaming\ACD Systems

O43 - CFD: 28/02/2010 - 19:10:36 - [7249010] ----D- C:\Users\yannick\AppData\Roaming\Adobe

O43 - CFD: 19/03/2010 - 17:47:38 - [177772] ----D- C:\Users\yannick\AppData\Roaming\Apple Computer

O43 - CFD: 05/04/2011 - 22:14:10 - [9396832] ----D- C:\Users\yannick\AppData\Roaming\Autodesk

O43 - CFD: 02/04/2010 - 13:05:28 - [69359] ----D- C:\Users\yannick\AppData\Roaming\AVS4YOU

O43 - CFD: 19/07/2011 - 22:47:32 - [39645224] ----D- C:\Users\yannick\AppData\Roaming\Azureus

O43 - CFD: 21/10/2010 - 10:23:02 - [16440] ----D- C:\Users\yannick\AppData\Roaming\DivX

O43 - CFD: 02/03/2010 - 19:25:08 - [23918] ----D- C:\Users\yannick\AppData\Roaming\Download Manager

O43 - CFD: 27/07/2011 - 18:04:06 - [30167669] ----D- C:\Users\yannick\AppData\Roaming\Dropbox

O43 - CFD: 30/06/2011 - 10:15:08 - [199] ----D- C:\Users\yannick\AppData\Roaming\dvdcss

O43 - CFD: 05/06/2011 - 21:54:28 - [478434] ----D- C:\Users\yannick\AppData\Roaming\EPSON

O43 - CFD: 05/05/2011 - 22:19:24 - [2064] ----D- C:\Users\yannick\AppData\Roaming\Ethereal

O43 - CFD: 09/05/2011 - 14:10:08 - [2113] ----D- C:\Users\yannick\AppData\Roaming\GetRightToGo

O43 - CFD: 05/07/2010 - 20:38:10 - [34529] ----D- C:\Users\yannick\AppData\Roaming\Google

O43 - CFD: 28/02/2010 - 19:42:06 - [0] ----D- C:\Users\yannick\AppData\Roaming\Identities

O43 - CFD: 28/02/2010 - 19:10:40 - [1557327] ----D- C:\Users\yannick\AppData\Roaming\ImgBurn

O43 - CFD: 28/02/2010 - 19:10:40 - [0] ----D- C:\Users\yannick\AppData\Roaming\InstallShield

O43 - CFD: 18/05/2011 - 11:35:58 - [837] ----D- C:\Users\yannick\AppData\Roaming\IrfanView

O43 - CFD: 28/02/2010 - 19:10:40 - [8932] ----D- C:\Users\yannick\AppData\Roaming\Macromedia

O43 - CFD: 17/04/2010 - 02:59:36 - [17441] ----D- C:\Users\yannick\AppData\Roaming\MAGIX

O43 - CFD: 02/03/2010 - 00:11:54 - [14723827] ----D- C:\Users\yannick\AppData\Roaming\Malwarebytes

O43 - CFD: 23/03/2010 - 18:06:46 - [4271019] ----D- C:\Users\yannick\AppData\Roaming\MaxTV Technologies

O43 - CFD: 14/07/2009 - 11:00:34 - [0] ----D- C:\Users\yannick\AppData\Roaming\Media Center Programs

O43 - CFD: 03/06/2011 - 20:28:28 - [0] ----D- C:\Users\yannick\AppData\Roaming\Media Player Classic

O43 - CFD: 18/01/2011 - 14:22:14 - [85810961] -S--D- C:\Users\yannick\AppData\Roaming\Microsoft

O43 - CFD: 05/05/2011 - 05:01:34 - [0] ----D- C:\Users\yannick\AppData\Roaming\Microsoft-Win

O43 - CFD: 03/10/2010 - 15:07:10 - [123737813] ----D- C:\Users\yannick\AppData\Roaming\Mozilla

O43 - CFD: 27/11/2010 - 19:36:12 - [89418] ----D- C:\Users\yannick\AppData\Roaming\Nero

O43 - CFD: 28/02/2010 - 19:10:56 - [70340889] ----D- C:\Users\yannick\AppData\Roaming\Nokia

O43 - CFD: 28/02/2010 - 19:10:56 - [28306] ----D- C:\Users\yannick\AppData\Roaming\Nokia Ovi Suite

O43 - CFD: 28/02/2010 - 19:10:56 - [10569977] ----D- C:\Users\yannick\AppData\Roaming\PC Suite

O43 - CFD: 28/09/2010 - 11:02:16 - [3136] ----D- C:\Users\yannick\AppData\Roaming\PlayerPlug

O43 - CFD: 01/04/2011 - 20:55:24 - [2116432] ----D- C:\Users\yannick\AppData\Roaming\PMS

O43 - CFD: 22/04/2010 - 23:24:40 - [43971] ----D- C:\Users\yannick\AppData\Roaming\Pouchin TV Mod

O43 - CFD: 26/03/2010 - 20:54:50 - [0] ----D- C:\Users\yannick\AppData\Roaming\proDAD

O43 - CFD: 28/09/2010 - 11:02:16 - [15821] ----D- C:\Users\yannick\AppData\Roaming\PropMgrAsync

O43 - CFD: 23/07/2011 - 10:05:38 - [16563444] ----D- C:\Users\yannick\AppData\Roaming\Samsung

O43 - CFD: 11/06/2011 - 09:01:16 - [0] ----D- C:\Users\yannick\AppData\Roaming\Simply Super Software

O43 - CFD: 20/06/2011 - 18:28:06 - [4906787] ----D- C:\Users\yannick\AppData\Roaming\Skype

O43 - CFD: 20/06/2011 - 16:09:26 - [21600] ----D- C:\Users\yannick\AppData\Roaming\skypePM

O43 - CFD: 28/02/2010 - 19:10:58 - [800] ----D- C:\Users\yannick\AppData\Roaming\TeamViewer

O43 - CFD: 05/05/2011 - 23:03:50 - [626] ----D- C:\Users\yannick\AppData\Roaming\TuneUpMedia

O43 - CFD: 12/03/2010 - 23:24:34 - [1530648] ----D- C:\Users\yannick\AppData\Roaming\VitySoft

O43 - CFD: 28/06/2010 - 16:59:40 - [443535] ----D- C:\Users\yannick\AppData\Roaming\vlc

O43 - CFD: 29/10/2010 - 15:58:48 - [8768] ----D- C:\Users\yannick\AppData\Roaming\VSO

O43 - CFD: 07/11/2010 - 18:20:02 - [594] ----D- C:\Users\yannick\AppData\Roaming\widestream

O43 - CFD: 22/06/2010 - 22:31:40 - [0] ----D- C:\Users\yannick\AppData\Roaming\windows32

O43 - CFD: 05/05/2011 - 23:15:58 - [1570732] ----D- C:\Users\yannick\AppData\Roaming\WindSolutions

O43 - CFD: 23/10/2009 - 17:20:12 - [0] ----D- C:\Users\yannick\AppData\Roaming\WinRAR

O43 - CFD: 28/02/2010 - 19:10:24 - [0] ----D- C:\Users\yannick\AppData\Local\ACDSee

O43 - CFD: 28/02/2010 - 19:10:24 - [48053805] ----D- C:\Users\yannick\AppData\Local\Adobe

O43 - CFD: 27/11/2010 - 19:37:00 - [1307770] ----D- C:\Users\yannick\AppData\Local\Ahead

O43 - CFD: 19/03/2010 - 17:00:44 - [0] ----D- C:\Users\yannick\AppData\Local\Apple

O43 - CFD: 19/03/2010 - 18:27:58 - [4487269] ----D- C:\Users\yannick\AppData\Local\Apple Computer

O43 - CFD: 28/02/2010 - 18:57:24 - [0] -SH-D- C:\Users\yannick\AppData\Local\Application Data

O43 - CFD: 05/04/2011 - 21:42:22 - [7851007] ----D- C:\Users\yannick\AppData\Local\Autodesk

O43 - CFD: 20/07/2011 - 21:42:32 - [62336] ----D- C:\Users\yannick\AppData\Local\Diagnostics

O43 - CFD: 23/07/2011 - 10:04:04 - [447357553] ----D- C:\Users\yannick\AppData\Local\Downloaded Installations

O43 - CFD: 13/03/2011 - 14:02:48 - [0] ----D- C:\Users\yannick\AppData\Local\ElevatedDiagnostics

O43 - CFD: 01/05/2010 - 14:45:32 - [69195] ----D- C:\Users\yannick\AppData\Local\eMule

O43 - CFD: 28/02/2010 - 19:10:24 - [588661729] ----D- C:\Users\yannick\AppData\Local\ESET

O43 - CFD: 07/07/2011 - 22:57:28 - [33322] ----D- C:\Users\yannick\AppData\Local\Google

O43 - CFD: 28/02/2010 - 18:57:24 - [0] -SH-D- C:\Users\yannick\AppData\Local\Historique

O43 - CFD: 28/02/2010 - 19:10:24 - [2930] ----D- C:\Users\yannick\AppData\Local\IsolatedStorage

O43 - CFD: 23/03/2010 - 18:08:02 - [1146314] ----D- C:\Users\yannick\AppData\Local\MaxTV Technologies

O43 - CFD: 17/05/2011 - 23:15:56 - [9575174665] ----D- C:\Users\yannick\AppData\Local\Microsoft

O43 - CFD: 31/03/2010 - 11:47:46 - [1025834] ----D- C:\Users\yannick\AppData\Local\Microsoft Games

O43 - CFD: 19/01/2011 - 17:34:50 - [446548] ----D- C:\Users\yannick\AppData\Local\Microsoft Help

O43 - CFD: 28/02/2010 - 19:10:30 - [174806993] ----D- C:\Users\yannick\AppData\Local\Mozilla

O43 - CFD: 28/02/2010 - 19:10:32 - [14856] ----D- C:\Users\yannick\AppData\Local\Neuf

O43 - CFD: 16/07/2010 - 15:33:56 - [32737809] ----D- C:\Users\yannick\AppData\Local\Nokia

O43 - CFD: 28/02/2010 - 19:10:34 - [269] ----D- C:\Users\yannick\AppData\Local\NokiaAccount

O43 - CFD: 25/04/2010 - 19:27:42 - [4229] ----D- C:\Users\yannick\AppData\Local\PC_Drivers_Headquarters

O43 - CFD: 03/05/2010 - 10:23:58 - [6843] ----D- C:\Users\yannick\AppData\Local\Pinnacle

O43 - CFD: 23/07/2011 - 10:06:36 - [6737] ----D- C:\Users\yannick\AppData\Local\Samsung

O43 - CFD: 20/05/2011 - 10:28:52 - [1943616] ----D- C:\Users\yannick\AppData\Local\SFR

O43 - CFD: 20/07/2011 - 10:59:40 - [0] ----D- C:\Users\yannick\AppData\Local\Sunbelt Software

O43 - CFD: 12/04/2010 - 14:17:42 - [9080] ----D- C:\Users\yannick\AppData\Local\Super Internet TV

O43 - CFD: 27/07/2011 - 18:21:32 - [402947630] ----D- C:\Users\yannick\AppData\Local\temp

O43 - CFD: 28/02/2010 - 18:57:24 - [0] -SH-D- C:\Users\yannick\AppData\Local\Temporary Internet Files

O43 - CFD: 09/06/2011 - 13:22:18 - [317264204] ----D- C:\Users\yannick\AppData\Local\VirtualStore

O43 - CFD: 28/02/2010 - 19:10:34 - [2913] ----D- C:\Users\yannick\AppData\Local\WBFSManager

O43 - CFD: 30/12/2010 - 21:24:58 - [417423] ----D- C:\Users\yannick\AppData\Local\widestream6 Air

O43 - CFD: 31/12/2010 - 12:43:36 - [13537159] ----D- C:\Users\yannick\AppData\Local\Wild Media Server

O43 - CFD: 30/05/2011 - 18:13:22 - [69632] ----D- C:\Users\yannick\AppData\Local\Windows Live

O43 - CFD: 24/11/2009 - 17:23:12 - [0] ----D- C:\Users\yannick\AppData\Local\WMTools Downloaded Files

O43 - CFD: 12/03/2010 - 10:44:36 - [0] ----D- C:\Users\yannick\AppData\Local\Xara

