Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Messages recommandés

Posté(e) (modifié)

Bonjour,

 

Je sollicite votre aide car mon pc depuis 2 mois commence à ramer, j'ai formaté le tout mais toujours le même problème. ci-dessous le rapport ZHPDIAG

 

Je vous remercie d'avance

 

 

Rapport de ZHPDiag v1.28.1322 par Nicolas Coolman, Update du 10/08/2011

Run by Hicham at 11/08/2011 03:16:56

Web site : ZHPDiag Outil de diagnostic

 

 

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421

MFIE: Mozilla Firefox 5.0.1 v5.0.1

 

---\\ Windows Product Information

Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

~ Windows® 7, OEM_SLP channel

System Locked Preinstallation (OEM_SLP) : OK

Windows ID Activation : OK

~ Windows Partial Key : P4K27

Windows License : OK

~ Windows Remaining Initializations Number : 4

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

 

---\\ System Information

~ Processor: Intel64 Family 6 Model 23 Stepping 6, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 4086 MB (44% free)

System Restore: Activé (Enable)

System drive C: has 49 GB (47%) free of 103 GB

 

---\\ Logged in mode

~ Computer Name: HICHAM-PC

~ User Name: Hicham

~ All Users Names: HomeGroupUser$, Hicham, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

 

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\Hicham\AppData\Roaming\

~ %Desktop% : C:\Users\Hicham\Desktop\

~ %Favorites% : C:\Users\Hicham\Favorites\

~ %LocalAppData% : C:\Users\Hicham\AppData\Local\

~ %StartMenu% : C:\Users\Hicham\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 49 Go of 103 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 37 Go of 98 Go)

E:\ Hard drive, Flash drive, Thumb drive (Free 9 Go of 98 Go)

F:\ CD-ROM drive (Not Inserted)

G:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

~ Scan Security Center in 00mn 00s

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.17/07/2011 - 06:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.13/07/2009 - 01:39:31.) -- C:\Windows\system32\rundll32.exe [45568]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.13/07/2009 - 01:39:52.) -- C:\Windows\system32\Wininit.exe [129024]

[MD5.1BF2BCC7E3C26FD4C8EF0C9EFB0CC25D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17/07/2011 - 13:58:08.) -- C:\Windows\system32\wininet.dll [1389056]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.18/07/2011 - 13:25:30.) -- C:\Windows\system32\Winlogon.exe [390656]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 01:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]

[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.18/07/2011 - 06:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.18/07/2011 - 13:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448]

[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.18/07/2011 - 13:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]

~ Scan Generic Processes in 00mn 00s

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 1/13

~ Mes musiques (My Musics) : 3/23

~ Mes Favoris (My Favorites) : 3/26

~ Mes Documents (My Documents) : 2/167

~ Mon Bureau (My Desktop) : 1/98

~ Menu demarrer (Programs) : 7/46

~ Scan Hidden Files in 00mn 01s

 

 

 

---\\ Processus lancés

[MD5.10473F2EABE48FC48C9A7EF7C9F4CF5E] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3298712] [PID.3384]

[MD5.06F4A11B74482F3C4E4B91E68A23EEDE] - (.Nokia - Nokia Ovi Suite.) -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [966712] [PID.3396]

[MD5.6FBBB73BE9FB38389AB73F38828A9CAC] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [13351304] [PID.3588]

[MD5.341FD9D4258C8BBB28F7002A74220B78] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [276328] [PID.3728]

[MD5.A3A2C283672BCAD80306CFECFD3B63A1] - (.AVM Software Inc. - Paltalk Messenger.) -- C:\Program Files (x86)\Paltalk Messenger\paltalk.exe [13688072] [PID.3748]

[MD5.BF91B68606862A32CAB13C24A24DD9A9] - (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224] [PID.3764]

[MD5.2718DC27571BD1E37813F5759D2DC118] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [202296] [PID.]

[MD5.D5D5EA09EE061AFE1857B8EE2BD451DC] - (.Nokia - Nokia M Platform.) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe [1540096] [PID.3872]

[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [54576] [PID.3908]

[MD5.3723BEE455A04038B039A712115C4CF7] - (.Microsoft Corp. - Barre d'outils Bing®.) -- C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe [243544] [PID.4020]

[MD5.47C1DE0A890613FFCFF1D67648EEDF90] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920] [PID.3160]

[MD5.A3A82800FF19B26B94D2327A2F11067E] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [821144] [PID.488]

[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.3136]

[MD5.76D94909D7CD006062F29DA7DD5112F2] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248] [PID.3508]

[MD5.B114DB354D13A21C1AC2B1807EE2F500] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [273544] [PID.3928]

[MD5.95D2D473B44D5245F87FCDD6646A89F7] - (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe [800768] [PID.2272]

[MD5.207B16FA69F61D1895F8D8532F587E4B] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [263600] [PID.2764]

[MD5.42DAE6621F73425EF2D9B03E1F7E77F9] - (.Nokia - Microsoft Bluetooth Media Server.) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe [140288] [PID.4792]

[MD5.2CE8F1C52F490875592166316C512B6F] - (.Skype Technologies - Skype Extras Manager.) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe [80256] [PID.4304]

[MD5.0BFF62B4C44F10850F651BE928950AB4] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [174952] [PID.5004]

[MD5.B8D0F6BBE420C93491CAD77ADE5026A0] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [565096] [PID.3756]

[MD5.FEC368494BB89E978553A84C4A2D5A76] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [367976] [PID.5784]

[MD5.FDE6DA67628FB7B763336B6952CF6C3C] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736] [PID.6188]

[MD5.73708319A8673E43670A1A334B2D96AC] - (.Google Inc. - Google Chrome.) -- C:\Users\Hicham\AppData\Local\Google\Chrome\Application\chrome.exe [1012792] [PID.2416]

[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- C:\Windows\SysWOW64\rundll32.exe [44544] [PID.8968]

[MD5.BFF67166267E2FAE0589C3F992EAA1A5] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [664576] [PID.8980]

[MD5.11A52CF7B265631DEEB24C6149309EFF] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64952] [PID.]

[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [322120] [PID.]

[MD5.8C1F87F5FDD92229D1754B98F073913F] - (.Nokia - ServiceLayer Module.) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [633856] [PID.]

[MD5.9D1CCE440552500DED3A62F9D779CDB4] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [503080] [PID.]

[MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664] [PID.]

[MD5.C5A75EB48E2344ABDC162BDA79E16841] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384] [PID.]

~ Scan Processes Running in 00mn 05s

 

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\Hicham\AppData\Local\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] None

G2 - GCE: Preference [user Data\Default] [bfipfkeoidmndggnnpobeenlamiclald] FB Chat Sidebar Disabler v.1.8 (Activé)

G2 - GCE: Preference [user Data\Default] [dchlnpcodkpfdpacogkljefecpegganj] Analyse des liens (URL Advisor) v.12.0.0.397 (Activé)

G2 - GCE: Preference [user Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.5 (Activé)

~ Scan Google Browser in 00mn 00s

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

M2 - MFEP: prefs.js [Hicham - h1qxre1n.default\{0b38152b-1b20-484d-a11f-5e04a9b0661f}] [] Winamp Toolbar v5.6.16.1 (.AOL Inc..)

P2 - FPN:Firefox Plugin Navigator . (.AOL LLC - npdnu.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdnu.dll

P2 - FPN:Firefox Plugin Navigator . (.AOL LLC - npdnupdater2.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdnupdater2.dll

P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppl3260.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nprjplug.dll

P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 12.0.1.660.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nprpjplug.dll

P2 - FPN:Firefox Plugin Navigator . (.Nullsoft, Inc. - Winamp Application Detector.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npwachk.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll

P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.dll

P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\Hicham\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

~ Scan Firefox Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MessFrance.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R0 - HKUS\S-1-5-21-1628572374-954855793-4127328231-1001\Software\Microsoft\Internet Explorer\Main,Start Page = MessFrance.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Camfrog Web Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKUS\S-1-5-21-1628572374-954855793-4127328231-1001\Software\Microsoft\Internet Explorer\Main,Search Page = Camfrog Web Search

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

~ Scan IE Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

 

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Redirection du fichier Hosts (O1)

O1 - Hosts: 0.0.0.0 localhost

O1 - Hosts: 0.0.0.0 localhost

O1 - Hosts: e-product-registration.html

O1 - Hosts: ml

O1 - Hosts: html

O1 - Hosts: 2cba06859c3dcd87b47525e97a3b80

O1 - Hosts: ml?NeroSID=392cba06859c3dcd87b47525e97a3

O1 - Hosts: b80

O1 - Hosts: e-product-registration.html?NeroSID=392c

O1 - Hosts: ba06859c3dcd87b47525e97a3b80

O1 - Hosts: ml&sa=X&oi=smap&resnum=1&ct=result&cd=6&

O1 - Hosts: usg=AFQjCNFRzc_q0umeKlIj7pPYNNBYCFbXkg

~ Scan Hosts File in 00mn 00s

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll

O2 - BHO: IEVkbdBHO [64Bits] - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} . (.Kaspersky Lab ZAO - IE Virtual Keyboard.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll

O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: link filter bho [64Bits] - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - WebToolBar component.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll

O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll

O2 - BHO: HP Print Enhancer [64Bits] - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: ContributeBHO Class [64Bits] - {074C1DC5-9320-4A9A-947D-C042949C6216} . (.Adobe Systems, Inc. - Contribute IE Plugin.) -- C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Winamp Toolbar Loader [64Bits] - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} . (.AOL Inc. - Winamp Toolbar IE Dynamic Link Library.) -- C:\Program Files (x86)\Winamp Toolbar\winamptb.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer [64Bits] - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugi

O2 - BHO: IEVkbdBHO [64Bits] - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} . (.Kaspersky Lab ZAO - IE Virtual Keyboard.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll

O2 - BHO: Search Helper [64Bits] - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\

O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper [64Bits] - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Camfrog Toolbar [64Bits] - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} . (.Camshare LC - Camfrog Toolbar IE Plugin.) -- C:\Program Files (x86)\Camfrog\CamfrogBar\CamfrogBar.dll

O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Bing Bar BHO [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation - Bing Bar.) -- C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: link filter bho [64Bits] - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - WebToolBar component.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll

O2 - BHO: SmartSelect [64Bits] - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: HP Smart BHO Class [64Bits] - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

~ Scan BHO in 00mn 00s

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [bCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

O4 - HKLM\..\Run: [sigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (.not file.)