O43 - CFD: 21/06/2011 - 10:17:24 - [0] ----D- C:\Users\yannick\AppData\Local\{076BDDBA-A5FC-4348-B450-6A94EDCA9C57}

O43 - CFD: 27/06/2011 - 09:30:40 - [0] ----D- C:\Users\yannick\AppData\Local\{0874C27A-628F-4173-83EC-B2491DBCCB1A}

O43 - CFD: 17/07/2011 - 22:30:38 - [0] ----D- C:\Users\yannick\AppData\Local\{0CAB23EA-43AE-4FA0-BA90-9B3D00CF9E26}

O43 - CFD: 26/05/2011 - 12:55:08 - [0] ----D- C:\Users\yannick\AppData\Local\{11BEA477-2D1D-422F-8F61-728289464D50}

O43 - CFD: 16/07/2011 - 10:28:48 - [0] ----D- C:\Users\yannick\AppData\Local\{1288685F-6E95-4A3D-80BC-0BBC1F535CC0}

O43 - CFD: 20/05/2011 - 22:00:04 - [0] ----D- C:\Users\yannick\AppData\Local\{1346A08F-C00F-4779-888C-E225A1E2A7EE}

O43 - CFD: 25/05/2011 - 13:12:56 - [0] ----D- C:\Users\yannick\AppData\Local\{1648AC1F-9344-4A76-8AC7-DEF282869CC5}

O43 - CFD: 20/06/2011 - 10:02:34 - [0] ----D- C:\Users\yannick\AppData\Local\{1655E6A9-2342-41C9-9F36-6ED6F476386C}

O43 - CFD: 29/06/2011 - 10:43:38 - [0] ----D- C:\Users\yannick\AppData\Local\{17E8B8A9-C54A-4787-A996-251BFD6C2FEC}

O43 - CFD: 29/05/2011 - 12:38:22 - [0] ----D- C:\Users\yannick\AppData\Local\{1B1025F4-17D2-4771-B063-291FB66E367E}

O43 - CFD: 23/07/2011 - 08:36:44 - [0] ----D- C:\Users\yannick\AppData\Local\{1B6D6E12-646A-420B-B915-2429423C96C0}

O43 - CFD: 22/05/2011 - 10:01:28 - [0] ----D- C:\Users\yannick\AppData\Local\{1C536457-0A97-400C-BDC7-B15EAB2FEC9D}

O43 - CFD: 24/06/2011 - 10:28:08 - [0] ----D- C:\Users\yannick\AppData\Local\{1CE94DEA-D382-4F44-8894-3F089DDE3DFC}

O43 - CFD: 28/06/2011 - 21:36:24 - [0] ----D- C:\Users\yannick\AppData\Local\{2342D751-A405-4BD2-A85B-0347C0855B10}

O43 - CFD: 18/07/2011 - 23:58:06 - [0] ----D- C:\Users\yannick\AppData\Local\{2DE8CEB3-FAEE-4741-B32B-E8C695A60C98}

O43 - CFD: 20/06/2011 - 22:03:02 - [0] ----D- C:\Users\yannick\AppData\Local\{2E7C8D1E-697A-4CD5-91B1-0B0525B18FD7}

O43 - CFD: 07/07/2011 - 14:10:04 - [0] ----D- C:\Users\yannick\AppData\Local\{3049CA21-BAAA-489D-8894-4B2FDBACCDC8}

O43 - CFD: 14/07/2011 - 22:25:28 - [0] ----D- C:\Users\yannick\AppData\Local\{31AA3E65-86E4-4206-9CCD-85BAB42882EF}

O43 - CFD: 28/02/2010 - 19:10:34 - [11212800] ----D- C:\Users\yannick\AppData\Local\{3248F0A6-6813-11D6-A77B-00B0D0150010}

O43 - CFD: 03/06/2011 - 14:06:48 - [0] ----D- C:\Users\yannick\AppData\Local\{33F5090D-AD67-4342-9E87-D2709B988D99}

O43 - CFD: 15/06/2011 - 11:40:20 - [0] ----D- C:\Users\yannick\AppData\Local\{34E3C1FC-8453-4C99-8E73-E69DC83AA8B2}

O43 - CFD: 24/05/2011 - 02:06:58 - [0] ----D- C:\Users\yannick\AppData\Local\{36F024B2-03BF-458F-AB77-2F3FE116EF77}

O43 - CFD: 06/06/2011 - 21:33:30 - [0] ----D- C:\Users\yannick\AppData\Local\{3B384612-A936-437E-8BC2-C54C7F63CD6D}

O43 - CFD: 13/06/2011 - 11:46:48 - [0] ----D- C:\Users\yannick\AppData\Local\{46B198F6-064E-4849-934A-E3A6951E4FAB}

O43 - CFD: 13/07/2011 - 10:23:42 - [0] ----D- C:\Users\yannick\AppData\Local\{4960A997-601F-4E8F-97B4-E909C1715F46}

O43 - CFD: 16/07/2011 - 22:29:24 - [0] ----D- C:\Users\yannick\AppData\Local\{4B2DA125-901C-40D6-A3D8-73BCC5633F0D}

O43 - CFD: 08/07/2011 - 12:31:18 - [0] ----D- C:\Users\yannick\AppData\Local\{4D21E2E9-D5E7-4E28-B422-CA98474B4312}

O43 - CFD: 30/05/2011 - 23:29:44 - [0] ----D- C:\Users\yannick\AppData\Local\{500B569C-22AD-4DE5-A6ED-23168AD8194E}

O43 - CFD: 20/07/2011 - 10:15:18 - [0] ----D- C:\Users\yannick\AppData\Local\{5272B766-03C7-47AB-9FB9-30B00845920A}

O43 - CFD: 26/06/2011 - 13:42:28 - [0] ----D- C:\Users\yannick\AppData\Local\{5447FB88-ECDD-453A-B36B-BB37B290F7A4}

O43 - CFD: 05/07/2011 - 13:04:00 - [0] ----D- C:\Users\yannick\AppData\Local\{593DCC86-173A-46A0-BEBB-644C18512244}

O43 - CFD: 12/07/2011 - 22:11:26 - [0] ----D- C:\Users\yannick\AppData\Local\{64801F3C-970A-433C-9C7C-2567B4FB4D45}

O43 - CFD: 28/05/2011 - 13:46:36 - [0] ----D- C:\Users\yannick\AppData\Local\{6567887C-3CC8-4354-9C95-59CA56906BA7}

O43 - CFD: 29/06/2011 - 22:44:18 - [0] ----D- C:\Users\yannick\AppData\Local\{6912AD40-AD22-46DA-BD2E-5373C728E8FF}

O43 - CFD: 03/07/2011 - 19:16:42 - [0] ----D- C:\Users\yannick\AppData\Local\{69630994-035B-488A-AADE-32612BA044E4}

O43 - CFD: 31/05/2011 - 12:29:42 - [0] ----D- C:\Users\yannick\AppData\Local\{6C5B10A6-7FC1-46B0-AC93-946A4BA4EAA3}

O43 - CFD: 23/06/2011 - 14:47:10 - [0] ----D- C:\Users\yannick\AppData\Local\{6D06FE0E-10AF-4D35-8729-17BC55893ECF}

O43 - CFD: 22/07/2011 - 14:39:54 - [0] ----D- C:\Users\yannick\AppData\Local\{70682F62-2646-4BF8-83C9-759ACD0B8573}

O43 - CFD: 11/07/2011 - 21:33:34 - [0] ----D- C:\Users\yannick\AppData\Local\{70F180DF-49BD-432C-A0C1-5AF572B20590}

O43 - CFD: 14/07/2011 - 10:24:50 - [0] ----D- C:\Users\yannick\AppData\Local\{75AF769A-7D68-4627-81B2-19ECFEF278A0}

O43 - CFD: 10/07/2011 - 19:49:54 - [0] ----D- C:\Users\yannick\AppData\Local\{79533932-FC6A-4FD1-8D19-F04E2D85162D}

O43 - CFD: 28/06/2011 - 09:35:48 - [0] ----D- C:\Users\yannick\AppData\Local\{7A0783AB-0EF4-440F-93CA-BA55B5DB19D8}

O43 - CFD: 10/06/2011 - 17:11:16 - [0] ----D- C:\Users\yannick\AppData\Local\{8741DEA4-DF9D-4346-B7FE-343DBD0EFDF4}

O43 - CFD: 26/07/2011 - 01:16:48 - [0] ----D- C:\Users\yannick\AppData\Local\{87D60F1F-21AF-49C9-A26C-78F89F7757B3}

O43 - CFD: 02/06/2011 - 22:25:54 - [0] ----D- C:\Users\yannick\AppData\Local\{8AA15472-7E30-4C2C-96BD-96B9CDEE4A69}

O43 - CFD: 21/07/2011 - 10:25:40 - [0] ----D- C:\Users\yannick\AppData\Local\{8F69D220-E733-4BCB-B6BD-6CF103921842}

O43 - CFD: 09/06/2011 - 15:28:46 - [0] ----D- C:\Users\yannick\AppData\Local\{900A8DA6-F9AE-4B54-B2D2-87C471656B41}

O43 - CFD: 30/05/2011 - 11:29:20 - [0] ----D- C:\Users\yannick\AppData\Local\{91EB5AC8-375D-44F7-A44A-D152D383AFBF}

O43 - CFD: 26/07/2011 - 13:17:24 - [0] ----D- C:\Users\yannick\AppData\Local\{9596A200-4883-4BE1-9094-7271FD821001}

O43 - CFD: 27/05/2011 - 18:56:54 - [0] ----D- C:\Users\yannick\AppData\Local\{95B83BA0-4682-4B44-8C38-B8E340D338B0}

O43 - CFD: 11/06/2011 - 08:48:26 - [0] ----D- C:\Users\yannick\AppData\Local\{96F1829E-4676-4607-B610-45764290BF68}

O43 - CFD: 24/07/2011 - 19:02:20 - [0] ----D- C:\Users\yannick\AppData\Local\{99FD7871-1A34-48AD-8619-7F18BE463E6A}

O43 - CFD: 25/06/2011 - 21:39:20 - [0] ----D- C:\Users\yannick\AppData\Local\{9D5F9AD6-1D09-4042-AC15-76020A094EEA}

O43 - CFD: 30/06/2011 - 11:17:10 - [0] ----D- C:\Users\yannick\AppData\Local\{A1C1FF5E-35D8-4B4B-B6AC-1026FCB8A647}

O43 - CFD: 13/07/2011 - 22:24:06 - [0] ----D- C:\Users\yannick\AppData\Local\{A661BCF8-207E-4E84-A83D-6D67BFEC030D}

O43 - CFD: 22/06/2011 - 09:31:20 - [0] ----D- C:\Users\yannick\AppData\Local\{B186A29B-511C-4A3A-8C5C-6893FCC923B2}

O43 - CFD: 20/05/2011 - 09:59:14 - [0] ----D- C:\Users\yannick\AppData\Local\{B259097B-E027-4E80-996B-04C687BF175E}

O43 - CFD: 01/07/2011 - 09:37:56 - [0] ----D- C:\Users\yannick\AppData\Local\{B68C7A0E-5753-467D-BA92-6DB2F8F6BC7E}

O43 - CFD: 15/07/2011 - 22:28:12 - [0] ----D- C:\Users\yannick\AppData\Local\{B7BD7E50-98BC-469F-91CB-7E01CC313015}

O43 - CFD: 17/06/2011 - 12:58:14 - [0] ----D- C:\Users\yannick\AppData\Local\{BE67B8C2-A708-4E65-8072-6311A36B4DA0}

O43 - CFD: 06/07/2011 - 12:49:40 - [0] ----D- C:\Users\yannick\AppData\Local\{C3F7478E-D935-4474-8CB0-50404FEC5144}

O43 - CFD: 27/06/2011 - 21:31:16 - [0] ----D- C:\Users\yannick\AppData\Local\{C8E8989C-23AB-40FA-B227-636D7C8D0518}

O43 - CFD: 02/06/2011 - 10:25:18 - [0] ----D- C:\Users\yannick\AppData\Local\{C9AE8A31-8A7F-46F6-B2B7-C8C82142D571}

O43 - CFD: 04/06/2011 - 22:34:14 - [0] ----D- C:\Users\yannick\AppData\Local\{CC1A55BA-997E-4460-87E4-C9D697477B41}