O4 - HKCU\..\Run: [iDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe

O4 - HKCU\..\Run: [NokiaOviSuite2] . (.Nokia - Nokia Ovi Suite.) -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Hicham\AppData\Local\Facebook\Update\FacebookUpdate.exe

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O4 - HKCU\..\Run: [PoivY] . (.PoivY - Client to make VoIP calls..) -- C:\Program Files (x86)\PoivY.com\PoivY\PoivY.exe

O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe

O4 - HKCU\..\Run: [X-Lite 4] . (.CounterPath - X-Lite 4.) -- C:\Program Files (x86)\CounterPath\X-Lite 4\X-Lite4.exe

O4 - HKCU\..\Run: [Camfrog] . (.Camshare Inc. - Camfrog Launcher.) -- C:\Program Files (x86)\Camfrog\Camfrog Video Chat\CamfrogNet.exe

O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe

O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe

O4 - HKLM\..\Wow6432Node\Run: [NokiaMServer] Clé orpheline

O4 - HKLM\..\Wow6432Node\Run: [bing Bar] . (.Microsoft Corp. - Barre d'outils Bing®.) -- C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe

O4 - HKLM\..\Wow6432Node\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe

O4 - HKLM\..\Wow6432Node\Run: [NokiaMusic FastStart] Clé orpheline

O4 - HKLM\..\Wow6432Node\Run: [switchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5.5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5.5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe

O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe

O4 - HKLM\..\Wow6432Node\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe

O4 - HKLM\..\Wow6432Node\Run: [WinampAgent] . (.Nullsoft, Inc. - Winamp Agent.) -- C:\Program Files (x86)\Winamp\winampa.exe

O4 - HKLM\..\Wow6432Node\Run: [PlusService] . (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-1628572374-954855793-4127328231-1001\..\Run: [iDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe

O4 - HKUS\S-1-5-21-1628572374-954855793-4127328231-1001\..\Run: [NokiaOviSuite2] . (.Nokia - Nokia Ovi Suite.) -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

O4 - HKUS\S-1-5-21-1628572374-954855793-4127328231-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Hicham\AppData\Local\Facebook\Update\FacebookUpdate.exe

O4 - HKUS\S-1-5-21-1628572374-954855793-4127328231-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-21-1628572374-954855793-4127328231-1001\..\Run: [PoivY] . (.PoivY - Client to make VoIP calls..) -- C:\Program Files (x86)\PoivY.com\PoivY\PoivY.exe

O4 - HKUS\S-1-5-21-1628572374-954855793-4127328231-1001\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe

O4 - HKUS\S-1-5-21-1628572374-954855793-4127328231-1001\..\Run: [X-Lite 4] . (.CounterPath - X-Lite 4.) -- C:\Program Files (x86)\CounterPath\X-Lite 4\X-Lite4.exe

O4 - HKUS\S-1-5-21-1628572374-954855793-4127328231-1001\..\Run: [Camfrog] . (.Camshare Inc. - Camfrog Launcher.) -- C:\Program Files (x86)\Camfrog\Camfrog Video Chat\CamfrogNet.exe

O4 - HKUS\S-1-5-21-1628572374-954855793-4127328231-1001\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Scan Application in 00mn 00s

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\Hicham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Hicham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Hicham\Desktop\1st Mass Mailer.lnk . (...) -- C:\Program Files (x86)\1st Mass Mailer\mailer.exe

O4 - Global Startup: C:\Users\Hicham\Desktop\Camfrog Video Chat 3.92.lnk . (.Camshare Inc..) -- C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe

O4 - Global Startup: C:\Users\Hicham\Desktop\Camfrog Video Chat 6.1.lnk . (.Camshare Inc..) -- C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe

O4 - Global Startup: C:\Users\Hicham\Desktop\Estime - Raccourci.lnk . (...) -- D:\Classement\Musique\Relaxation\Estime

O4 - Global Startup: C:\Users\Hicham\Desktop\EVEREST Ultimate Edition.lnk . (.Lavalys, Inc..) -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe

O4 - Global Startup: C:\Users\Hicham\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\Hicham\AppData\Local\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\Hicham\Desktop\Paltalk Messenger.lnk . (.AVM Software Inc..) -- C:\Program Files (x86)\Paltalk Messenger\paltalk.exe

O4 - Global Startup: C:\Users\Hicham\Desktop\Plus World.lnk . (...) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusDesktop.exe

O4 - Global Startup: C:\Users\Hicham\Desktop\PoivY.lnk . (.PoivY.) -- C:\Program Files (x86)\PoivY.com\PoivY\PoivY.exe

O4 - Global Startup: C:\Users\Hicham\Desktop\Sarbacane 3.lnk . (.Sarbacane Software.) -- C:\Program Files (x86)\Sarbacane Software\Sarbacane 3\Sarbacane 3.exe

O4 - Global Startup: C:\Users\Hicham\Desktop\SocksChain.lnk . (.Ufasoft.) -- C:\Program Files (x86)\Ufasoft\SocksChain\SocksChain.exe

O4 - Global Startup: C:\Users\Hicham\Desktop\Upgrade to Paltalk Extreme.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Hicham\Desktop\Web Acappella.lnk . (...) -- C:\Program Files (x86)\Intuisphere\Web Acappella\WebAcappella.exe

O4 - Global Startup: C:\Users\Hicham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Camfrog Video Chat 3.92.lnk . (.Camshare Inc..) -- C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe

O4 - Global Startup: C:\Users\Hicham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Camfrog Video Chat 6.1.lnk . (.Camshare Inc..) -- C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe

O4 - Global Startup: C:\Users\Hicham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Hicham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk . (...) -- C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (.not file.)

O4 - Global Startup: C:\Users\Hicham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nokia Ovi Player.lnk . (.Macrovision Corporation.) -- C:\Windows\Installer\{1226B9A5-FBFD-4120-9AED-08CABCDAF3AB}\NewShortcut2_CDF681E133824FFDB6C41A0530C561D5

O4 - Global Startup: C:\Users\Hicham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk . (.Nullsoft, Inc..) -- C:\Program Files (x86)\Winamp\winamp.exe

O4 - Global Startup: C:\Users\Hicham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files (x86)\uTorrent\uTorrent.exe

~ Scan Global Startup in 00mn 01s

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: &Envoyer à OneNote . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll

O8 - Extra context menu item: Ajouter à l'Anti-bannière . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~2\Office14\EXCEL.exe

O8 - Extra context menu item: Télécharger avec IDM . (...) -- C:\Program Files (x86)\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: Télécharger tous les liens avec IDM . (...) -- C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm

~ Scan IE Menu Contextuel in 00mn 00s

 

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll

O9 - Extra button: &Envoyer à OneNote [64Bits] - {4248FE82-7FCB-46AC-B270-339F08212110} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\kbrd.ico

O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBTTN~1.dll

O9 - Extra button: Notes &liées OneNote [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\logo.ico

~ Scan IE Extra Buttons in 00mn 00s

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000010\Winsock LSP File . (.Pas de propriétaire - Proxifier Namespace Service Provider.) -- C:\Windows\system32\PrxerNsp.dll

O10 - WLSP:\000000000011\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll

~ Scan Winsock in 00mn 00s

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{549CF85A-F419-4398-BBDA-8308B15C7B68}: NameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{549CF85A-F419-4398-BBDA-8308B15C7B68}: NameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{549CF85A-F419-4398-BBDA-8308B15C7B68}: NameServer = 192.168.1.1

~ Scan Domain in 00mn 00s

 

 

 

---\\ Protocole additionnel (O18)

O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL

O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: mso-offdap11 [64Bits] - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: skype-ie-addon-data [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: text/xml [64Bits] - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

~ Scan Protocole Additionnel in 00mn 00s

 

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll

O20 - Winlogon Notify: klogon . (.Kaspersky Lab ZAO - Logon Visualizer.) -- C:\Windows\System32\klogon.dll

~ Scan Winlogon in 00mn 00s

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ Scan SSODL in 00mn 00s

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Kaspersky Anti-Virus Service (AVP) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe

O23 - Service: C:\Program Files (x86)\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: SigmaTel Audio Service (STacSV) . (.SigmaTel, Inc. - STacSV Module.) - C:\Program Files (x86)\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe

~ Scan Services in 00mn 01s

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1628572374-954855793-4127328231-1001Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1628572374-954855793-4127328231-1001UA.job

[MD5.393F021E2A9FA19AC94BA4482E32FC6C] [APT] [AdobeAAMUpdater-1.0-Hicham-PC-Hicham] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

[MD5.FCC7C432FBF465C38FD5D940580EF9B7] [APT] [FacebookUpdateTaskUserS-1-5-21-1628572374-954855793-4127328231-1001Core] (.Facebook Inc..) -- C:\Users\Hicham\AppData\Local\Facebook\Update\FacebookUpdate.exe

[MD5.FCC7C432FBF465C38FD5D940580EF9B7] [APT] [FacebookUpdateTaskUserS-1-5-21-1628572374-954855793-4127328231-1001UA] (.Facebook Inc..) -- C:\Users\Hicham\AppData\Local\Facebook\Update\FacebookUpdate.exe

[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] [APT] [Java Update Scheduler] (.Sun Microsystems, Inc..) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

[MD5.47C1DE0A890613FFCFF1D67648EEDF90] [APT] [Programme de mise … jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] [APT] [Programme de mise … jour en ligne de HP.] (.Hewlett-Packard.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

[MD5.B114DB354D13A21C1AC2B1807EE2F500] [APT] [Programme de mise … jour en ligne de Real Player] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe

[MD5.FD8DCAE8AAE888D8BAD0E6C2DAAAFB6D] [APT] [RealUpgradeLogonTaskS-1-5-21-1628572374-954855793-4127328231-1001] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe

[MD5.FD8DCAE8AAE888D8BAD0E6C2DAAAFB6D] [APT] [RealUpgradeScheduledTaskS-1-5-21-1628572374-954855793-4127328231-1001] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe

[MD5.6FBBB73BE9FB38389AB73F38828A9CAC] [APT] [{11CBBF86-D444-48B9-AE7F-E8DC506798AA}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

[MD5.73708319A8673E43670A1A334B2D96AC] [APT] [{14F271CC-DCED-43EF-A0F7-B6AC66F06895}] (.Google Inc..) -- c:\users\Hicham\appdata\local\google\chrome\application\chrome.exe