O43 - CFD: 18/07/2011 - 11:57:30 - [0] ----D- C:\Users\yannick\AppData\Local\{D1A26C95-8BBE-444B-9A79-EFE9DF263A84}

O43 - CFD: 19/06/2011 - 10:50:12 - [0] ----D- C:\Users\yannick\AppData\Local\{D4954405-FB9B-4EB8-AF82-664B3250BFBA}

O43 - CFD: 17/07/2011 - 10:30:00 - [0] ----D- C:\Users\yannick\AppData\Local\{DDEFE43F-DDE4-4724-B2C0-ECACDA5A3520}

O43 - CFD: 18/06/2011 - 22:49:38 - [0] ----D- C:\Users\yannick\AppData\Local\{E2171454-C220-4D77-8643-59A8CDF6CC56}

O43 - CFD: 24/05/2011 - 14:07:34 - [0] ----D- C:\Users\yannick\AppData\Local\{E476FE44-2E74-42A1-924C-6BEABA55183A}

O43 - CFD: 02/07/2011 - 11:49:36 - [0] ----D- C:\Users\yannick\AppData\Local\{E58ABC42-4A8A-4B59-9CEF-53907E38E859}

O43 - CFD: 04/07/2011 - 15:42:02 - [0] ----D- C:\Users\yannick\AppData\Local\{EB4B080B-DB85-4232-85F8-8B2E15E714EE}

O43 - CFD: 23/06/2011 - 02:46:34 - [0] ----D- C:\Users\yannick\AppData\Local\{ED79CF77-4010-4F39-8BD5-FA9B5492EA57}

O43 - CFD: 16/06/2011 - 12:58:20 - [0] ----D- C:\Users\yannick\AppData\Local\{F4768F20-67A9-4B10-ADCA-4A8E0143C5BB}

O43 - CFD: 19/07/2011 - 11:58:42 - [0] ----D- C:\Users\yannick\AppData\Local\{F664E406-F9DC-4988-A0AC-FEF69EF6EADC}

O43 - CFD: 27/07/2011 - 13:01:36 - [0] ----D- C:\Users\yannick\AppData\Local\{F7525F0B-E062-4CDB-9EC2-E47F3DE42CFC}

O43 - CFD: 01/06/2011 - 22:24:40 - [0] ----D- C:\Users\yannick\AppData\Local\{F8DB479A-BAD9-4BD2-AFCD-78EC389C67B1}

O43 - CFD: 14/06/2011 - 12:56:48 - [0] ----D- C:\Users\yannick\AppData\Local\{FDE7BBD3-662A-4489-A4D9-1C595D87426C}

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.4AEE74018FF8D54E720D3168E9193092] - 27/07/2011 - 17:05:59 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1483323]

O44 - LFC:[MD5.17E3A6F4A93B730B2EC5F9E0C2342809] - 27/07/2011 - 17:03:10 ---A- . (...) -- C:\Windows\System32\http_ss.log [46550999]

O44 - LFC:[MD5.BDB2BFA28145B8123E1C14B126A3C4AF] - 27/07/2011 - 17:03:05 ---A- . (...) -- C:\Windows\setupact.log [62880]

O44 - LFC:[MD5.D743A549768F83E4D2AA8D53FD8275A8] - 27/07/2011 - 17:03:01 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.20C44454EB3A7BA5CF71BEF4E6BFDD48] - 27/07/2011 - 17:02:56 ---A- . (...) -- C:\aaw7boot.log [3775]

O44 - LFC:[MD5.8A4AC45DD9CDCCFEE517C25EB5233C8B] - 27/07/2011 - 17:01:20 ---A- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [27296]

O44 - LFC:[MD5.8A4AC45DD9CDCCFEE517C25EB5233C8B] - 27/07/2011 - 17:01:19 ---A- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [27296]

O44 - LFC:[MD5.571E0DD2C7FB16C94F1830472D9F1956] - 25/07/2011 - 16:13:09 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1694330]

O44 - LFC:[MD5.2E8C4E2B21FBBC51DE7C31DD774E3346] - 25/07/2011 - 16:13:09 ---A- . (...) -- C:\Windows\System32\perfc009.dat [125316]

O44 - LFC:[MD5.B69BD6ABEA2D881F116E1F820A3ED64A] - 25/07/2011 - 16:13:09 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [153054]

O44 - LFC:[MD5.5D2CFD6D28810A5220609CEAB0DDB985] - 25/07/2011 - 16:13:09 ---A- . (...) -- C:\Windows\System32\perfh009.dat [663380]

O44 - LFC:[MD5.00458ABD2BA4B82B3AC54885D133693B] - 25/07/2011 - 16:13:09 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [756350]

O44 - LFC:[MD5.CB17A47D090938A02DACB066D6D5A124] - 24/07/2011 - 18:09:33 ---A- . (...) -- C:\Windows\System32\rp_rules.dat [44]

O44 - LFC:[MD5.8A3D5B46FF8C9CED46304F1EBB5F9AFE] - 24/07/2011 - 18:09:33 ---A- . (...) -- C:\Windows\System32\rp_stats.dat [64]

O44 - LFC:[MD5.37655385D1CF8560A52027B8008FAE0E] - 23/07/2011 - 09:06:11 ---A- . (.Devguru Co., Ltd. - Device Error Recovery SDK(x86).) -- C:\Windows\System32\dgderapi.dll [821824]

O44 - LFC:[MD5.1667A0F0E7161176DB6AB4ECACF4E307] - 23/07/2011 - 08:54:33 ---A- . (...) -- C:\aqua_bitmap.cpp [2006]

O44 - LFC:[MD5.0505DA5D357F18A5D42FC5DEDE6BC9A0] - 20/07/2011 - 10:07:37 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\System32\drivers\SBREDrv.sys [101720]

O44 - LFC:[MD5.71ABEFEDA90E159FD56937943EE745DB] - 20/07/2011 - 10:07:34 ---A- . (...) -- C:\Windows\System32\lsdelete.exe [16432]

O44 - LFC:[MD5.336ABE8721CBC3110F1C6426DA633417] - 20/07/2011 - 10:07:23 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\Windows\System32\drivers\Lbd.sys [64512]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 20/07/2011 - 09:13:52 ---A- . (...) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.518318A103C888001054EFA1236E5033] - 02/07/2011 - 11:18:44 ---A- . (.Microsoft Corporation - Bibliothèque d'assistance au déploiement de.) -- C:\Windows\System32\dfshim.dll [1130824]

O44 - LFC:[MD5.A04C06A2142226D79DDA75920A496243] - 02/07/2011 - 11:18:32 ---A- . (.Pas de propriétaire - RemoteFX Helper.) -- C:\Windows\System32\RDVGHelper.exe [80896]

O44 - LFC:[MD5.C9FB8C3D650EF8BD76865EC20A19A5BC] - 02/07/2011 - 11:17:54 ---A- . (.Microsoft - Filtre du convertisseur RDP (redirecteur).) -- C:\Windows\System32\DShowRdpFilter.dll [252928]

O44 - LFC:[MD5.39B9273CA01364E115B464416CFB729B] - 02/07/2011 - 11:17:13 ---A- . (.Microsoft - robocopy.) -- C:\Windows\System32\Robocopy.exe [98816]

O44 - LFC:[MD5.737AFC772243C75E6AD17A7A8E8E23F9] - 02/07/2011 - 11:16:49 ---A- . (.Windows ® Codename Longhorn DDK provider - Services de gestion des polices.) -- C:\Windows\System32\fms.dll [93696]

O44 - LFC:[MD5.163A95975E1D8819E653AA3E961371CA] - 02/07/2011 - 11:16:43 ---A- . (.Twain Working Group - Gestionnaire de sources Twain_32 (Image Acq.) -- C:\Windows\twain_32.dll [51200]

O44 - LFC:[MD5.EB6C16CE0163AD282E95FCE5EE9BA518] - 02/07/2011 - 11:16:23 ---A- . (.Pas de propriétaire - Application PrintBrm.) -- C:\Windows\System32\PrintBrmUi.exe [66048]

O44 - LFC:[MD5.1DE21EC4A2232FF4F5298ADCAE7B3690] - 02/07/2011 - 11:16:19 ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll [82944]

O44 - LFC:[MD5.03783D0840B2C54D7665248425C74417] - 20/11/2010 - 06:23:54 ---A- . (...) -- C:\Windows\System32\dosx.exe [53600]

O44 - LFC:[MD5.C5DEA5B95AF9AA981C88CAB94A58213E] - 20/11/2010 - 04:52:32 ---A- . (...) -- C:\Windows\System32\locale.nls [419880]

O44 - LFC:[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - 10/11/2010 - 02:45:49 ---A- . (...) -- C:\Windows\System32\ScavengeSpace.xml [10429]

O44 - LFC:[MD5.B8CBB46B42570D373C9933FBDF25EBCE] - 05/11/2010 - 03:20:53 ---A- . (...) -- C:\Windows\System32\systemsf.ebd [146852]

O44 - LFC:[MD5.C236A8735A48B165A2A7724357DBE332] - 05/11/2010 - 03:20:45 ---A- . (...) -- C:\Windows\System32\RacRules.xml [105559]

 

 

 

---\\ Export de clé d'application autorisée (O47)

O47 - AAKE:Key Export SP - "D:\LOGICIEL\pour cracker windows 7\Windows 7 Loader\Windows 7 Loader Update.exe" [Enabled] .(.Cool Beans Software - Cool NFO Creator.) -- D:\LOGICIEL\pour cracker windows 7\Windows 7 Loader\Windows 7 Loader Update.exe

O47 - AAKE:Key Export SP - "C:\Users\yannick\AppData\Roaming\NK9FX1BEU0.exe" [Enabled] .(...) -- C:\Users\yannick\AppData\Roaming\NK9FX1BEU0.exe (.not file.)

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\procexp90.Sys . (...) -- C:\Windows\System32\Drivers\procexp90.Sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\procexp90.Sys . (...) -- C:\Windows\System32\Drivers\procexp90.Sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm

O52 - TDSD: \Drivers32\"msacm.avis"="ff_acm.acm" . (.Pas de propriétaire - ffdshow Audio Decoder.) -- C:\Windows\System32\ff_acm.acm

O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\lameACM.acm

O52 - TDSD: \Drivers32\"vidc.ffds"="ff_vfw.dll" . (...) -- C:\Windows\System32\ff_vfw.dll

O52 - TDSD: \Drivers32\"vidc.fvfw"="ff_vfw.dll" . (...) -- C:\Windows\System32\ff_vfw.dll

O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (...) -- C:\Windows\System32\xvidvfw.dll

O52 - TDSD: \Drivers32\"VIDC.YV12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll

O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm

O52 - TDSD: \drivers.desc\"ff_acm.acm"="ffdshow ACM codec" . (.Pas de propriétaire - ffdshow Audio Decoder.) -- C:\Windows\System32\ff_acm.acm

O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\Windows\System32\ff_vfw.dll

O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.98.2" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec 1.2.2" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.1 Codec" . (...) -- (.not file.)

 

 

 

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\ACD FotoSlate OLR [Key] . (.BVRP Software - BVRPOlr.) -- C:\PROGRA~1\BVRPSO~1\ACDFOT~1\BVRPOlr.exe

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O53 - SMSR:HKLM\...\startupreg\bywifi [Key] . (.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\Program Files\Bywifi\bywifi.exe

O53 - SMSR:HKLM\...\startupreg\EPSON Stylus DX3800 Series [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIACE.exe

O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe

O53 - SMSR:HKLM\...\startupreg\Malwarebytes Anti-Malware (reboot) [Key] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

O53 - SMSR:HKLM\...\startupreg\NokiaOviSuite2 [Key] . (.Nokia - Nokia Ovi Suite 2.) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (...) -- C:\Program Files\Java\jre6\bin\jusched.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\USBToolTip [Key] . (.Pinnacle Systems GmbH - Pinnacle USB Tip - for Multi Media eXtensio.) -- C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe

O53 - SMSR:HKLM\...\startupreg\WebEx Document Loader [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIACE.exe

O53 - SMSR:HKLM\...\startupreg\YVIBBBHA8C [Key] . (...) -- C:\Users\yannick\AppData\Local\Temp\Qng.exe (.not file.)

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutorun"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.336ABE8721CBC3110F1C6426DA633417] - 20/07/2011 - 10:07:23 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\Windows\system32\drivers\Lbd.sys [64512]

O58 - SDL:[MD5.0505DA5D357F18A5D42FC5DEDE6BC9A0] - 20/07/2011 - 10:07:37 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys [101720]

O58 - SDL:[MD5.1026D4A3B106A136C5219CAA5A9CA9C3] - 25/11/2009 - 20:25:42 ---A- . (...) -- C:\Windows\system32\AA26A8B559.sys [56]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.B07663A810E861EEBFD0EAC7E82CA62D] - 23/07/2011 - 10:03:52 ---A- . (...) -- C:\Windows\system32\FsUsbExDisk.Sys [36640]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.06F2333A167198C2A0D2ED56D02AC112] - 25/11/2009 - 20:25:42 ---A- . (...) -- C:\Windows\system32\KGyGaAvL.sys [10022]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

O63 - Logiciel: RSIT - (.random/random.)

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.com> <ComFile>[HKCU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.exe> <exefile>[HKCU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: prefs.js [yannick - ql6pwsec.default] user_pref("CT2504091.SearchEngine", "Search||http://search.conduit.com/Results.aspx?

O69 - SBI: prefs.js [yannick - ql6pwsec.default] user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?

O69 - SBI: prefs.js [yannick - ql6pwsec.default] user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {0633EE93-1111-472f-A0FF-E1416B8B2E3B} - (Google Customized Web Search) - Gooofullsearch.com

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {10EDAC71-1851-473a-BE8E-5D77C8FE5129} - (Ask.com) - Ask.com Web Search

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} - (Private Search) - http://search.hotspotshield.com

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.8CB1DDC3EAC6B60213C75B21DAE06FF5] [sPRF][07/06/2011] (.Musiccity Co.Ltd. - AOD Sourcer Filter.) -- C:\Users\yannick\AppData\Local\Temp\muzaf1.dll [135168]

[MD5.4F9BD5F58F631920BBAAEB9D9960286D] [sPRF][07/06/2011] (.Musiccity Co.Ltd. - MUZAoDAppCtrl Module.) -- C:\Users\yannick\AppData\Local\Temp\muzapp.dll [491520]

[MD5.A12FB1A9FC4433CD64C77A7250821A02] [sPRF][07/06/2011] (.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Users\yannick\AppData\Local\Temp\muzapp.exe [172032]

[MD5.0A2003F4CFD58C350C7B2E2D9807D12D] [sPRF][07/06/2011] (. © MusicCity - P3WMTSplitter Filter.) -- C:\Users\yannick\AppData\Local\Temp\muzwmts.dll [200704]

[MD5.DA7644D5E2E13B4F5BF93D5DE5D8EA6A] [sPRF][27/06/2011] (.C_XX - Ad-Remover.) -- C:\Users\yannick\Desktop\AD-R.exe [1327512]

[MD5.D4C4EBC2A6E96B5D395331DAB93083EB] [sPRF][27/06/2011] (.Swearware - ComboFix NSIS Installer.) -- C:\Users\yannick\Desktop\ComboFix.exe [4127961]

[MD5.8D3DD9C3AF4494574C6526DA291A7F4D] [sPRF][06/06/2011] (.Patrick Bory - Installation de Vision Budget pour Windows.) -- C:\Users\yannick\Desktop\instvbw.exe [1204880]

[MD5.579B7C2E186A25B26C3A0B428C8F2375] [sPRF][30/12/2010] (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Users\yannick\Desktop\jre-6u23-windows-i586-iftw.exe [884000]

[MD5.00E1569041E09A8200D55F624EE5771C] [sPRF][26/03/2010] (.SFR - Kit de connexion.) -- C:\Users\yannick\Desktop\kit.exe [10493008]

[MD5.58EAABDA5445BE6BC4EB257907A59F26] [sPRF][30/03/2007] (.Microsoft Corporation - Windows Movie Maker.) -- C:\Users\yannick\Desktop\MOVIEMK.exe [3274752]

[MD5.CD31545772CDB4E84902F25D3363C58D] [sPRF][02/06/2010] (.Macrovision Corporation - Setup.exe.) -- C:\Users\yannick\Desktop\Navirad bis_USB_win7.exe [3176304]

[MD5.25FEE8335627797A78FEF284DDF5422C] [sPRF][02/06/2010] (.Eifrig Media Hamburg - Navirad Setup.) -- C:\Users\yannick\Desktop\Navirad_Setup.exe [1024066]

[MD5.CD31545772CDB4E84902F25D3363C58D] [sPRF][01/06/2010] (.Macrovision Corporation - Setup.exe.) -- C:\Users\yannick\Desktop\Navirad_USB_win7.exe [3176304]

[MD5.484370DD96824E7E3CCB8D781E912D0E] [sPRF][08/07/2010] (...) -- C:\Users\yannick\Desktop\SoftonicDownloader50473.exe [262968]

[MD5.ED324284FA119EF0F240AC9E2262D666] [sPRF][12/04/2010] (.Microsoft Corporation - Windows Media Component Setup Application.) -- C:\Users\yannick\Desktop\wmpfirefoxplugin.exe [318904]

[MD5.0A3A4ADAF220B1E88EABC73A865A0AD9] [sPRF][01/02/2011] (...) -- C:\Users\yannick\Desktop\xvid_setup1.2.2-win32.exe [167609]

[MD5.1A28CB38299AA0069555B95E5C7BE372] [sPRF][27/07/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\yannick\Desktop\ZHPDiag2.exe [2540574]

[MD5.77D31FB654A53DBFB151C7A8E11E3A02] [sPRF][17/07/2009] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1962160]

[MD5.58AE9C7AF536B70B68099448A29657DA] [sPRF][10/02/2010] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropENU.dll [113888]

[MD5.40F1C0C36B6413E57E1FECA4E12159CC] [sPRF][16/02/2010] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropFRA.dll [116040]

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe

O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe

O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe

O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "{9F08B9DA-9F38-4D78-8063-28269DF93869}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "UDP Query User{9D815D98-D61D-41F9-8C03-30A75EC90AEC}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe

O87 - FAEL: "TCP Query User{4AC16332-70D1-4F5A-8551-29F8F94CA5AD}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe

O87 - FAEL: "UDP Query User{BE20CE4A-E92E-4D5C-B886-ABBEFACB1C7A}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" | In - Private - P17 - TRUE | .(.Nokia - Nokia Ovi Suite 2.) -- C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe

O87 - FAEL: "TCP Query User{BDD17544-A9D3-4D2A-9C96-A7D01C72AC4E}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" | In - Private - P6 - TRUE | .(.Nokia - Nokia Ovi Suite 2.) -- C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe

O87 - FAEL: "UDP Query User{F6DB8655-1594-423C-8D33-FA890F9F40FF}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" | In - Private - P17 - TRUE | .(.Nokia Corporation.) -- C:\program files\nokia\nokia software updater\nsu_ui_client.exe

O87 - FAEL: "TCP Query User{036DDB87-76B2-4FC8-B107-9AD41A5009BA}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" | In - Private - P6 - TRUE | .(.Nokia Corporation.) -- C:\program files\nokia\nokia software updater\nsu_ui_client.exe

O87 - FAEL: "UDP Query User{4983C42A-2843-4B78-A5B5-4794470555BC}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" | In - Private - P17 - TRUE | .(.Nokia Corporation.) -- C:\program files\common files\nokia\service layer\a\nsl_hos

O87 - FAEL: "TCP Query User{0D3C588B-8BBA-465C-8368-0C91CCF8DC28}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" | In - Private - P6 - TRUE | .(.Nokia Corporation.) -- C:\program files\common files\nokia\service layer\a\nsl_host

O87 - FAEL: "{A753A88E-600C-4EFC-9FB5-F3AA3C6B39E3}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\umi.exe (.not file.)

O87 - FAEL: "{38C0F335-2C28-415C-A7AE-22215FF5CCE6}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\umi.exe (.not file.)

O87 - FAEL: "{9B397528-6605-4723-9182-7370071FFD70}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe (.not file.)

O87 - FAEL: "{8D3A8F9E-D9EC-47CF-9C90-1EAD4A2ABBF6}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe (.not file.)

O87 - FAEL: "{D088BA9A-625A-4F45-B80F-A0AD6A25522E}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe (.not file.)

O87 - FAEL: "{9A5A02EF-E3ED-47D0-B932-7532062EF2F8}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe (.not file.)

O87 - FAEL: "{D56921BA-C76F-4E9D-9F8C-43BC1825BA18}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\RM.exe (.not file.)

O87 - FAEL: "{B808528A-4A1A-422B-BD61-7013962ABECC}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 10\programs\RM.exe (.not file.)

O87 - FAEL: "{E6B2053D-A486-47D2-BAEC-CDD2A73500F0}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer.) -- C:\Program Files\TeamViewer\Version5\TeamViewer.exe

O87 - FAEL: "{6770737F-1E3A-4CC5-8D4D-4CB2A6590230}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer.) -- C:\Program Files\TeamViewer\Version5\TeamViewer.exe

O87 - FAEL: "{2304A075-9F74-4BE7-9F4B-7D0477D02809}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - Application de pilotage à distance TeamViewer.) -- C:\Program Files\TeamViewer\Version4\TeamViewer.exe

O87 - FAEL: "{657086E6-BDD3-42CA-9962-1B405524DA05}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - Application de pilotage à distance TeamViewer.) -- C:\Program Files\TeamViewer\Version4\TeamViewer.exe

O87 - FAEL: "UDP Query User{211C9AE4-1609-4182-A463-F5CB28E70B8C}C:\program files\vuze\azureus.exe" | In - Public - P17 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\program files\vuze\azureus.exe

O87 - FAEL: "TCP Query User{1F9313E6-862A-4570-A457-F8E7D5CEABF4}C:\program files\vuze\azureus.exe" | In - Public - P6 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\program files\vuze\azureus.exe

O87 - FAEL: "UDP Query User{C9A9EF80-820F-41BD-AA26-6EC41E5B63B3}C:\program files\sfr\media center\httpd\httpd.exe" | In - Public - P17 - TRUE | .(.Apache Software Foundation.) -- C:\program files\sfr\media center\httpd\httpd.exe

O87 - FAEL: "TCP Query User{3E40344C-F00C-4DB5-A419-68F093382927}C:\program files\sfr\media center\httpd\httpd.exe" | In - Public - P6 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) -- C:\program files\sfr\media center\httpd\httpd.exe

O87 - FAEL: "{267166B5-9CF7-4E6F-B42F-817AB6A1B0F6}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O87 - FAEL: "UDP Query User{C397F40B-217C-4907-9AF3-7AB3EC7FC5AF}C:\program files\mobiola web camera for s60\webcam.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\mobiola web camera for s60\webcam.exe (.not file.)

O87 - FAEL: "TCP Query User{4E2AEFA0-47E6-4F53-A769-6DD6B869F272}C:\program files\mobiola web camera for s60\webcam.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\mobiola web camera for s60\webcam.exe (.not file.)

O87 - FAEL: "{7E328406-3651-405A-83B6-96E3FAE59226}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\DMV\MaxTV4\core\maxtv_xul.exe (.not file.)

O87 - FAEL: "{2F883647-0DB6-4B9A-8A31-24EA95F924E7}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\DMV\MaxTV4\core\maxtv_xul.exe (.not file.)

O87 - FAEL: "{29F87B34-DD16-41E8-8A0C-D518B99EFB81}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\DMV\MaxTV4\maxtv.exe (.not file.)

O87 - FAEL: "{C22ABC1A-F0F3-42AA-8512-42226D1E2D3F}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\DMV\MaxTV4\maxtv.exe (.not file.)

O87 - FAEL: "{9B3677A8-A808-46B8-86DC-1DC5119120F6}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\DMV\MaxTV4\recorder.exe (.not file.)

O87 - FAEL: "{F9E5E562-39A1-4121-AB6D-2F6A4412EBDC}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\DMV\MaxTV4\recorder.exe (.not file.)

O87 - FAEL: "{D949F856-7340-4FFF-9C8E-3C7800AE6A2B}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe (.not file.)