[MD5.73708319A8673E43670A1A334B2D96AC] [APT] [{FB36FAF2-A8FA-465A-A4FB-11CAB3DAD949}] (.Google Inc..) -- c:\users\Hicham\appdata\local\google\chrome\application\chrome.exe

[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe

~ Scan Scheduled Task in 00mn 13s

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys

O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\system32\drivers\csc.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys

O41 - Driver: (kl2) . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - C:\Windows\system32\DRIVERS\kl2.sys

O41 - Driver: (KLIF) . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) - C:\Windows\system32\DRIVERS\klif.sys

O41 - Driver: (KLIM6) . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - C:\Windows\system32\DRIVERS\klim6.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys

O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\system32\DRIVERS\serial.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys

~ Scan Drivers in 00mn 04s

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: 1st Mass Mailer - (.IM Soft, Ltd..) [HKLM] -- 1st Mass Mailer_is1

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O42 - Logiciel: Adobe Content Viewer - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.dmp.contentviewer

O42 - Logiciel: Adobe Creative Suite 5.5 Master Collection - (.Adobe Systems Incorporated.) [HKLM] -- {D57FC112-312E-4D70-860F-2DB8FB6858F0}

O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player

O42 - Logiciel: Adobe Story - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O42 - Logiciel: Adobe Widget Browser - (.Adobe Systems Incorporated..) [HKLM] -- com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1

O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM] -- Broadcom 802.11 Network Adapter

O42 - Logiciel: Camfrog IE Toolbar 1.0.29 - (.Pas de propriétaire.) [HKLM] -- CamfrogBar

O42 - Logiciel: Camfrog Video Chat 3.92 (remove only) - (.Pas de propriétaire.) [HKLM] -- Camfrog 3.92

O42 - Logiciel: Camfrog Video Chat 6.1 - (.Camshare Inc..) [HKLM] -- Camfrog 6.1

O42 - Logiciel: Definition update for Microsoft Office 2010 (KB982726) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{724A53A0-55A9-4A1B-B518-B089CD6DF345}

O42 - Logiciel: Download Updater (AOL LLC) - (.Pas de propriétaire.) [HKLM] -- SoftwareUpdUtility

O42 - Logiciel: Détection de l'application Winamp - (.Nullsoft, Inc.) [HKCU] -- Winamp Detect

O42 - Logiciel: EVEREST Ultimate Edition v5.50 - (.Lavalys, Inc..) [HKLM] -- EVEREST Ultimate Edition_is1

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome

O42 - Logiciel: HP Customer Participation Program 14.0 - (.HP.) [HKLM] -- HPExtendedCapabilities

O42 - Logiciel: HP Document Manager 2.0 - (.HP.) [HKLM] -- HP Document Manager

O42 - Logiciel: HP Imaging Device Functions 14.0 - (.HP.) [HKLM] -- HP Imaging Device Functions

O42 - Logiciel: HP Officejet 6500 E709 Series - (.HP.) [HKLM] -- {58D79E62-CFC8-4331-8469-3A1B16E1769C}

O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing

O42 - Logiciel: HP Solution Center 14.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools

O42 - Logiciel: Incomedia WebSite X5 v8 - Evolution - (.Pas de propriétaire.) [HKLM] -- Incomedia WebSite X5 v8 - Evolution

O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI

O42 - Logiciel: Internet Download Manager - (.Pas de propriétaire.) [HKLM] -- Internet Download Manager

O42 - Logiciel: JDownloader 0.9 - (.AppWork GmbH.) [HKLM] -- 1489-3350-5074-6281

O42 - Logiciel: K-Lite Codec Pack 7.2.0 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1

O42 - Logiciel: Kaspersky Internet Security 2012 - (.Kaspersky Lab.) [HKLM] -- InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}

O42 - Logiciel: Kaspersky Internet Security 2012 - (.Kaspersky Lab.) [HKLM] -- {45E557D6-2271-4F13-8101-C620B4285AB0}

O42 - Logiciel: LineIn plugin for WinAMP v1.80 (remove only) - (.Pas de propriétaire.) [HKLM] -- LineIn plugin for WinAMP

O42 - Logiciel: Messenger Plus! 5 - (.Yuna Software.) [HKLM] -- Messenger Plus!

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0015-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0016-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0018-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0019-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001A-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001B-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0043-040C-1000-0000000FF1CE}_Office14.PROPLUS_{0D103750-8493-40B1-A4C8-EF5E468CDD74}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0044-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-006E-040C-1000-0000000FF1CE}_Office14.PROPLUS_{8360CFD4-3630-4F49-A1A0-31BB7A6CBAAC}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-00A1-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-00BA-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office Professionnel Plus 2010 - (.Microsoft Corporation.) [HKLM] -- Office14.PROPLUS

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Extended FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended FRA Language Pack

O42 - Logiciel: Mozilla Firefox 5.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0.1 (x86 fr)

O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- Nokia Ovi Suite

O42 - Logiciel: OCR Software by I.R.I.S. 14.0 - (.HP.) [HKLM] -- HPOCR

O42 - Logiciel: ODIR - (.Vaita.) [HKLM] -- ODIR_is1

O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D

O42 - Logiciel: Paltalk Messenger - (.AVM Software Inc..) [HKLM] -- PalTalk8.2

O42 - Logiciel: Phoenix Service Software 2010.8.4.41526 - (.PhoenixSlayer.) [HKLM] -- {92DA4424-0CFB-44D1-A08B-B63D5D8BEFBC}_is1

O42 - Logiciel: PoivY - (.Finarea S.A. Switzerland.) [HKLM] -- PoivY_is1

O42 - Logiciel: PowerISO - (.PowerISO Computing, Inc..) [HKLM] -- PowerISO

O42 - Logiciel: Proxifier version 3.0 - (.Initex.) [HKLM] -- Proxifier_is1

O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Sarbacane 3 - (.Sarbacane Software.) [HKLM] -- Sarbacane 3

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2416472) - (.Microsoft Corporation.) [HKLM] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2416472

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2487367) - (.Microsoft Corporation.) [HKLM] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2487367

O42 - Logiciel: Security Update for Microsoft Excel 2010 (KB2523021) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{603B88C1-5E1A-4F7A-B21B-0616F755DB5D}

O42 - Logiciel: Security Update for Microsoft InfoPath 2010 (KB2510065) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51C1DE08-35BE-469A-AD3E-8140D2F68CC1}

O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2289078) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{416C3BAC-567F-4E84-9E3B-E98970E2603B}

O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2289161) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B3DFFE7D-FAA1-4B0D-AB1A-AF140A56BD84}

O42 - Logiciel: Security Update for Microsoft PowerPoint 2010 (KB2519975) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{5E1328DB-EA1D-4FDB-B2FA-84CD56D9C19A}

O42 - Logiciel: Security Update for Microsoft Publisher 2010 (KB2409055) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DED7FBC4-7528-4C64-9F94-8174AC522A33}

O42 - Logiciel: Security Update for Microsoft Word 2010 (KB2345000) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FAE58C3D-8C0C-41D7-B95B-507B84ACB0C6}

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870

O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies

O42 - Logiciel: SigmaTel Audio - (.SigmaTel.) [HKLM] -- {A462213D-EED4-42C2-9A60-7BDD4D4B0B17}

O42 - Logiciel: TuneUp Utilities 2011 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities 2011

O42 - Logiciel: Ufasoft SocksChain 3.153 - (.Pas de propriétaire.) [HKCU] -- UfasoftSocksChain

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228

O42 - Logiciel: Update for Microsoft Office 2010 (KB2202188) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{139222A0-48AF-44FF-BC3B-2112086FAF18}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{276D6229-D1A9-4A22-BD8A-7E043897E230}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B4B16F09-574E-448C-BC90-DC8DF2ECA01E}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{BC4F8B0E-191C-4226-8016-01EF1D0294FF}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2494150) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2523113) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D4E279E2-7885-4150-B565-DBAB14C590D0}

O42 - Logiciel: Update for Microsoft OneNote 2010 (KB2493983) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FED950AB-20E9-426D-8A7D-60A110F291AB}

O42 - Logiciel: Update for Microsoft Outlook Social Connector (KB2441641) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{AEE4CC56-C18F-4ED6-BFD0-2D5FFB94DE9F}

O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: Web Acappella - (.Intuisphere.) [HKLM] -- Web Acappella_is1

O42 - Logiciel: WinAmp Bot 10 - (.imFiles.com.) [HKLM] -- WinAmp Bot_is1

O42 - Logiciel: WinRAR 4.01 (64-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM] -- Winamp

O42 - Logiciel: Winamp Toolbar - (.Pas de propriétaire.) [HKLM] -- Winamp Toolbar

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: ZOLEX Patch 15.4.3538.513 - (.ZOLEX Community.) [HKLM] -- ZOLEX Patch

O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule

O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\1st Mass Mailer]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\BitTorrent]

[HKCU\Software\Camfrog]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\CounterPath Corporation]

[HKCU\Software\CounterPath]

[HKCU\Software\DownloadManager]

[HKCU\Software\EasyBits]

[HKCU\Software\Facebook]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\Google]

[HKCU\Software\HP]

[HKCU\Software\Haali]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\HookNetwork]

[HKCU\Software\I.R.I.S.]

[HKCU\Software\IM Providers]

[HKCU\Software\Initex]

[HKCU\Software\Intel]

[HKCU\Software\Intuisphere]

[HKCU\Software\Iris]

[HKCU\Software\JavaSoft]

[HKCU\Software\KasperskyLab]

[HKCU\Software\Lavalys]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Lyrics Plugin]

[HKCU\Software\MONOGRAM]

[HKCU\Software\Macromedia]

[HKCU\Software\MediaInfo]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Nokia Mobile Phones]

[HKCU\Software\Nokia]

[HKCU\Software\ODBC]

[HKCU\Software\Paltalk]

[HKCU\Software\Pando Networks]

[HKCU\Software\PoivY]

[HKCU\Software\Policies]

[HKCU\Software\PowerISO]

[HKCU\Software\RealNetworks]

[HKCU\Software\Sarbacane Software]

[HKCU\Software\Skype]

[HKCU\Software\SubSystems]

[HKCU\Software\System Requirements Lab]

[HKCU\Software\Trolltech]

[HKCU\Software\TuneUp]

[HKCU\Software\Ufasoft]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Winamp]

[HKCU\Software\Wow6432Node]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yuna Software]

[HKCU\Software\cybelsoft]

[HKCU\Software\eMule]

[HKCU\Software\ej-technologies]

[HKCU\Software\madFlac]

[HKCU\Software\pth264]

[HKLM\Software\1st Mass Mailer]

[HKLM\Software\ATI Technologies]

[HKLM\Software\Adobe]

[HKLM\Software\AppDataLow]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\BcmSetup]

[HKLM\Software\CDDB]

[HKLM\Software\CXT]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Codec Tweak Tool]

[HKLM\Software\CounterPath Corporation]

[HKLM\Software\FileZilla 3]

[HKLM\Software\GEAR Software]

[HKLM\Software\GNU]

[HKLM\Software\Google]

[HKLM\Software\HaaliMkx]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\I.R.I.S.]