O87 - FAEL: "{BD6A9D48-09F1-4F7F-91FE-5DA99206A50F}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe (.not file.)

O87 - FAEL: "{1DCCC494-2CE3-4290-A87B-E5FD8DEBAC6A}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe (.not file.)

O87 - FAEL: "{8A2FD7A6-93B0-4D39-9878-EAAC6AB58CB8}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe (.not file.)

O87 - FAEL: "{B1DC00D8-46A0-48D1-98B5-86B34C3FAE7D}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe (.not file.)

O87 - FAEL: "{3CBCBED0-81FF-4DFF-83EF-DE132348E831}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe (.not file.)

O87 - FAEL: "TCP Query User{DB52F910-C4A2-4FE9-8926-EF044B958A72}C:\program files\super internet tv\super internet tv.exe" | In - Private - P6 - TRUE | .(.Ahusoft - Super Internet TV.) -- C:\program files\super internet tv\super internet tv.exe

O87 - FAEL: "UDP Query User{C7F314A7-EE0B-4C13-99D8-D3A2ED2D553B}C:\program files\super internet tv\super internet tv.exe" | In - Private - P17 - TRUE | .(.Ahusoft - Super Internet TV.) -- C:\program files\super internet tv\super internet tv.exe

O87 - FAEL: "TCP Query User{D83A6CC1-4FE8-4C76-8B26-90B7AB79A417}C:\program files\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe

O87 - FAEL: "UDP Query User{DA533DC3-A449-4770-9C1E-B5B71ACBB650}C:\program files\emule\emule.exe" | In - Private - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe

O87 - FAEL: "{9EDC60AF-FF91-4DD9-8A24-ED33969BED03}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe (.not file.)

O87 - FAEL: "{F6A3F1A1-4831-4E04-95EB-2F1F9CB677CC}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe (.not file.)

O87 - FAEL: "{77E203D6-6D3C-4A08-90DC-C59D5A41E79E}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe (.not file.)

O87 - FAEL: "{69C1F98C-E6C7-4225-B2D2-251BCAA3B386}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe (.not file.)

O87 - FAEL: "{1662B988-B7A3-4CDF-BA8B-E05598A5DC7A}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe (.not file.)

O87 - FAEL: "{63DF7210-7A15-4DA2-BFF3-FEBD093C158C}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe (.not file.)

O87 - FAEL: "TCP Query User{DF7CD45A-81B7-401D-AE18-B10E569AFBD5}C:\program files\bywifi\bywifi.exe" | In - Private - P6 - TRUE | .(.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\program files\bywifi\bywifi.exe

O87 - FAEL: "UDP Query User{64373D43-CFB6-4133-B07A-B779AF1E28A5}C:\program files\bywifi\bywifi.exe" | In - Private - P17 - TRUE | .(.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\program files\bywifi\bywifi.exe

O87 - FAEL: "TCP Query User{9F7399BD-6DAF-4B5E-B965-29E935A483F9}C:\program files\bywifi\bywifi.exe" | In - Public - P6 - TRUE | .(.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\program files\bywifi\bywifi.exe

O87 - FAEL: "UDP Query User{78AAA148-FA66-4DC3-B76C-D5776D388B28}C:\program files\bywifi\bywifi.exe" | In - Public - P17 - TRUE | .(.bywifi.com - Bywifi: Video Streaming Accelerator.) -- C:\program files\bywifi\bywifi.exe

O87 - FAEL: "{27696ABB-52D7-4E21-85C8-21518E60FF85}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{ADBEFAD8-82D2-45FE-B62E-6C4E73F14DEA}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{181D15E7-9D97-48A1-B058-6BFB769ED0CC}" | In - Private - P6 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe

O87 - FAEL: "{DBF4E9FE-2729-49D8-AF62-F11810BAD9F2}" | In - Private - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe

O87 - FAEL: "TCP Query User{AB4AC2EE-FB66-44A2-BE65-09546A3EDCF9}E:\mes documents\hack pc\prorat 1.9 special edition\prorat special edition\proconnective.exe" |In - Private - P6 - TRUE | .(...) -- E:\mes documents\hack pc\prorat 1.9 special edition\prora

O87 - FAEL: "UDP Query User{F93E10A7-2AC0-40C1-917C-DC5DA924D844}E:\mes documents\hack pc\prorat 1.9 special edition\prorat special edition\proconnective.exe" |In - Private - P17 - TRUE | .(...) -- E:\mes documents\hack pc\prorat 1.9 special edition\pror

O87 - FAEL: "TCP Query User{B44994A1-BC13-452B-B780-4D9971B1A04F}C:\windows\services.exe" |In - Private - P6 - TRUE | .(...) -- C:\windows\services.exe (.not file.)

O87 - FAEL: "UDP Query User{8EAD86AF-2694-4779-916A-0717142039CA}C:\windows\services.exe" |In - Private - P17 - TRUE | .(...) -- C:\windows\services.exe (.not file.)

O87 - FAEL: "TCP Query User{0287BE9B-D117-4706-8851-EABA3FB41EE6}C:\windows\services.exe" |In - Public - P6 - TRUE | .(...) -- C:\windows\services.exe (.not file.)

O87 - FAEL: "UDP Query User{4B0B1E01-E3D4-4D1A-BBD1-53AB627CE39E}C:\windows\services.exe" |In - Public - P17 - TRUE | .(...) -- C:\windows\services.exe (.not file.)

O87 - FAEL: "{2D7EBFEF-80AF-44C8-AB9A-E833AE629107}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe

O87 - FAEL: "{856E5553-7B2F-4763-B549-9DD46BF9DD51}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe

O87 - FAEL: "{A9126C21-F683-46D4-9668-2BCBA941019B}" | In - Private - P6 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) -- C:\Program Files\SFR\Media Center\httpd\httpd.exe

O87 - FAEL: "{6C2F8AFA-CAE1-4EF3-BDFF-EDB63F428EA8}" | In - Private - P17 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) -- C:\Program Files\SFR\Media Center\httpd\httpd.exe

O87 - FAEL: "{E2767A58-DA8B-4542-80ED-E4FC7EC547FA}" | In - Private - P6 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe

O87 - FAEL: "{DD070704-9740-4C2B-A47A-EA2AB1EF1875}" | In - Private - P17 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe

O87 - FAEL: "TCP Query User{A90D0532-D4B3-41CB-8C6E-B21EBB39E204}C:\program files\wild media server\wms.exe" | In - Private - P6 - TRUE | .(.Evgeny Lachinov - Wild Media Server (UPnP, DLNA, HTTP).) -- C:\program files\wild media server\wms.exe

O87 - FAEL: "UDP Query User{A8999E0E-2999-464F-BA6B-F87C2A96C758}C:\program files\wild media server\wms.exe" | In - Private - P17 - TRUE | .(.Evgeny Lachinov - Wild Media Server (UPnP, DLNA, HTTP).) -- C:\program files\wild media server\wms.exe

O87 - FAEL: "{A85FAEE1-5880-4BA1-87B8-F2177025F400}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O87 - FAEL: "TCP Query User{1E161BD3-7BF2-456E-94C5-19BCAD2E7BA6}C:\program files\mozilla firefox\plugin-container.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation.) -- C:\program files\mozilla firefox\plugin-container.exe

O87 - FAEL: "UDP Query User{C4F01001-80A9-4BC0-BBA5-86869469C4E6}C:\program files\mozilla firefox\plugin-container.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation.) -- C:\program files\mozilla firefox\plugin-container.exe

O87 - FAEL: "{3892C127-475A-4189-908F-2B478E464BE8}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe

O87 - FAEL: "{292A0942-9868-492F-A78C-CA47EB3B02F2}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe

O87 - FAEL: "{11701C3B-E97A-412F-95C1-30590667191A}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe

O87 - FAEL: "{4E910990-8E08-4D1E-8E67-EFAB92CE5B0A}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe

O87 - FAEL: "{27C2BABC-FFFE-4357-9048-4D607E27908A}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe

O87 - FAEL: "{C7B06AC0-56FE-4C65-AC76-17D076FAF9EF}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe

O87 - FAEL: "{4FF38E03-A613-4042-B7F1-BC1291256527}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe

O87 - FAEL: "{A0CC2B51-1FC5-4ED4-A8F0-FE5D8CD4F030}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe

O87 - FAEL: "TCP Query User{8A5BFF56-DD7D-4EA1-B297-F6A96F00B7AD}C:\program files\mozilla firefox\firefox.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe

O87 - FAEL: "UDP Query User{E4B40D53-CDC0-495C-85B4-BD42A7EF2ECB}C:\program files\mozilla firefox\firefox.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe

O87 - FAEL: "{AA8F8986-81D3-429F-96A5-08FD1D9E64A1}" | In - Private - P6 - TRUE | .(.PeeringPortal - KTF MUSIC AoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe

O87 - FAEL: "{4F914CB4-9D3F-42C6-BCEB-6B3A72537A57}" | In - Private - P17 - TRUE | .(.PeeringPortal - KTF MUSIC AoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe

O87 - FAEL: "{13B51E55-41A0-4735-8A4B-E12C783B29E1}" | In - Private - P6 - TRUE | .(.PeeringPortal - KTF MUSIC VoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe

O87 - FAEL: "{E55F0074-83AE-4330-8F2B-66FE2C1C1D28}" | In - Private - P17 - TRUE | .(.PeeringPortal - KTF MUSIC VoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe

O87 - FAEL: "{CC170858-FE12-402A-81A2-0B6605F2FA49}" | In - Private - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\yannick\AppData\Roaming\Dropbox\bin\Dropbox.exe

O87 - FAEL: "{E5065E38-8FE1-45E3-B251-BA890512130A}" | In - Private - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\yannick\AppData\Roaming\Dropbox\bin\Dropbox.exe

O87 - FAEL: "TCP Query User{EEF5D8C9-895E-4A41-B25E-5E5D89318B09}C:\users\yannick\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\yannick\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)

O87 - FAEL: "UDP Query User{EF1FF1D7-0F2A-49AB-99D3-3DADCB15E329}C:\users\yannick\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\yannick\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)

O87 - FAEL: "TCP Query User{C453C824-A102-4751-B91E-79ECCA78700C}C:\users\yannick\appdata\roaming\dropbox\bin\dropbox.exe" | In - Public - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\users\yannick\appdata\roaming\dropbox\bin\dropbox.exe

O87 - FAEL: "UDP Query User{734CEC0B-0184-48B7-8C60-E88E3923979E}C:\users\yannick\appdata\roaming\dropbox\bin\dropbox.exe" | In - Public - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\users\yannick\appdata\roaming\dropbox\bin\dropbox.exe

O87 - FAEL: "TCP Query User{CE18D581-B4EF-46A4-856E-72F23FCCA2D5}C:\glassfish3\jdk\bin\java.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\glassfish3\jdk\bin\java.exe

O87 - FAEL: "UDP Query User{7B756B0A-1A00-4E79-8746-971066A1E37F}C:\glassfish3\jdk\bin\java.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\glassfish3\jdk\bin\java.exe

O87 - FAEL: "{13D18AD6-D713-46CF-B8B2-C4199812E23D}" | In - Public - P6 - TRUE | .(.Cisco Systems, Inc. - Pure Networks Platform Service.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O87 - FAEL: "{F92C10FD-8407-4959-9E31-447FBE2CB80C}" | In - Public - P17 - TRUE | .(.Cisco Systems, Inc. - Pure Networks Platform Service.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 8545 - (22/07/2011)

Clés trouvées (Keys found) : 28

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 8

Fichiers trouvés (Files found) : 0

 

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>Toolbar.Ask

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>Toolbar.Ask

[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent

[HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] =>Adware.Hotbar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] =>Toolbar.AskTBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] =>Toolbar.AskTBar

[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4daac69c-cba7-45e2-9bc8-1044483d3352}] =>Toolbar.Conduit

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4daac69c-cba7-45e2-9bc8-1044483d3352}] =>Toolbar.Conduit

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{723328FF-22D0-497f-9EB5-1AC919582DE1}] =>Adware.SPointer

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.Softomate

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.Softomate

[HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.Softomate

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.Softomate

[HKLM\Software\Classes\Installer\Features\5B4758C25396ECF468E04F8E063287FF] =>PUP.OfferBox

[HKCU\Software\cacaoweb] =>PUP.CacaoWeb

[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit

[HKCU\Software\AppDataLow\Software\HotSpot_Shield_FR] =>Toolbar.Conduit

[HKLM\Software\HotSpot_Shield_FR] =>Toolbar.Conduit

[HKCU\Software\HotspotShield] =>Toolbar.Conduit

[HKLM\Software\HotspotShield] =>Toolbar.Conduit

[HKCU\Software\WideStream] =>Adware.SPointer

[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\YVIBBBHA8C] =>Trojan.Agent

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HotSpot_Shield_FR Toolbar] =>Toolbar.Conduit

C:\Program Files\Hotspot Shield =>Toolbar.Conduit

C:\Program Files\Softonic_France =>Toolbar.Conduit

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield =>Toolbar.Conduit

C:\Users\yannick\AppData\Roaming\Widestream =>Adware.SPointer

C:\Users\yannick\AppData\Local\widestream6 Air =>Adware.SPointer

C:\Users\yannick\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon

C:\Users\yannick\AppData\LocalLow\Toolbar4 =>Toolbar.Conduit

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 16/05/2010 144672 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SR - | Auto 16/05/2010 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SS - | Demand 23/10/2009 20680 | (EhttpSrv) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

SR - | Auto 23/10/2009 735960 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

SS - | Demand 05/04/2011 1045256 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

SR - | Auto 19/07/2010 233472 | (FsUsbExService) . (.Teruten.) - C:\Windows\system32\FsUsbExService.exe

SS - | Auto 05/07/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 05/07/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 05/07/2010 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

SR - | Auto 18/04/2010 247808 | (HotspotShieldService) . (...) - C:\Program Files\Hotspot Shield\bin\openvpnas.exe

SS - | Demand 18/04/2010 57640 | (HssTrayService) . (...) - C:\Program Files\Hotspot Shield\bin\HssTrayService.exe

SR - | Auto 18/04/2010 322608 | (HssWd) . (...) - C:\Program Files\Hotspot Shield\bin\hsswd.exe

SR - | Demand 16/05/2010 545576 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SS - | Demand 30/12/1899 0 | (KiesAllShare) . (...) - C:\Program Files\Samsung\Kies\WiselinkPro\WiselinkPro.exe

SR - | Auto 20/07/2011 2151640 | (Lavasoft Ad-Aware Service) . (.Lavasoft Limited.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

SR - | Auto 27/11/2010 853288 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

SS - | Demand 27/11/2010 382248 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

SR - | Auto 22/02/2010 647216 | (nmservice) . (.Cisco Systems, Inc..) - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

SR - | Auto 02/03/2010 129640 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SS - | Demand 31/12/2010 217088 | (PS3 Media Server) . (...) - C:\Program Files\PS3 Media Server\win32\service\wrapper.exe

SS - | Demand 05/05/2011 117264 | Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files\WinPcap\rpcapd.exe

SR - | Auto 17/06/2011 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

SS - | Demand 16/07/2010 652800 | (ServiceLayer) . (.Nokia.) - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe

SR - | Auto 22/02/2010 185640 | (TeamViewer4) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe

SR - | Auto 22/02/2010 172328 | (TeamViewer5) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

SR - | Auto 21/04/2011 3007488 | (WiselinkPro) . (...) - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by yannick at 27/07/2011 18:24:53

 

device: opened successfully

user: MBR read successfully

 

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys

1 ntkrnlpa!IofCallDriver[0x83C8D52F] -> \Device\Harddisk0\DR0[0x8716A778]

3 CLASSPNP[0x8C3A159E] -> ntkrnlpa!IofCallDriver[0x83C8D52F] -> [0x86C7E888]

5 ACPI[0x8BE3B3D4] -> ntkrnlpa!IofCallDriver[0x83C8D52F] -> \Device\Ide\IdeDeviceP2T0L0-3[0x863A2030]

kernel: MBR read successfully

user & kernel MBR OK

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by yannick at 27/07/2011 18:24:55

 

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

 

 

 

End of the scan (1831 lines in 02mn 54s)(0)

[pear]

Téléchargez AD-Remover sur le bureau

 

Déconnectez-vous et fermez toutes les applications en cours

Cliquer sur "Ad-R.exe" pour lancer l'installation et laisser les paramètres par défaut .

Une fenêtre s'affichera Vous prévenant des risques de l'utilisation de ce logiciel

Cliquez sur "OUI"

Double cliquer sur l'icône Ad-remover sur le bureau

Au menu principal choisir l'optionScanner et Validez

 

Patientez pendant le travail de l'outil.

Poster le rapport qui apparait à la fin .

Il est sauvegardé aussi sous C:\Ad-report.log

 

Ensuite

 

Relancer Ad- remover , choisir l'option Nettoyer

 

Il y aura 2 rapports à poster après :Scanner et Nettoyer

 

Une fois la désinfrction terminée, mais pas avant:

désinstaller AD-Remover, lancez avec l'option D puis supprimer l'icône du bureau.

 

 

 

 

Téléchargez MBAM

 

Branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)

Avant de lancer Mbam

Vous devez d'abord désactiver vos protections mais vous ne savez pas comment faire

Exécuter avec droits d'administrateur.

Sous Vista , désactiver l'Uac

 

Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.

Enregistrez le sur le bureau .

Fermer toutes les fenêtres et programmes

Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)

N'apportez aucune modification aux réglages par défaut et, en fin d'installation,

Vérifiez que les options Update et Launch soient cochées

MBAM démarrera automatiquement et enverra un message demandant de mettre à jour le programme avant de lancer une analyse.

cliquer sur OK pour fermer la boîte de dialogue..

Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:

Si le pare-feu demande l'autorisation de connecter MBAM, acceptez.

Une fois la mise à jour terminée, allez dans l'onglet Recherche.

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

.L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Et un fichier Mbam.log apparaitra

 

 

 

Nettoyage

Relancez Mbam(Malewares'Bytes)

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

Copiez-collez ce rapport dans la prochaine réponse.

 

 

Présentez ensuite un nouveau rapport Zhpdiag, svp.

[mimic8535]

voici le resultat de ad remover

 

 

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (SCAN [4]) -> Lancé à 20:39:21 le 27/07/2011, Mode normal

 

Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86)

yannick@YANNICK-PC (MSI MS-7369)

 

============== RECHERCHE ==============

 

 

Dossier trouvé: C:\Users\yannick\AppData\LocalLow\Toolbar4

 

-- Fichier ouvert: C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default\Prefs.js --

Ligne trouvée: user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...

Ligne trouvée: user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/897164/892962/FR", "\"0\"")...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", ...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3....

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5....

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091",...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2504091&octid=...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2504091/CT2504091...

Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"...

Ligne trouvée: user_pref("CommunityToolbar.EngineHiddenByUser", true);

Ligne trouvée: user_pref("CommunityToolbar.EngineOwner", "");

Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerGuid", "{ba14329e-9550-4989-b3f2-9732e92d17cc}");

Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "vuze_remote");

Ligne trouvée: user_pref("CommunityToolbar.IsEngineShown", false);

Ligne trouvée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);

Ligne trouvée: user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\yannick\\AppData\\Roaming\\Mozilla\...

Ligne trouvée: user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12");

Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2504091");

Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{ba14329e-9550-4989-b3f2-9732e92d17cc}");

Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "vuze_remote");

Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://toolbar.ask.com/toolbarv/askRedir...

Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT2504091");

Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT2504091");

Ligne trouvée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Apr 03 2011 15:35:52 GMT+02...

Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);

Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Apr 11 2011 14:54:09 GMT+0200");

Ligne trouvée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");

Ligne trouvée: user_pref("CommunityToolbar.alert.locale", "en");

Ligne trouvée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 00:12:59 GMT+0200");

Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");

Ligne trouvée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);

Ligne trouvée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");

Ligne trouvée: user_pref("CommunityToolbar.alert.showTrayIcon", false);

Ligne trouvée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

Ligne trouvée: user_pref("CommunityToolbar.alert.userId", "55d25f6c-d86d-4018-96e7-aec2eadd1ae2");

Ligne trouvée: user_pref("CommunityToolbar.globalUserId", "646b51f2-72b9-4bac-a224-a620000ed690");

Ligne trouvée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

Ligne trouvée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2504091");

Ligne trouvée: user_pref("CommunityToolbar.killedEngine", true);

Ligne trouvée: user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Jul 25 2011 16:29:1...

Ligne trouvée: user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);

Ligne trouvée: user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Jul 27 2011 19:46:48 GMT+020...

Ligne trouvée: user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");

Ligne trouvée: user_pref("CommunityToolbar.notifications.locale", "en");

Ligne trouvée: user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);

Ligne trouvée: user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Jul 27 2011 19:46:40 GMT+0200");

Ligne trouvée: user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559");

Ligne trouvée: user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);

Ligne trouvée: user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");

Ligne trouvée: user_pref("CommunityToolbar.notifications.showTrayIcon", false);

Ligne trouvée: user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);

Ligne trouvée: user_pref("CommunityToolbar.notifications.userId", "64473b46-ac14-474e-bbc4-61eb3f8c19b5");

Ligne trouvée: user_pref("CommunityToolbar.undefined", "");

Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask");

Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&Sea...

Ligne trouvée: user_pref("browser.search.order.1", "Ask");

Ligne trouvée: user_pref("extensions.Fissa.Uninstall.lastRunTime", "Sun, 21 Nov 2010 19:18:08 GMT");

Ligne trouvée: user_pref("extensions.Fissa.lastRunTime", "Mon, 08 Nov 2010 08:51:07 GMT");

Ligne trouvée: user_pref("extensions.snipit.askTbInstalled", true);

Ligne trouvée: user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&g...

Ligne trouvée: user_pref("extensions.snipit.history_query", "carto%20explorer=ASKURL=hxxp://www.ask.com/web?q=carto...

Ligne trouvée: user_pref("keyword.URL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q=");

-- Fichier Fermé --

 

 

Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit

 

 

============== SCAN ADDITIONNEL ==============

 

**** Mozilla Firefox Version [4.0 (fr)] ****

 

Plugins\npDivxPlayerPlugin.dll (DivX, Inc)

HKLM_MozillaPlugins\@nvidia.com/3DVision (x)

Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=9cc2e04000000000000000ffe929afc9&tlver=1.4.19.19&affID=16553/)

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Components\browsercomps.dll (Mozilla Foundation)

Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )

Extensions - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}" (?)

HKLM_Extensions|{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\

 

-- C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default --

Extensions\cacaoweb@cacaoweb.org (cacaoweb)

Extensions\maps@ovi.com (Ovi maps browser plugin)

Extensions\toolbar@mc.xul (Ma Galerie Marchande Mastercard)

Extensions\{038dc421-b19e-4711-a218-1fd10de9163b} (Add N Edit Cookies)

Extensions\{181F4BBC-2453-40D2-B42C-3135E3B07C7B} (Free software Gooofull toolbar)

Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)

Extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6} (Mega Manager Integration)

Extensions\{75493B06-1504-4976-9A55-B6FE240FF0BF} (Barre de Confiance)

Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar)

Searchplugins\munlock.xml (?)

Prefs.js - browser.download.dir, C:\\Users\\yannick\\Downloads

Prefs.js - browser.download.lastDir, C:\\Users\\yannick\\Desktop

Prefs.js - browser.search.defaultenginename, Ask

Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}

Prefs.js - browser.search.selectedEngine, Search the web (Babylon)

Prefs.js - browser.startup.homepage, hxxp://www.sfr.fr

Prefs.js - browser.startup.homepage_override.buildID, 20110318052756

Prefs.js - browser.startup.homepage_override.mstone, rv:2.0

Prefs.js - keyword.URL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q=

 

========================================

 

**** Internet Explorer Version [8.0.7601.17514] ****

 

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157

HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_URLSearchHooks|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll)

HKLM_URLSearchHooks|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll)

HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2E3B} - "Google Customized Web Search" (hxxp://www.gooofullsearch.com/google?q={searchTerms}&cx=partner-pub-644651472115...)