[HKLM\Software\ICE]

[HKLM\Software\Imagineer Systems Ltd]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\KLCodecPack]

[HKLM\Software\KasperskyLab]

[HKLM\Software\Logitech]

[HKLM\Software\MAXSOFT-OCRON]

[HKLM\Software\Macromedia]

[HKLM\Software\Minnetonka Audio Software]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Nero]

[HKLM\Software\Nokia Mobile Phones]

[HKLM\Software\Nokia]

[HKLM\Software\Nullsoft]

[HKLM\Software\ODBC]

[HKLM\Software\OMSI]

[HKLM\Software\PC Connectivity Solution]

[HKLM\Software\PCSuite]

[HKLM\Software\Pando Networks]

[HKLM\Software\Policies]

[HKLM\Software\RealNetworks]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SOFTWARE]

[HKLM\Software\SYSTEM]

[HKLM\Software\Sarbacane Software]

[HKLM\Software\SigmaTel]

[HKLM\Software\Sigmatel]

[HKLM\Software\Skype]

[HKLM\Software\Sonic]

[HKLM\Software\Synthetic Aperture]

[HKLM\Software\TrendMicro]

[HKLM\Software\TuneUp]

[HKLM\Software\Ufasoft]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\WinRAR]

[HKLM\Software\Wow6432Node]

[HKLM\Software\Xing Technology Corp.]

[HKLM\Software\Yuna Software]

[HKLM\Software\ZSMC]

[HKLM\Software\cybelsoft]

[HKLM\Software\ej-technologies]

[HKLM\Software\mozilla.org]

~ Scan Softwares in 00mn 02s

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 18/07/2011 - 20:55:32 - [2193051347] ----D- C:\Program Files\Adobe

O43 - CFD: 10/08/2011 - 19:47:38 - [135064] ----D- C:\Program Files\Bonjour

O43 - CFD: 17/07/2011 - 00:06:30 - [13382866] ----D- C:\Program Files\Broadcom

O43 - CFD: 10/08/2011 - 19:48:02 - [479960216] ----D- C:\Program Files\Common Files

O43 - CFD: 17/07/2011 - 02:56:28 - [935480] ----D- C:\Program Files\DIFX

O43 - CFD: 11/08/2011 - 02:30:40 - [90328596] ----D- C:\Program Files\DVD Maker

O43 - CFD: 17/07/2011 - 00:45:14 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 17/07/2011 - 19:07:48 - [6201360] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 10/08/2011 - 19:52:50 - [1951827] ----D- C:\Program Files\iPod

O43 - CFD: 10/08/2011 - 19:54:20 - [2358288] ----D- C:\Program Files\iTunes

O43 - CFD: 18/07/2011 - 21:37:52 - [102750866] ----D- C:\Program Files\Java

O43 - CFD: 17/07/2011 - 00:00:50 - [9486663] ----D- C:\Program Files\ma-config.com

O43 - CFD: 17/07/2011 - 01:25:04 - [66182091] ----D- C:\Program Files\Microsoft Analysis Services

O43 - CFD: 14/07/2009 - 15:35:14 - [149784114] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 17/07/2011 - 01:38:18 - [1146183257] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 17/07/2011 - 01:38:16 - [2966976] ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 17/07/2011 - 01:38:16 - [1014647] ----D- C:\Program Files\Microsoft Sync Framework

O43 - CFD: 17/07/2011 - 01:41:30 - [326800] ----D- C:\Program Files\Microsoft Synchronization Services

O43 - CFD: 14/07/2009 - 05:32:40 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 14/07/2009 - 05:32:40 - [38984873] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 14/07/2009 - 05:09:28 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 11/08/2011 - 02:30:38 - [4134400] ----D- C:\Program Files\Windows Defender

O43 - CFD: 11/08/2011 - 02:30:40 - [9442936] ----D- C:\Program Files\Windows Journal

O43 - CFD: 11/08/2011 - 02:30:40 - [7177216] ----D- C:\Program Files\Windows Mail

O43 - CFD: 11/08/2011 - 02:30:40 - [7813549] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 17/07/2011 - 00:45:14 - [13332148] ----D- C:\Program Files\Windows NT

O43 - CFD: 11/08/2011 - 02:30:40 - [5576984] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 19/07/2011 - 22:52:22 - [244736] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 11/08/2011 - 02:30:42 - [9284756] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 17/07/2011 - 00:01:32 - [4728160] ----D- C:\Program Files\WinRAR

O43 - CFD: 18/07/2011 - 20:55:32 - [179135768] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 10/08/2011 - 19:48:02 - [6580905] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 17/07/2011 - 01:45:42 - [99136] ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 03/08/2011 - 02:37:52 - [662816] ----D- C:\Program Files\Common Files\logishrd

O43 - CFD: 17/07/2011 - 04:36:38 - [274997584] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 14/07/2009 - 03:20:10 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 03:20:10 - [611328] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 11/08/2011 - 02:30:40 - [17869977] ----D- C:\Program Files\Common Files\System

O43 - CFD: 22/07/2011 - 02:01:06 - [707217972] ----D- C:\ProgramData\Adobe

O43 - CFD: 18/07/2011 - 20:48:26 - [0] ----D- C:\ProgramData\ALM

O43 - CFD: 11/08/2011 - 00:22:06 - [33541377] ----D- C:\ProgramData\Apple

O43 - CFD: 10/08/2011 - 19:52:46 - [67291504] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 05:08:58 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 17/07/2011 - 00:45:14 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 14/07/2009 - 05:08:58 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 05:08:58 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 09/08/2011 - 02:02:02 - [0] ----D- C:\ProgramData\eMule

O43 - CFD: 17/07/2011 - 00:45:14 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 05:08:58 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 17/07/2011 - 20:34:28 - [25024751] ----D- C:\ProgramData\HP

O43 - CFD: 17/07/2011 - 19:50:22 - [8988] ----D- C:\ProgramData\HP Product Assistant

O43 - CFD: 10/08/2011 - 18:26:50 - [569791396] ----D- C:\ProgramData\Kaspersky Lab

O43 - CFD: 17/07/2011 - 00:00:46 - [1243552] ----D- C:\ProgramData\ma-config.com

O43 - CFD: 17/07/2011 - 00:45:14 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 10/08/2011 - 02:42:20 - [4916] ----D- C:\ProgramData\Messenger Plus!

O43 - CFD: 07/08/2011 - 21:07:16 - [693899752] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 11/08/2011 - 03:10:46 - [103134] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 17/07/2011 - 00:45:14 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 20/07/2011 - 00:01:00 - [2749139] ----D- C:\ProgramData\Nero

O43 - CFD: 10/08/2011 - 18:32:38 - [560878478] ----D- C:\ProgramData\NokiaInstallerCache

O43 - CFD: 18/07/2011 - 02:32:20 - [4172288] ----D- C:\ProgramData\NokiaMusic

O43 - CFD: 17/07/2011 - 03:02:14 - [62104] ----D- C:\ProgramData\PC Suite

O43 - CFD: 08/08/2011 - 02:09:58 - [1529623] ----D- C:\ProgramData\Real

O43 - CFD: 02/08/2011 - 04:42:58 - [3421] ----D- C:\ProgramData\regid.1986-12.com.adobe

O43 - CFD: 07/08/2011 - 03:16:10 - [24395117] ----D- C:\ProgramData\Skype

O43 - CFD: 14/07/2009 - 05:08:58 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 18/07/2011 - 21:36:58 - [119] ----D- C:\ProgramData\Sun

O43 - CFD: 14/07/2009 - 05:08:58 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 10/08/2011 - 21:04:06 - [6201211] ----D- C:\ProgramData\TuneUp Software

O43 - CFD: 17/07/2011 - 20:35:14 - [244] ----D- C:\ProgramData\WEBREG

O43 - CFD: 06/08/2011 - 04:53:32 - [655739] ----D- C:\ProgramData\Winamp Toolbar

O43 - CFD: 10/08/2011 - 20:57:44 - [18478080] -SH-D- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}

O43 - CFD: 10/08/2011 - 19:54:20 - [894865] ----D- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

O43 - CFD: 21/07/2011 - 23:12:26 - [14783927] ----D- C:\Users\Hicham\AppData\Roaming\Adobe

O43 - CFD: 10/08/2011 - 19:56:30 - [193415] ----D- C:\Users\Hicham\AppData\Roaming\Apple Computer

O43 - CFD: 06/08/2011 - 03:19:00 - [19643] ----D- C:\Users\Hicham\AppData\Roaming\Camfrog

O43 - CFD: 10/08/2011 - 21:30:36 - [16384] ----D- C:\Users\Hicham\AppData\Roaming\DMCache

O43 - CFD: 01/08/2011 - 23:58:08 - [24460] ----D- C:\Users\Hicham\AppData\Roaming\FileZilla

O43 - CFD: 18/07/2011 - 20:42:32 - [193407] ----D- C:\Users\Hicham\AppData\Roaming\HP

O43 - CFD: 19/07/2011 - 20:25:30 - [0] ----D- C:\Users\Hicham\AppData\Roaming\HPAppData

O43 - CFD: 24/07/2011 - 22:29:36 - [1295] ----D- C:\Users\Hicham\AppData\Roaming\HpUpdate

O43 - CFD: 17/07/2011 - 00:46:06 - [0] ----D- C:\Users\Hicham\AppData\Roaming\Identities

O43 - CFD: 10/08/2011 - 19:22:24 - [1063772] ----D- C:\Users\Hicham\AppData\Roaming\IDM