HKCU_SearchScopes\{10EDAC71-1851-473a-BE8E-5D77C8FE5129} - "Ask.com" (hxxp://www.ask.com/web?o=101450&l=dis&q={searchTerms})

HKCU_SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} - "Private Search" (hxxp://search.hotspotshield.com/g/results.php?c=s&q={searchTerms})

HKCU_Toolbar\WebBrowser|{F6AF0697-CE5D-4718-AC5E-6613B6B3DF09} (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll)

HKCU_Toolbar\WebBrowser|{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll)

HKLM_Toolbar|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll)

HKLM_Toolbar|{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll)

HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)

HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)

HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)

HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (x)

HKLM_ElevationPolicy\4aed5353-b216-4651-a7dc-a1d5eef1eefd - C:\Program Files\HotSpot_Shield_FR\HotSpot_Shield_FRToolbarHelper.exe (?)

HKLM_ElevationPolicy\b1226fbd-2bdd-4632-a5f0-897ea3eb7666 - C:\Program Files\HotSpot_Shield_FR\HotSpot_Shield_FRToolbarHelper.exe (?)

HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)

HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)

HKLM_ElevationPolicy\{11AF66E1-6BDE-4AA0-A061-65188608936B} - C:\Program Files\PDF Enhancer 3.5\PlayerPlug.exe (?)

HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)

HKLM_ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} - C:\Program Files\PDF Enhancer 3.5\TbHelper2.exe (?)

HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{973F1DA1-9BE8-49C1-A68D-EAA0D9847898} - C:\Program Files\PDF Enhancer 3.5\PropMgrAsync.exe (?)

HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR)

HKLM_ElevationPolicy\{BB8A9962-452A-4a00-814E-650B96EAA0D2} - C:\ProgramData\webex\atinst.exe (WebEx Communications, Inc)

HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)

HKLM_Extensions\{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - "Free software Gooofull toolbar" (C:\Program Files\PDF Enhancer 3.5\favicon.ico)

HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)

BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll)

BHO\{C4743D3E-20D7-4B52-84F2-5E4E277B2D82} - "BywifiBHO Class" (C:\Program Files\Bywifi\bywifiie.dll)

BHO\{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll)

BHO\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} - "TBSB07458 Class" (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 72 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 19 Fichier(s)

 

C:\Ad-Report-CLEAN[1].txt - 27/06/2011 11:45:58 (17442 Octet(s))

C:\Ad-Report-SCAN[1].txt - 27/06/2011 11:19:42 (20313 Octet(s))

C:\Ad-Report-SCAN[2].txt - 27/06/2011 11:37:11 (18403 Octet(s))

C:\Ad-Report-SCAN[3].txt - 27/06/2011 11:40:08 (18534 Octet(s))

C:\Ad-Report-SCAN[4].txt - 27/07/2011 20:39:24 (15060 Octet(s))

 

Fin à: 20:41:02, 27/07/2011

 

============== E.O.F ==============

[mimic8535]

resultat clean 1

 

 

 

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 11:45:54 le 27/06/2011, Mode normal

 

Microsoft Windows 7 Édition Intégrale (X86)

yannick@YANNICK-PC (MSI MS-7369)

 

============== ACTION(S) ==============

 

 

Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js

Fichier supprimé: C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default\searchplugins\ask.xml

Dossier supprimé: C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default\conduit

Fichier supprimé: C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default\searchplugins\conduit.xml

Fichier supprimé: C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default\searchplugins\fissa.xml

Dossier supprimé: C:\Users\yannick\AppData\LocalLow\Conduit

Dossier supprimé: C:\Program Files\Conduit

Dossier supprimé: C:\Users\yannick\AppData\Roaming\FissaSearch

Dossier supprimé: C:\Users\yannick\AppData\LocalLow\PriceGong

Dossier supprimé: C:\Users\yannick\AppData\LocalLow\Toolbar4

 

(!) -- Fichiers temporaires supprimés.

 

 

-- Fichier ouvert: C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default\Prefs.js --

Ligne supprimée: user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...

Ligne supprimée: user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/897164/892962/FR", "\"0\"")...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", ...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3....

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5....

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091",...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2504091/CT2504091...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"...

Ligne supprimée: user_pref("CommunityToolbar.EngineHiddenByUser", true);

Ligne supprimée: user_pref("CommunityToolbar.EngineOwner", "");

Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerGuid", "{ba14329e-9550-4989-b3f2-9732e92d17cc}");

Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "vuze_remote");

Ligne supprimée: user_pref("CommunityToolbar.IsEngineShown", false);

Ligne supprimée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);

Ligne supprimée: user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\yannick\\AppData\\Roaming\\Mozilla\...

Ligne supprimée: user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12");

Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2504091");

Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{ba14329e-9550-4989-b3f2-9732e92d17cc}");

Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "vuze_remote");

Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://toolbar.ask.com/toolbarv/askRedir...

Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT2504091");

Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2504091");

Ligne supprimée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Apr 03 2011 15:35:52 GMT+02...

Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);

Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Apr 11 2011 14:54:09 GMT+0200");

Ligne supprimée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");

Ligne supprimée: user_pref("CommunityToolbar.alert.locale", "en");

Ligne supprimée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 00:12:59 GMT+0200");

Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");

Ligne supprimée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);

Ligne supprimée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");

Ligne supprimée: user_pref("CommunityToolbar.alert.showTrayIcon", false);

Ligne supprimée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

Ligne supprimée: user_pref("CommunityToolbar.alert.userId", "55d25f6c-d86d-4018-96e7-aec2eadd1ae2");

Ligne supprimée: user_pref("CommunityToolbar.globalUserId", "646b51f2-72b9-4bac-a224-a620000ed690");

Ligne supprimée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

Ligne supprimée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2504091");

Ligne supprimée: user_pref("CommunityToolbar.killedEngine", true);

Ligne supprimée: user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Jun 27 2011 09:39:4...

Ligne supprimée: user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);

Ligne supprimée: user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Jun 27 2011 10:39:59 GMT+020...

Ligne supprimée: user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");

Ligne supprimée: user_pref("CommunityToolbar.notifications.locale", "en");

Ligne supprimée: user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);

Ligne supprimée: user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Jun 27 2011 09:39:43 GMT+0200");

Ligne supprimée: user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559");

Ligne supprimée: user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);

Ligne supprimée: user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");

Ligne supprimée: user_pref("CommunityToolbar.notifications.showTrayIcon", false);

Ligne supprimée: user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);

Ligne supprimée: user_pref("CommunityToolbar.notifications.userId", "64473b46-ac14-474e-bbc4-61eb3f8c19b5");

Ligne supprimée: user_pref("CommunityToolbar.undefined", "");

Ligne supprimée: user_pref("browser.search.defaultenginename", "Ask");

Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&Sea...

Ligne supprimée: user_pref("browser.search.order.1", "Ask");

Ligne supprimée: user_pref("extensions.Fissa.Uninstall.lastRunTime", "Sun, 21 Nov 2010 19:18:08 GMT");

Ligne supprimée: user_pref("extensions.Fissa.lastRunTime", "Mon, 08 Nov 2010 08:51:07 GMT");

Ligne supprimée: user_pref("extensions.snipit.askTbInstalled", true);

Ligne supprimée: user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&g...

Ligne supprimée: user_pref("extensions.snipit.history_query", "carto%20explorer=ASKURL=hxxp://www.ask.com/web?q=carto...

Ligne supprimée: user_pref("keyword.URL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q=");

-- Fichier Fermé --

 

 

Clé supprimée: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115

Clé supprimée: HKLM\Software\Classes\Toolbar.CT2565816

Clé supprimée: HKLM\Software\Conduit

Clé supprimée: HKCU\Software\Conduit

Clé supprimée: HKCU\Software\FissaSearch

Clé supprimée: HKCU\Software\Spointer

Clé supprimée: HKCU\Software\AppDataLow\Toolbar

Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit

Clé supprimée: HKCU\Software\AppDataLow\Software\PriceGong

Clé supprimée: HKLM\Software\Classes\Installer\Products\5B4758C25396ECF468E04F8E063287FF

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\5B4758C25396ECF468E04F8E063287FF

Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}

Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9}

Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C8574B5-6935-4FCE-860E-F4E8602378FF}

Clé supprimée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom

 

Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com

 

 

============== SCAN ADDITIONNEL ==============

 

**** Mozilla Firefox Version [5.0 (fr)] ****

 

Plugins\npDivxPlayerPlugin.dll (DivX, Inc)

HKLM_MozillaPlugins\@nvidia.com/3DVision (x)

Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=9cc2e04000000000000000ffe929afc9&tlver=1.4.19.19&affID=16553/)

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Components\browsercomps.dll (Mozilla Foundation)

Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )

Extensions - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}" (?)

HKLM_Extensions|{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\

 

-- C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default --

Extensions\cacaoweb@cacaoweb.org (cacaoweb)

Extensions\maps@ovi.com (Ovi maps browser plugin)

Extensions\toolbar@mc.xul (Ma Galerie Marchande Mastercard)

Extensions\{038dc421-b19e-4711-a218-1fd10de9163b} (Add N Edit Cookies)

Extensions\{181F4BBC-2453-40D2-B42C-3135E3B07C7B} (Free software Gooofull toolbar)

Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)

Extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6} (Mega Manager Integration)

Extensions\{75493B06-1504-4976-9A55-B6FE240FF0BF} (Barre de Confiance)

Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar)

Searchplugins\munlock.xml (?)

Prefs.js - browser.download.dir, C:\\Users\\yannick\\Downloads

Prefs.js - browser.download.lastDir, C:\\Users\\yannick\\Desktop

Prefs.js - browser.search.selectedEngine, Search the web (Babylon)

Prefs.js - browser.startup.homepage, about:home

Prefs.js - browser.startup.homepage_override.buildID, 20110615151330

Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

 

========================================

 

**** Internet Explorer Version [8.0.7600.16385] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_URLSearchHooks|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll)

HKLM_URLSearchHooks|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll)

HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2E3B} - "Google Customized Web Search" (hxxp://www.gooofullsearch.com/google?q={searchTerms}&cx=partner-pub-644651472115...)

HKCU_SearchScopes\{10EDAC71-1851-473a-BE8E-5D77C8FE5129} - "Ask.com" (hxxp://www.ask.com/web?o=101450&l=dis&q={searchTerms})

HKCU_SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} - "Private Search" (hxxp://search.hotspotshield.com/g/results.php?c=s&q={searchTerms})

HKCU_Toolbar\WebBrowser|{F6AF0697-CE5D-4718-AC5E-6613B6B3DF09} (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll)

HKCU_Toolbar\WebBrowser|{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll)

HKLM_Toolbar|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll)

HKLM_Toolbar|{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll)

HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)

HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)

HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)

HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (x)

HKLM_ElevationPolicy\4aed5353-b216-4651-a7dc-a1d5eef1eefd - C:\Program Files\HotSpot_Shield_FR\HotSpot_Shield_FRToolbarHelper.exe (?)

HKLM_ElevationPolicy\b1226fbd-2bdd-4632-a5f0-897ea3eb7666 - C:\Program Files\HotSpot_Shield_FR\HotSpot_Shield_FRToolbarHelper.exe (?)

HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)

HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)

HKLM_ElevationPolicy\{11AF66E1-6BDE-4AA0-A061-65188608936B} - C:\Program Files\PDF Enhancer 3.5\PlayerPlug.exe (?)

HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)

HKLM_ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} - C:\Program Files\PDF Enhancer 3.5\TbHelper2.exe (?)

HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{973F1DA1-9BE8-49C1-A68D-EAA0D9847898} - C:\Program Files\PDF Enhancer 3.5\PropMgrAsync.exe (?)

HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR)

HKLM_ElevationPolicy\{BB8A9962-452A-4a00-814E-650B96EAA0D2} - C:\ProgramData\webex\atinst.exe (WebEx Communications, Inc)

HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)

HKLM_Extensions\{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - "Free software Gooofull toolbar" (C:\Program Files\PDF Enhancer 3.5\favicon.ico)

HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)

BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll)

BHO\{C4743D3E-20D7-4B52-84F2-5E4E277B2D82} - "BywifiBHO Class" (C:\Program Files\Bywifi\bywifiie.dll)

BHO\{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll)

BHO\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} - "TBSB07458 Class" (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 72 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 18 Fichier(s)

 

C:\Ad-Report-CLEAN[1].txt - 27/06/2011 11:45:58 (17104 Octet(s))

C:\Ad-Report-SCAN[1].txt - 27/06/2011 11:19:42 (20313 Octet(s))

C:\Ad-Report-SCAN[2].txt - 27/06/2011 11:37:11 (18403 Octet(s))

C:\Ad-Report-SCAN[3].txt - 27/06/2011 11:40:08 (18534 Octet(s))

 

Fin à: 11:53:53, 27/06/2011

 

============== E.O.F ==============

 

clean 2

 

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 20:53:39 le 27/07/2011, Mode normal

 

Microsoft Windows 7 Édition Intégrale Service Pack 1 (X86)

yannick@YANNICK-PC (MSI MS-7369)

 

============== ACTION(S) ==============

 

 

Dossier supprimé: C:\Users\yannick\AppData\LocalLow\Toolbar4

 

(!) -- Fichiers temporaires supprimés.