O43 - CFD: 17/07/2011 - 00:06:12 - [0] ----D- C:\Users\Hicham\AppData\Roaming\InstallShield

O43 - CFD: 16/07/2011 - 23:58:30 - [32023] ----D- C:\Users\Hicham\AppData\Roaming\Macromedia

O43 - CFD: 14/07/2009 - 15:35:04 - [0] ----D- C:\Users\Hicham\AppData\Roaming\Media Center Programs

O43 - CFD: 06/08/2011 - 23:23:54 - [6488866] -S--D- C:\Users\Hicham\AppData\Roaming\Microsoft

O43 - CFD: 18/07/2011 - 03:16:20 - [13645233] ----D- C:\Users\Hicham\AppData\Roaming\Mozilla

O43 - CFD: 23/07/2011 - 13:21:10 - [171422] ----D- C:\Users\Hicham\AppData\Roaming\Nero

O43 - CFD: 18/07/2011 - 02:38:24 - [7104174] ----D- C:\Users\Hicham\AppData\Roaming\Nokia

O43 - CFD: 17/07/2011 - 03:16:42 - [85275] ----D- C:\Users\Hicham\AppData\Roaming\Nokia Ovi Suite

O43 - CFD: 03/08/2011 - 02:40:24 - [135573] ----D- C:\Users\Hicham\AppData\Roaming\Paltalk

O43 - CFD: 17/07/2011 - 03:14:20 - [1306676] ----D- C:\Users\Hicham\AppData\Roaming\PC Suite

O43 - CFD: 20/07/2011 - 06:30:46 - [0] ----D- C:\Users\Hicham\AppData\Roaming\PoivY

O43 - CFD: 06/08/2011 - 02:25:40 - [1330] ----D- C:\Users\Hicham\AppData\Roaming\Proxifier

O43 - CFD: 08/08/2011 - 02:09:56 - [1145892] ----D- C:\Users\Hicham\AppData\Roaming\Real

O43 - CFD: 23/07/2011 - 01:10:02 - [50998] ----D- C:\Users\Hicham\AppData\Roaming\Sarbacane Software

O43 - CFD: 11/08/2011 - 03:10:40 - [2377876] ----D- C:\Users\Hicham\AppData\Roaming\Skype

O43 - CFD: 11/08/2011 - 00:08:14 - [44096] ----D- C:\Users\Hicham\AppData\Roaming\skypePM

O43 - CFD: 10/08/2011 - 21:01:18 - [78527] ----D- C:\Users\Hicham\AppData\Roaming\TuneUp Software

O43 - CFD: 06/08/2011 - 02:31:18 - [6737] ----D- C:\Users\Hicham\AppData\Roaming\Ufasoft

O43 - CFD: 10/08/2011 - 18:28:42 - [2673215] ----D- C:\Users\Hicham\AppData\Roaming\uTorrent

O43 - CFD: 30/07/2011 - 18:32:48 - [1635029] ----D- C:\Users\Hicham\AppData\Roaming\vlc

O43 - CFD: 06/08/2011 - 22:06:30 - [123953] ----D- C:\Users\Hicham\AppData\Roaming\Winamp

O43 - CFD: 17/07/2011 - 00:06:00 - [12] ----D- C:\Users\Hicham\AppData\Roaming\WinRAR

O43 - CFD: 02/08/2011 - 04:43:08 - [46038741] ----D- C:\Users\Hicham\AppData\Local\Adobe

O43 - CFD: 10/08/2011 - 19:48:46 - [0] ----D- C:\Users\Hicham\AppData\Local\Apple

O43 - CFD: 10/08/2011 - 19:55:22 - [2337115] ----D- C:\Users\Hicham\AppData\Local\Apple Computer

O43 - CFD: 17/07/2011 - 00:45:40 - [0] -SH-D- C:\Users\Hicham\AppData\Local\Application Data

O43 - CFD: 01/08/2011 - 17:13:34 - [5669] ----D- C:\Users\Hicham\AppData\Local\CounterPath

O43 - CFD: 01/08/2011 - 17:14:14 - [14640] ----D- C:\Users\Hicham\AppData\Local\CounterPath Corporation

O43 - CFD: 05/08/2011 - 23:48:08 - [0] ----D- C:\Users\Hicham\AppData\Local\CrashRpt

O43 - CFD: 06/08/2011 - 22:06:12 - [308239] ----D- C:\Users\Hicham\AppData\Local\ElevatedDiagnostics

O43 - CFD: 09/08/2011 - 02:01:26 - [754635] ----D- C:\Users\Hicham\AppData\Local\eMule

O43 - CFD: 02/08/2011 - 21:50:44 - [6357776] ----D- C:\Users\Hicham\AppData\Local\Facebook

O43 - CFD: 16/07/2011 - 23:58:00 - [708732609] ----D- C:\Users\Hicham\AppData\Local\Google

O43 - CFD: 17/07/2011 - 00:45:40 - [0] -SH-D- C:\Users\Hicham\AppData\Local\Historique

O43 - CFD: 17/07/2011 - 20:33:26 - [36020] ----D- C:\Users\Hicham\AppData\Local\HP

O43 - CFD: 18/07/2011 - 02:39:16 - [3824] ----D- C:\Users\Hicham\AppData\Local\IsolatedStorage

O43 - CFD: 07/08/2011 - 21:07:14 - [270584419] ----D- C:\Users\Hicham\AppData\Local\Microsoft

O43 - CFD: 17/07/2011 - 01:23:38 - [0] ----D- C:\Users\Hicham\AppData\Local\Microsoft Help

O43 - CFD: 18/07/2011 - 03:08:18 - [97699965] ----D- C:\Users\Hicham\AppData\Local\Mozilla

O43 - CFD: 18/07/2011 - 02:34:16 - [21549101] ----D- C:\Users\Hicham\AppData\Local\Nokia

O43 - CFD: 17/07/2011 - 03:10:28 - [1280] ----D- C:\Users\Hicham\AppData\Local\NokiaAccount

O43 - CFD: 19/07/2011 - 23:23:44 - [0] ----D- C:\Users\Hicham\AppData\Local\Solid State Networks

O43 - CFD: 17/07/2011 - 21:22:40 - [1006] ----D- C:\Users\Hicham\AppData\Local\Symbian-Toys.com

O43 - CFD: 11/08/2011 - 03:16:10 - [125512291] ----D- C:\Users\Hicham\AppData\Local\Temp

O43 - CFD: 17/07/2011 - 00:45:40 - [0] -SH-D- C:\Users\Hicham\AppData\Local\Temporary Internet Files

O43 - CFD: 21/07/2011 - 04:42:14 - [0] ----D- C:\Users\Hicham\AppData\Local\uTorrent

O43 - CFD: 17/07/2011 - 00:45:54 - [0] ----D- C:\Users\Hicham\AppData\Local\VirtualStore

O43 - CFD: 10/08/2011 - 17:54:30 - [53248] ----D- C:\Users\Hicham\AppData\Local\Windows Live

O43 - CFD: 07/08/2011 - 20:41:14 - [0] ----D- C:\Users\Hicham\AppData\Local\{02BB36B8-AF76-4997-816C-1BA49D5C704E}

O43 - CFD: 25/07/2011 - 01:00:24 - [0] ----D- C:\Users\Hicham\AppData\Local\{06245653-0F79-465E-B076-5047E19D542D}

O43 - CFD: 04/08/2011 - 18:25:10 - [0] ----D- C:\Users\Hicham\AppData\Local\{0DF6259B-F892-49BC-A73F-01DF663664A5}

O43 - CFD: 29/07/2011 - 15:59:40 - [0] ----D- C:\Users\Hicham\AppData\Local\{102831B9-A8A1-4782-BF0A-B268B3B018E8}

O43 - CFD: 02/08/2011 - 22:32:46 - [0] ----D- C:\Users\Hicham\AppData\Local\{16F2106B-4BA9-4456-80AD-2AB2F6F92263}

O43 - CFD: 07/08/2011 - 20:40:52 - [0] ----D- C:\Users\Hicham\AppData\Local\{2C0BDE28-54CA-4165-8E9B-7C2B070BFF3A}

O43 - CFD: 31/07/2011 - 15:52:20 - [0] ----D- C:\Users\Hicham\AppData\Local\{2DDC6094-DE13-4E1E-AB83-A4EC9A995892}

O43 - CFD: 06/08/2011 - 06:10:54 - [0] ----D- C:\Users\Hicham\AppData\Local\{2ECA585E-458D-49A4-B20F-9F73D128052C}

O43 - CFD: 06/08/2011 - 22:05:10 - [0] ----D- C:\Users\Hicham\AppData\Local\{350DFD7C-103C-4A20-ADD6-37203C2F721D}

O43 - CFD: 25/07/2011 - 14:25:56 - [0] ----D- C:\Users\Hicham\AppData\Local\{36E60192-73EA-4561-9D90-032D04F55543}

O43 - CFD: 19/07/2011 - 23:25:06 - [0] ----D- C:\Users\Hicham\AppData\Local\{3E785803-79A6-4CA9-8189-67B72EFDA7D9}

O43 - CFD: 10/08/2011 - 17:52:44 - [0] ----D- C:\Users\Hicham\AppData\Local\{5161A745-D503-4A4A-A445-7B73A7DB1E06}

O43 - CFD: 29/07/2011 - 02:49:52 - [0] ----D- C:\Users\Hicham\AppData\Local\{5464C6FD-EBCA-4D65-B9A2-65576E609E9A}

O43 - CFD: 19/07/2011 - 00:34:34 - [0] ----D- C:\Users\Hicham\AppData\Local\{58E67857-02C9-41D2-B87E-B0A6FA6043B9}

O43 - CFD: 19/07/2011 - 19:36:52 - [0] ----D- C:\Users\Hicham\AppData\Local\{5BC16B80-56F5-467A-8926-3B351B73ACF9}

O43 - CFD: 06/08/2011 - 06:10:08 - [0] ----D- C:\Users\Hicham\AppData\Local\{6AE2E07B-5B0A-4C1E-AF09-1889D0B38D64}

O43 - CFD: 09/08/2011 - 19:48:00 - [0] ----D- C:\Users\Hicham\AppData\Local\{6D87E411-FBE5-430E-A8AA-A3E6E1B3A240}

O43 - CFD: 06/08/2011 - 22:04:20 - [0] ----D- C:\Users\Hicham\AppData\Local\{79FC74CB-9C6C-4FBE-A786-9DDD162264DA}

O43 - CFD: 03/08/2011 - 20:21:04 - [0] ----D- C:\Users\Hicham\AppData\Local\{8B42B8FE-A9B3-4E78-B926-7ED1B6181B02}

O43 - CFD: 21/07/2011 - 15:20:26 - [0] ----D- C:\Users\Hicham\AppData\Local\{997174E1-2EEA-46EB-9DAC-A05E226CC58F}

O43 - CFD: 09/08/2011 - 19:47:48 - [0] ----D- C:\Users\Hicham\AppData\Local\{9D79BB28-9E85-4BEF-BF54-FA44E9EAF5E0}

O43 - CFD: 31/07/2011 - 02:54:26 - [0] ----D- C:\Users\Hicham\AppData\Local\{A66972B3-62B9-468B-A537-D178592C83EE}

O43 - CFD: 08/08/2011 - 17:50:40 - [0] ----D- C:\Users\Hicham\AppData\Local\{B07B932E-F149-4FF7-B427-E6CE8547BC37}

O43 - CFD: 08/08/2011 - 17:50:18 - [0] ----D- C:\Users\Hicham\AppData\Local\{B8E962DE-22BB-46DD-AD30-A3C2AC8C9343}

O43 - CFD: 22/07/2011 - 11:26:38 - [0] ----D- C:\Users\Hicham\AppData\Local\{C98959C3-4855-40B5-8222-4C2426F2754F}

O43 - CFD: 30/07/2011 - 14:54:02 - [0] ----D- C:\Users\Hicham\AppData\Local\{D437220C-C52E-4D30-A8C8-0BD388246A59}

O43 - CFD: 10/08/2011 - 17:53:24 - [0] ----D- C:\Users\Hicham\AppData\Local\{F148F139-A4FA-4C0F-8C05-AF44759CA628}

O43 - CFD: 24/07/2011 - 13:00:08 - [0] ----D- C:\Users\Hicham\AppData\Local\{F522BEE7-3269-4BF9-8FAE-2D07ED6F9EC7}

O43 - CFD: 23/07/2011 - 00:54:44 - [4945677] ----D- C:\Program Files (x86)\1st Mass Mailer

O43 - CFD: 20/07/2011 - 00:32:22 - [7259567450] ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 18/07/2011 - 19:41:46 - [9327448] ----D- C:\Program Files (x86)\Adobe Story

O43 - CFD: 10/08/2011 - 19:48:34 - [2428606] ----D- C:\Program Files (x86)\Apple Software Update

O43 - CFD: 10/08/2011 - 19:47:40 - [628553] ----D- C:\Program Files (x86)\Bonjour

O43 - CFD: 06/08/2011 - 03:17:08 - [21997899] ----D- C:\Program Files (x86)\Camfrog

O43 - CFD: 10/08/2011 - 19:47:10 - [1960734802] ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 01/08/2011 - 17:04:44 - [43858410] ----D- C:\Program Files (x86)\CounterPath

O43 - CFD: 09/08/2011 - 02:01:26 - [10906334] ----D- C:\Program Files (x86)\eMule

O43 - CFD: 28/07/2011 - 18:26:20 - [17053952] ----D- C:\Program Files (x86)\FileZilla FTP Client

O43 - CFD: 17/07/2011 - 19:55:42 - [361918547] ----D- C:\Program Files (x86)\HP

O43 - CFD: 07/08/2011 - 01:55:18 - [7685202] --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 19/07/2011 - 20:20:58 - [96760] ----D- C:\Program Files (x86)\Intel

O43 - CFD: 16/07/2011 - 23:51:00 - [8736461] ----D- C:\Program Files (x86)\Internet Download Manager

O43 - CFD: 10/08/2011 - 19:50:14 - [6275704] ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 01/08/2011 - 23:20:12 - [95410092] ----D- C:\Program Files (x86)\Intuisphere

O43 - CFD: 10/08/2011 - 19:54:18 - [123201110] ----D- C:\Program Files (x86)\iTunes

O43 - CFD: 18/07/2011 - 21:15:10 - [91719597] ----D- C:\Program Files (x86)\Java

O43 - CFD: 22/07/2011 - 03:09:58 - [166007380] ----D- C:\Program Files (x86)\JDownloader

O43 - CFD: 18/07/2011 - 01:00:32 - [49835172] ----D- C:\Program Files (x86)\K-Lite Codec Pack

O43 - CFD: 17/07/2011 - 01:07:34 - [139175769] ----D- C:\Program Files (x86)\Kaspersky Lab

O43 - CFD: 06/08/2011 - 21:43:08 - [16714600] ----D- C:\Program Files (x86)\Lavalys

O43 - CFD: 17/07/2011 - 20:03:50 - [3216726] ----D- C:\Program Files (x86)\Microsoft

O43 - CFD: 17/07/2011 - 01:25:02 - [39769547] ----D- C:\Program Files (x86)\Microsoft Analysis Services

O43 - CFD: 23/07/2011 - 03:12:52 - [131807599] ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 18/07/2011 - 19:02:10 - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 23/07/2011 - 03:12:52 - [14904] ----D- C:\Program Files (x86)\Microsoft Visual Studio

O43 - CFD: 17/07/2011 - 01:28:32 - [64793621] ----D- C:\Program Files (x86)\Microsoft Visual Studio 8

O43 - CFD: 24/07/2011 - 13:06:36 - [4368271] ----D- C:\Program Files (x86)\Microsoft Works

O43 - CFD: 20/07/2011 - 00:41:26 - [8175999] ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 10/08/2011 - 02:39:02 - [36537857] ----D- C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 17/07/2011 - 01:40:12 - [26521] ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 17/07/2011 - 20:03:40 - [2744028] ----D- C:\Program Files (x86)\MSN Toolbar

O43 - CFD: 20/07/2011 - 07:08:38 - [0] ----D- C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 18/07/2011 - 19:34:30 - [0] ----D- C:\Program Files (x86)\My Company Name

O43 - CFD: 20/07/2011 - 00:00:48 - [1472691424] ----D- C:\Program Files (x86)\Nero

O43 - CFD: 18/07/2011 - 02:32:52 - [590479972] ----D- C:\Program Files (x86)\Nokia

O43 - CFD: 17/07/2011 - 02:54:10 - [3678055] ----D- C:\Program Files (x86)\ODIR

O43 - CFD: 31/07/2011 - 02:03:20 - [34599376] ----D- C:\Program Files (x86)\Paltalk Messenger

O43 - CFD: 17/07/2011 - 02:56:04 - [20853374] ----D- C:\Program Files (x86)\PC Connectivity Solution

O43 - CFD: 19/07/2011 - 01:39:52 - [17408140] ----D- C:\Program Files (x86)\PoivY.com

O43 - CFD: 17/07/2011 - 00:03:18 - [3917217] ----D- C:\Program Files (x86)\PowerISO

O43 - CFD: 06/08/2011 - 02:25:00 - [7953498] ----D- C:\Program Files (x86)\Proxifier

O43 - CFD: 10/08/2011 - 19:50:12 - [76322555] ----D- C:\Program Files (x86)\QuickTime

O43 - CFD: 08/08/2011 - 02:08:44 - [95910966] ----D- C:\Program Files (x86)\Real

O43 - CFD: 06/08/2011 - 21:52:14 - [3360505] ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 14/07/2009 - 05:32:40 - [41329921] ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 23/07/2011 - 01:04:34 - [34099372] ----D- C:\Program Files (x86)\Sarbacane Software

O43 - CFD: 07/08/2011 - 01:55:24 - [27601048] ----D- C:\Program Files (x86)\SigmaTel

O43 - CFD: 07/08/2011 - 03:17:26 - [25537329] R---D- C:\Program Files (x86)\Skype

O43 - CFD: 18/07/2011 - 20:11:50 - [794752] ----D- C:\Program Files (x86)\SystemRequirementsLab

O43 - CFD: 06/08/2011 - 21:54:04 - [0] --H-D- C:\Program Files (x86)\Temp

O43 - CFD: 10/08/2011 - 21:36:12 - [61952049] ----D- C:\Program Files (x86)\TuneUp Utilities 2011

O43 - CFD: 06/08/2011 - 02:31:12 - [2593735] ----D- C:\Program Files (x86)\Ufasoft

O43 - CFD: 14/07/2009 - 04:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 22/07/2011 - 21:31:56 - [639864] ----D- C:\Program Files (x86)\uTorrent

O43 - CFD: 22/07/2011 - 21:15:38 - [80284630] ----D- C:\Program Files (x86)\VideoLAN

O43 - CFD: 18/07/2011 - 18:52:28 - [94671610] ----D- C:\Program Files (x86)\WebSite X5 v8 - Evolution

O43 - CFD: 06/08/2011 - 05:00:14 - [62550044] ----D- C:\Program Files (x86)\Winamp

O43 - CFD: 06/08/2011 - 05:17:50 - [852314] ----D- C:\Program Files (x86)\WinAmp Bot

O43 - CFD: 06/08/2011 - 04:53:48 - [155364] ----D- C:\Program Files (x86)\Winamp Detect

O43 - CFD: 06/08/2011 - 04:53:34 - [2646203] ----D- C:\Program Files (x86)\Winamp Toolbar

O43 - CFD: 11/08/2011 - 02:30:36 - [573440] ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 18/07/2011 - 21:47:24 - [76243129] ----D- C:\Program Files (x86)\Windows Live

O43 - CFD: 11/08/2011 - 02:30:38 - [6690816] ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 11/08/2011 - 02:30:36 - [5379857] ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 05:32:40 - [12902068] ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 11/08/2011 - 02:30:36 - [4478728] ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 19/07/2011 - 22:52:26 - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 11/08/2011 - 02:30:38 - [7310312] ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 10/08/2011 - 02:41:14 - [19805942] ----D- C:\Program Files (x86)\Yuna Software

O43 - CFD: 11/08/2011 - 03:17:46 - [4005750] ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 19/07/2011 - 23:22:58 - [970979785] ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 18/07/2011 - 19:21:52 - [21810052] ----D- C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 10/08/2011 - 19:52:48 - [89816303] ----D- C:\Program Files (x86)\Common Files\Apple