 

 

-- Fichier ouvert: C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default\Prefs.js --

Ligne supprimée: user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...

Ligne supprimée: user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/897164/892962/FR", "\"0\"")...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", ...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3....

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5....

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091",...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2504091&octid=...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2504091/CT2504091...

Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"...

Ligne supprimée: user_pref("CommunityToolbar.EngineHiddenByUser", true);

Ligne supprimée: user_pref("CommunityToolbar.EngineOwner", "");

Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerGuid", "{ba14329e-9550-4989-b3f2-9732e92d17cc}");

Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "vuze_remote");

Ligne supprimée: user_pref("CommunityToolbar.IsEngineShown", false);

Ligne supprimée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);

Ligne supprimée: user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\yannick\\AppData\\Roaming\\Mozilla\...

Ligne supprimée: user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12");

Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2504091");

Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{ba14329e-9550-4989-b3f2-9732e92d17cc}");

Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "vuze_remote");

Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://toolbar.ask.com/toolbarv/askRedir...

Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT2504091");

Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2504091");

Ligne supprimée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Apr 03 2011 15:35:52 GMT+02...

Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);

Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Apr 11 2011 14:54:09 GMT+0200");

Ligne supprimée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");

Ligne supprimée: user_pref("CommunityToolbar.alert.locale", "en");

Ligne supprimée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 00:12:59 GMT+0200");

Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");

Ligne supprimée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);

Ligne supprimée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");

Ligne supprimée: user_pref("CommunityToolbar.alert.showTrayIcon", false);

Ligne supprimée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

Ligne supprimée: user_pref("CommunityToolbar.alert.userId", "55d25f6c-d86d-4018-96e7-aec2eadd1ae2");

Ligne supprimée: user_pref("CommunityToolbar.globalUserId", "646b51f2-72b9-4bac-a224-a620000ed690");

Ligne supprimée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

Ligne supprimée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2504091");

Ligne supprimée: user_pref("CommunityToolbar.killedEngine", true);

Ligne supprimée: user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Jul 25 2011 16:29:1...

Ligne supprimée: user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);

Ligne supprimée: user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Jul 27 2011 19:46:48 GMT+020...

Ligne supprimée: user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");

Ligne supprimée: user_pref("CommunityToolbar.notifications.locale", "en");

Ligne supprimée: user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);

Ligne supprimée: user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Jul 27 2011 19:46:40 GMT+0200");

Ligne supprimée: user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559");

Ligne supprimée: user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);

Ligne supprimée: user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");

Ligne supprimée: user_pref("CommunityToolbar.notifications.showTrayIcon", false);

Ligne supprimée: user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);

Ligne supprimée: user_pref("CommunityToolbar.notifications.userId", "64473b46-ac14-474e-bbc4-61eb3f8c19b5");

Ligne supprimée: user_pref("CommunityToolbar.undefined", "");

Ligne supprimée: user_pref("browser.search.defaultenginename", "Ask");

Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&Sea...

Ligne supprimée: user_pref("browser.search.order.1", "Ask");

Ligne supprimée: user_pref("extensions.Fissa.Uninstall.lastRunTime", "Sun, 21 Nov 2010 19:18:08 GMT");

Ligne supprimée: user_pref("extensions.Fissa.lastRunTime", "Mon, 08 Nov 2010 08:51:07 GMT");

Ligne supprimée: user_pref("extensions.snipit.askTbInstalled", true);

Ligne supprimée: user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&g...

Ligne supprimée: user_pref("extensions.snipit.history_query", "carto%20explorer=ASKURL=hxxp://www.ask.com/web?q=carto...

Ligne supprimée: user_pref("keyword.URL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q=");

-- Fichier Fermé --

 

 

Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit

 

 

============== SCAN ADDITIONNEL ==============

 

**** Mozilla Firefox Version [4.0 (fr)] ****

 

Plugins\npDivxPlayerPlugin.dll (DivX, Inc)

HKLM_MozillaPlugins\@nvidia.com/3DVision (x)

Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=9cc2e04000000000000000ffe929afc9&tlver=1.4.19.19&affID=16553/)

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Components\browsercomps.dll (Mozilla Foundation)

Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )

Extensions - "{AB2CE124-6272-4b12-94A9-7303C7397BD1}" (?)

HKLM_Extensions|{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\

 

-- C:\Users\yannick\AppData\Roaming\Mozilla\FireFox\Profiles\ql6pwsec.default --

Extensions\cacaoweb@cacaoweb.org (cacaoweb)

Extensions\maps@ovi.com (Ovi maps browser plugin)

Extensions\toolbar@mc.xul (Ma Galerie Marchande Mastercard)

Extensions\{038dc421-b19e-4711-a218-1fd10de9163b} (Add N Edit Cookies)

Extensions\{181F4BBC-2453-40D2-B42C-3135E3B07C7B} (Free software Gooofull toolbar)

Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)

Extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6} (Mega Manager Integration)

Extensions\{75493B06-1504-4976-9A55-B6FE240FF0BF} (Barre de Confiance)

Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar)

Searchplugins\munlock.xml (?)

Prefs.js - browser.download.dir, C:\\Users\\yannick\\Downloads

Prefs.js - browser.download.lastDir, C:\\Users\\yannick\\Desktop

Prefs.js - browser.search.selectedEngine, Search the web (Babylon)

Prefs.js - browser.startup.homepage, hxxp://www.sfr.fr

Prefs.js - browser.startup.homepage_override.buildID, 20110318052756

Prefs.js - browser.startup.homepage_override.mstone, rv:2.0

 

========================================

 

**** Internet Explorer Version [8.0.7601.17514] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_URLSearchHooks|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll)

HKLM_URLSearchHooks|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll)

HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2E3B} - "Google Customized Web Search" (hxxp://www.gooofullsearch.com/google?q={searchTerms}&cx=partner-pub-644651472115...)

HKCU_SearchScopes\{10EDAC71-1851-473a-BE8E-5D77C8FE5129} - "Ask.com" (hxxp://www.ask.com/web?o=101450&l=dis&q={searchTerms})

HKCU_SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} - "Private Search" (hxxp://search.hotspotshield.com/g/results.php?c=s&q={searchTerms})

HKCU_Toolbar\WebBrowser|{F6AF0697-CE5D-4718-AC5E-6613B6B3DF09} (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll)

HKCU_Toolbar\WebBrowser|{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll)

HKLM_Toolbar|{f6af0697-ce5d-4718-ac5e-6613b6b3df09} (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll)

HKLM_Toolbar|{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll)

HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)

HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)

HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)

HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (x)

HKLM_ElevationPolicy\4aed5353-b216-4651-a7dc-a1d5eef1eefd - C:\Program Files\HotSpot_Shield_FR\HotSpot_Shield_FRToolbarHelper.exe (?)

HKLM_ElevationPolicy\b1226fbd-2bdd-4632-a5f0-897ea3eb7666 - C:\Program Files\HotSpot_Shield_FR\HotSpot_Shield_FRToolbarHelper.exe (?)

HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)

HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)

HKLM_ElevationPolicy\{11AF66E1-6BDE-4AA0-A061-65188608936B} - C:\Program Files\PDF Enhancer 3.5\PlayerPlug.exe (?)

HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?)

HKLM_ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} - C:\Program Files\PDF Enhancer 3.5\TbHelper2.exe (?)

HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{973F1DA1-9BE8-49C1-A68D-EAA0D9847898} - C:\Program Files\PDF Enhancer 3.5\PropMgrAsync.exe (?)

HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR)

HKLM_ElevationPolicy\{BB8A9962-452A-4a00-814E-650B96EAA0D2} - C:\ProgramData\webex\atinst.exe (WebEx Communications, Inc)

HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?)

HKLM_Extensions\{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - "Free software Gooofull toolbar" (C:\Program Files\PDF Enhancer 3.5\favicon.ico)

HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)

BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll)

BHO\{C4743D3E-20D7-4B52-84F2-5E4E277B2D82} - "BywifiBHO Class" (C:\Program Files\Bywifi\bywifiie.dll)

BHO\{f6af0697-ce5d-4718-ac5e-6613b6b3df09} - "HotSpot Shield FR Toolbar" (C:\Program Files\HotSpot_Shield_FR\tbHot1.dll)

BHO\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} - "TBSB07458 Class" (C:\Program Files\PDF Enhancer 3.5\tbcore3.dll)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 72 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 33 Fichier(s)

 

C:\Ad-Report-CLEAN[1].txt - 27/06/2011 11:45:58 (17442 Octet(s))

C:\Ad-Report-CLEAN[2].txt - 27/07/2011 20:53:44 (14902 Octet(s))

C:\Ad-Report-SCAN[1].txt - 27/06/2011 11:19:42 (20313 Octet(s))

C:\Ad-Report-SCAN[2].txt - 27/06/2011 11:37:11 (18403 Octet(s))

C:\Ad-Report-SCAN[3].txt - 27/06/2011 11:40:08 (18534 Octet(s))

C:\Ad-Report-SCAN[4].txt - 27/07/2011 20:39:24 (15199 Octet(s))

 

Fin à: 21:01:40, 27/07/2011

 

============== E.O.F ==============

[pear]

Oui.

Et la suite ?

[mimic8535]

c'est en cour

[mimic8535]

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

 

Version de la base de données: 7299

 

Windows 6.1.7601 Service Pack 1

Internet Explorer 8.0.7601.17514

 

27/07/2011 22:51:27

mbam-log-2011-07-27 (22-51-27).txt

 

Type d'examen: Examen complet (C:\|D:\|E:\|)

Elément(s) analysé(s): 367437

Temps écoulé: 1 heure(s), 14 minute(s), 32 seconde(s)

 

Processus mémoire infecté(s): 1

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 1

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 10

 

Processus mémoire infecté(s):

c:\program files\ESET\minodlogin\minodlogin.exe (Riskware.KG) -> 2068 -> Not selected for removal.

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MiNODLogin (Riskware.KG) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

c:\program files\ESET\minodlogin\minodlogin.exe (Riskware.KG) -> Not selected for removal.

c:\program files\ESET\minodlogin\minodloginuninst.exe (Riskware.KG) -> Not selected for removal.

c:\program files\MAGIX\video_deluxe_16_premium\blz-magix.video.deluxe.16.premium.exe (PUP.Hacktool.Patcher) -> Not selected for removal.

c:\Qoobox\quarantine\C\program files\ESET\minodlogin\minodlogin.exe.vir (Riskware.KG) -> Quarantined and deleted successfully.

c:\Qoobox\quarantine\C\program files\ESET\minodlogin\minodloginuninst.exe.vir (Riskware.KG) -> Quarantined and deleted successfully.

c:\Qoobox\quarantine\C\Users\yannick\AppData\Roaming\windowsupdate\windowsupdate.exe.vir (Trojan.Banker) -> Quarantined and deleted successfully.

c:\Users\yannick\Desktop\xvid_setup1.2.2-win32.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

d:\LOGICIEL\ghost\ngh15.0+keygen_recovery\ngh15.0+keygen_recovery\KEYGEN\keygen.exe (Trojan.Agent) -> Not selected for removal.

d:\LOGICIEL\antivirus\nod32 4 64 bit\nod32 4 64 bit\minodlogin\elf 3.9.7.0.exe (Riskware.KG) -> Not selected for removal.

d:\LOGICIEL\utilitaire disque dur ubcd\disk director suite 10 fr by gl4t0r\acronis keygen.exe (RiskWare.Tool.HCK) -> Not selected for removal.

[pear]

Bonjour,

 

Il restera vos cracks à supprimer.

A défaut, mon aide s'arrêtera là.