O43 - CFD: 23/07/2011 - 03:13:32 - [86016] ----D- C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 17/07/2011 - 19:44:46 - [813264] ----D- C:\Program Files (x86)\Common Files\Hewlett-Packard

O43 - CFD: 17/07/2011 - 19:44:48 - [1626180] ----D- C:\Program Files (x86)\Common Files\HP

O43 - CFD: 06/08/2011 - 21:51:38 - [3830443] ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 18/07/2011 - 21:36:52 - [1258951] ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD: 24/07/2011 - 13:06:18 - [385848423] ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 19/07/2011 - 23:34:18 - [49440566] ----D- C:\Program Files (x86)\Common Files\Nero

O43 - CFD: 18/07/2011 - 02:33:00 - [115462058] ----D- C:\Program Files (x86)\Common Files\Nokia

O43 - CFD: 06/08/2011 - 04:50:08 - [4848416] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine

O43 - CFD: 14/07/2009 - 03:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 07/08/2011 - 03:16:14 - [2135336] ----D- C:\Program Files (x86)\Common Files\Skype

O43 - CFD: 06/08/2011 - 04:52:42 - [240776] ----D- C:\Program Files (x86)\Common Files\Software Update Utility

O43 - CFD: 18/07/2011 - 19:34:30 - [372019] ----D- C:\Program Files (x86)\Common Files\Sonic Shared

O43 - CFD: 14/07/2009 - 03:20:10 - [41106343] ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 11/08/2011 - 02:30:36 - [18154643] ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 17/07/2011 - 02:49:42 - [252550270] ----D- C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 08/08/2011 - 02:08:28 - [352256] ----D- C:\Program Files (x86)\Common Files\xing shared

~ Scan Program Folder in 02mn 17s

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.C706462F7BC490E5BFEF4107590CAA8E] - 11/08/2011 - 03:12:10 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1397158]

O44 - LFC:[MD5.F3FB990FFEF73753352FE0A726635E54] - 11/08/2011 - 03:06:25 ---A- . (...) -- C:\Windows\SysNative\perfc001.dat [98122]

O44 - LFC:[MD5.977BCB2EB460C8C7403ABA695723E59F] - 11/08/2011 - 03:06:25 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [125526]

O44 - LFC:[MD5.34DC1A6A2B74295720096DAB7CECEC9F] - 11/08/2011 - 03:06:25 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [153272]

O44 - LFC:[MD5.8D8D2C07D8F4EAEF662D74135FCF88D1] - 11/08/2011 - 03:06:25 ---A- . (...) -- C:\Windows\SysNative\perfh001.dat [480460]

O44 - LFC:[MD5.8EE8928CB1BCE587593F7EA0C339C6F7] - 11/08/2011 - 03:06:25 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [663590]

O44 - LFC:[MD5.29BC961ADA015821B08456D211FF733C] - 11/08/2011 - 03:06:25 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [756600]

O44 - LFC:[MD5.F3FB990FFEF73753352FE0A726635E54] - 11/08/2011 - 03:06:25 RSHAD . (...) -- C:\Windows\system32\perfc001.dat [98122]

O44 - LFC:[MD5.977BCB2EB460C8C7403ABA695723E59F] - 11/08/2011 - 03:06:25 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [125526]

O44 - LFC:[MD5.34DC1A6A2B74295720096DAB7CECEC9F] - 11/08/2011 - 03:06:25 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [153272]

O44 - LFC:[MD5.8D8D2C07D8F4EAEF662D74135FCF88D1] - 11/08/2011 - 03:06:25 RSHAD . (...) -- C:\Windows\system32\perfh001.dat [480460]

O44 - LFC:[MD5.8EE8928CB1BCE587593F7EA0C339C6F7] - 11/08/2011 - 03:06:25 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [663590]

O44 - LFC:[MD5.29BC961ADA015821B08456D211FF733C] - 11/08/2011 - 03:06:25 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [756600]

O44 - LFC:[MD5.9DC3F393C238763B439FE276258A1270] - 11/08/2011 - 03:06:00 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [2235868]

O44 - LFC:[MD5.9DC3F393C238763B439FE276258A1270] - 11/08/2011 - 03:06:00 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [2235868]

O44 - LFC:[MD5.4EDCEB48F0D4808C155DEF613F75471F] - 11/08/2011 - 02:27:42 ---A- . (...) -- C:\Windows\SysNative\perfd001.dat [42056]

O44 - LFC:[MD5.DEAE19B45437F21A971D25145E80E093] - 11/08/2011 - 02:27:42 ---A- . (...) -- C:\Windows\SysNative\perfi001.dat [289060]

O44 - LFC:[MD5.4EDCEB48F0D4808C155DEF613F75471F] - 11/08/2011 - 02:27:42 RSHAD . (...) -- C:\Windows\system32\perfd001.dat [42056]

O44 - LFC:[MD5.DEAE19B45437F21A971D25145E80E093] - 11/08/2011 - 02:27:42 RSHAD . (...) -- C:\Windows\system32\perfi001.dat [289060]

O44 - LFC:[MD5.AC0612BEB517CACF463E1F5EE76E52FD] - 10/08/2011 - 19:54:22 ---A- . (.GEAR Software Inc. - GEARAspi (x64).) -- C:\Windows\SysNative\GEARAspi64.dll [126312]

O44 - LFC:[MD5.E403AACF8C7BB11375122D2464560311] - 10/08/2011 - 19:54:22 RSHAD . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [34152]

O44 - LFC:[MD5.AC0612BEB517CACF463E1F5EE76E52FD] - 10/08/2011 - 19:54:22 RSHAD . (.GEAR Software Inc. - GEARAspi (x64).) -- C:\Windows\system32\GEARAspi64.dll [126312]

O44 - LFC:[MD5.DA8F998153E4FCF5E9D85DE290E1109A] - 10/08/2011 - 18:24:00 ---A- . (...) -- C:\Windows\setupact.log [33641]

O44 - LFC:[MD5.5825F045CE8E36A57B70B34046AB8B74] - 10/08/2011 - 18:23:55 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.012844A8E13BE3941C9CAF1F91F47DF2] - 07/08/2011 - 21:45:00 ---A- . (.SigmaTel, Inc. - Sigmatel Audio system tray application.) -- C:\Windows\stsystra.exe [405504]

O44 - LFC:[MD5.3A3AC81CF25FA3625A109B52889DA2FB] - 07/08/2011 - 21:20:56 RSHAD . (...) -- C:\Windows\system32\drivers\sthdae.log [968]

O44 - LFC:[MD5.4633614F73B0CC99B9451B7088BD7C3A] - 07/08/2011 - 02:54:28 ---A- . (...) -- C:\Windows\SysNative\lvcoinst.log [10835]

O44 - LFC:[MD5.4633614F73B0CC99B9451B7088BD7C3A] - 07/08/2011 - 02:54:28 RSHAD . (...) -- C:\Windows\system32\lvcoinst.log [10835]

O44 - LFC:[MD5.B047D12F70881FF51B1161FCD72EC102] - 07/08/2011 - 01:55:25 RSHAD . (.SigmaTel, Inc. - NDRC.) -- C:\Windows\system32\drivers\sthda64.sys [1235456]

O44 - LFC:[MD5.470D4BBCC5939639AE89ED6C2907A73F] - 07/08/2011 - 01:55:24 ---A- . (.IDT, Inc. - NDHF.) -- C:\Windows\SysNative\st645602.dll [177664]

O44 - LFC:[MD5.470D4BBCC5939639AE89ED6C2907A73F] - 07/08/2011 - 01:55:24 RSHAD . (.IDT, Inc. - NDHF.) -- C:\Windows\system32\st645602.dll [177664]

O44 - LFC:[MD5.674771A607F9995F6CA891B4F761CB4E] - 06/08/2011 - 21:56:47 ---A- . (...) -- C:\Windows\PFRO.log [17426]

O44 - LFC:[MD5.0BF254F2A678F70237012A084B783CB7] - 06/08/2011 - 21:52:09 ---A- . (.Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) -- C:\Windows\RtlExUpd.dll [1284712]

O44 - LFC:[MD5.98EED903F55A82F819C5BB64DE421430] - 06/08/2011 - 02:24:49 ---A- . (.Initex - Proxifier Winsock Layered Service Provider.) -- C:\Windows\SysNative\PrxerDrv.dll [73968]

O44 - LFC:[MD5.98EED903F55A82F819C5BB64DE421430] - 06/08/2011 - 02:24:49 ---A- . (.Initex - Proxifier Winsock Layered Service Provider.) -- C:\Windows\system32\PrxerDrv.dll [73968]

O44 - LFC:[MD5.16D7D01048FB7C7ED730F7A3915531A9] - 06/08/2011 - 02:24:49 ---A- . (.Initex - Proxifier shell extension module..) -- C:\Windows\SysNative\ProxifierShellExt.dll [100592]

O44 - LFC:[MD5.16D7D01048FB7C7ED730F7A3915531A9] - 06/08/2011 - 02:24:49 ---A- . (.Initex - Proxifier shell extension module..) -- C:\Windows\system32\ProxifierShellExt.dll [100592]

O44 - LFC:[MD5.671694A21234F6C00D486BDC62F63815] - 06/08/2011 - 02:24:49 ---A- . (.Pas de propriétaire - Proxifier Namespace Service Provider x64.) -- C:\Windows\SysNative\PrxerNsp.dll [55024]

O44 - LFC:[MD5.671694A21234F6C00D486BDC62F63815] - 06/08/2011 - 02:24:49 ---A- . (.Pas de propriétaire - Proxifier Namespace Service Provider.) -- C:\Windows\system32\PrxerNsp.dll [55024]

O44 - LFC:[MD5.EB4A90E57D49B59F3D1109E1033446EE] - 04/08/2011 - 01:15:21 ---A- . (...) -- C:\Windows\hpwins23.dat [263595]

O44 - LFC:[MD5.0B692BA436F32356D8F116AF8CDF69D7] - 04/08/2011 - 01:08:19 ---A- . (...) -- C:\Windows\win.ini [513]

O44 - LFC:[MD5.EAAC6EDDD4C372128E9DC7E89E117730] - 31/07/2011 - 02:21:00 ---A- . (...) -- C:\Windows\Paltalk Messenger Setup Log.txt [21358]

O44 - LFC:[MD5.B06A2FFC4503DFF01BAD161F37FFE0F9] - 23/07/2011 - 03:21:19 ---A- . (...) -- C:\Windows\ODBC.INI [382]

O44 - LFC:[MD5.3B83FFC62B8833AA4BD78A6D7CEDE86C] - 20/07/2011 - 13:37:22 ---A- . (.TuneUp Software - TuneUp Registry Optimization Boot Applicati.) -- C:\Windows\SysNative\TURegOpt.exe [34624]

O44 - LFC:[MD5.3B83FFC62B8833AA4BD78A6D7CEDE86C] - 20/07/2011 - 13:37:22 RSHAD . (.TuneUp Software - TuneUp Registry Optimization Boot Applicati.) -- C:\Windows\system32\TURegOpt.exe [34624]

O44 - LFC:[MD5.780B2EE264CA6F00919DFEF112EC23C7] - 20/07/2011 - 13:31:24 ---A- . (.TuneUp Software - TuneUp WinLogon Extension.) -- C:\Windows\SysNative\authuitu.dll [25920]

O44 - LFC:[MD5.780B2EE264CA6F00919DFEF112EC23C7] - 20/07/2011 - 13:31:24 ---A- . (.TuneUp Software - TuneUp WinLogon Extension.) -- C:\Windows\system32\authuitu.dll [25920]

O44 - LFC:[MD5.E54D5BFFBF8CC5B033C83FC3C8F06A22] - 20/07/2011 - 13:31:20 ---A- . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\SysNative\uxtuneup.dll [36160]

O44 - LFC:[MD5.E54D5BFFBF8CC5B033C83FC3C8F06A22] - 20/07/2011 - 13:31:20 ---A- . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\system32\uxtuneup.dll [36160]

O44 - LFC:[MD5.69E582BEC3EB7FB03AAAF9DD0E852429] - 20/07/2011 - 07:09:46 ---A- . (...) -- C:\Windows\msxml4-KB973688-enu.LOG [282660]

O44 - LFC:[MD5.D6656D2F553E8C4F973F3E41C860BBA0] - 20/07/2011 - 07:09:19 ---A- . (...) -- C:\Windows\msxml4-KB954430-enu.LOG [290190]

O44 - LFC:[MD5.72F813EE7437404DF798F15F08A9FA36] - 20/07/2011 - 06:22:46 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [4974640]

O44 - LFC:[MD5.72F813EE7437404DF798F15F08A9FA36] - 20/07/2011 - 06:22:46 RSHAD . (...) -- C:\Windows\system32\FNTCACHE.DAT [4974640]

O44 - LFC:[MD5.A5A3E41B23D386C264EA05E093C4FF82] - 18/07/2011 - 21:37:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\deployJava1.dll [525544]

O44 - LFC:[MD5.61C25926067AD1CB535E17635A1C8600] - 18/07/2011 - 21:37:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\java.exe [171808]

O44 - LFC:[MD5.624488F568E01CA6A036C16A79934C07] - 18/07/2011 - 21:37:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\javaw.exe [171808]

O44 - LFC:[MD5.A5A3E41B23D386C264EA05E093C4FF82] - 18/07/2011 - 21:37:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\deployJava1.dll [525544]

O44 - LFC:[MD5.61C25926067AD1CB535E17635A1C8600] - 18/07/2011 - 21:37:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\java.exe [171808]

O44 - LFC:[MD5.624488F568E01CA6A036C16A79934C07] - 18/07/2011 - 21:37:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\javaw.exe [171808]

O44 - LFC:[MD5.3C8B75F3AAD920F4C72002A5C2A0FCD5] - 18/07/2011 - 21:37:57 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\SysNative\javaws.exe [190752]

O44 - LFC:[MD5.3C8B75F3AAD920F4C72002A5C2A0FCD5] - 18/07/2011 - 21:37:57 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\system32\javaws.exe [190752]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/07/2011 - 03:08:24 ---A- . (...) -- C:\Windows\nsreg.dat [0]

O44 - LFC:[MD5.520F6850120FB68BA1C37FA76EF760C3] - 18/07/2011 - 02:50:31 ---A- . (...) -- C:\Windows\MEMORY.DMP [480530970]

O44 - LFC:[MD5.E1DCEE9E3EC0522DF24397BE1A64E449] - 18/07/2011 - 02:37:15 ---A- . (.Microsoft Corporation - Bibliothèque d'assistance au déploiement de.) -- C:\Windows\SysNative\dfshim.dll [1942856]

O44 - LFC:[MD5.E1DCEE9E3EC0522DF24397BE1A64E449] - 18/07/2011 - 02:37:15 ---A- . (.Microsoft Corporation - Bibliothèque d'assistance au déploiement de.) -- C:\Windows\system32\dfshim.dll [1942856]

O44 - LFC:[MD5.53FDA4AF81E7C4895357A50E848B7CFE] - 18/07/2011 - 02:35:42 ---A- . (.Pas de propriétaire - RemoteFX Helper.) -- C:\Windows\SysNative\RDVGHelper.exe [95744]

O44 - LFC:[MD5.53FDA4AF81E7C4895357A50E848B7CFE] - 18/07/2011 - 02:35:42 RSHAD . (.Pas de propriétaire - RemoteFX Helper.) -- C:\Windows\system32\RDVGHelper.exe [95744]

O44 - LFC:[MD5.DD72849FE94E6F49732E1E9A6484FBAF] - 18/07/2011 - 02:33:31 ---A- . (.Microsoft - Filtre du convertisseur RDP (redirecteur).) -- C:\Windows\SysNative\DShowRdpFilter.dll [281600]

O44 - LFC:[MD5.DD72849FE94E6F49732E1E9A6484FBAF] - 18/07/2011 - 02:33:31 ---A- . (.Microsoft - Filtre du convertisseur RDP (redirecteur).) -- C:\Windows\system32\DShowRdpFilter.dll [281600]

O44 - LFC:[MD5.0A551CCDEF9D6F99A008B5B075354650] - 18/07/2011 - 02:32:31 ---A- . (.Microsoft - robocopy.) -- C:\Windows\SysNative\Robocopy.exe [128000]

O44 - LFC:[MD5.0A551CCDEF9D6F99A008B5B075354650] - 18/07/2011 - 02:32:31 ---A- . (.Microsoft - robocopy.) -- C:\Windows\system32\Robocopy.exe [128000]

O44 - LFC:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 18/07/2011 - 02:32:30 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]

O44 - LFC:[MD5.345BC7CADBE91E78B52497EF3B0D910B] - 18/07/2011 - 02:31:48 ---A- . (.Windows ® Codename Longhorn DDK provider - Services de gestion des polices.) -- C:\Windows\SysNative\fms.dll [116224]

O44 - LFC:[MD5.345BC7CADBE91E78B52497EF3B0D910B] - 18/07/2011 - 02:31:48 ---A- . (.Windows ® Codename Longhorn DDK provider - Services de gestion des polices.) -- C:\Windows\system32\fms.dll [116224]

O44 - LFC:[MD5.163A95975E1D8819E653AA3E961371CA] - 18/07/2011 - 02:30:32 ---A- . (.Twain Working Group - Gestionnaire de sources Twain_32 (Image Acq.) -- C:\Windows\twain_32.dll [51200]

O44 - LFC:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 18/07/2011 - 01:06:43 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O44 - LFC:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 18/07/2011 - 01:06:42 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]

O44 - LFC:[MD5.0A92CB65770442ED0DC44834632F66AD] - 18/07/2011 - 01:06:42 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O44 - LFC:[MD5.540DAF1CEA6094886D72126FD7C33048] - 18/07/2011 - 01:06:41 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]

O44 - LFC:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 18/07/2011 - 01:06:41 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O44 - LFC:[MD5.628D39E8E0F48E989BE6F69B8BAB08ED] - 17/07/2011 - 21:43:49 ---A- . (...) -- C:\dk2.mem [256]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/07/2011 - 20:10:20 RSHAD . (...) -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf [0]

O44 - LFC:[MD5.E884DBDF31F56601A1FC7B8467A0B368] - 17/07/2011 - 19:42:45 ---A- . (...) -- C:\Windows\DPINST.LOG [44228]

O44 - LFC:[MD5.9DA93C9EC5B84CA11BEB6F35C3A1224B] - 17/07/2011 - 19:42:31 ---A- . (.Hewlett-Packard Company - LanguageMonitor.) -- C:\Windows\SysNative\hpf3l02t.dll [138752]

O44 - LFC:[MD5.9DA93C9EC5B84CA11BEB6F35C3A1224B] - 17/07/2011 - 19:42:31 RSHAD . (.Hewlett-Packard Company - LanguageMonitor.) -- C:\Windows\system32\hpf3l02t.dll [138752]

O44 - LFC:[MD5.59768575D9719D0F102C92CC60D35E74] - 17/07/2011 - 19:38:22 ---A- . (.Hewlett-Packard - HP Installer Coinstaller.) -- C:\Windows\SysNative\hpzids40.dll [644456]

O44 - LFC:[MD5.59768575D9719D0F102C92CC60D35E74] - 17/07/2011 - 19:38:22 RSHAD . (.Hewlett-Packard - HP Installer Coinstaller.) -- C:\Windows\system32\hpzids40.dll [644456]

O44 - LFC:[MD5.EED42D0E813203513134BAD0E5F00DC4] - 17/07/2011 - 14:08:19 ---A- . (...) -- C:\Windows\IE9_main.log [4948]

O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 17/07/2011 - 13:58:07 ---A- . (...) -- C:\Windows\SysNative\ieuinit.inf [72822]

O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 17/07/2011 - 13:58:07 ---A- . (...) -- C:\Windows\system32\ieuinit.inf [72822]

O44 - LFC:[MD5.7584603633248B208C37604D5A4FF7F4] - 17/07/2011 - 04:33:42 ---A- . (...) -- C:\Windows\DirectX.log [558]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/07/2011 - 03:13:28 RSHAD . (...) -- C:\Windows\system32\drivers\Msft_User_wpdcomp_01_09_00.Wdf [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/07/2011 - 03:12:54 RSHAD . (...) -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/07/2011 - 03:12:31 RSHAD . (...) -- C:\Windows\system32\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf [0]

O44 - LFC:[MD5.BC0018C2D29F655188A0ED3FA94FDB24] - 17/07/2011 - 02:56:26 RSHAD . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\system32\drivers\pccsmcfdx64.sys [25600]

O44 - LFC:[MD5.A9B34CF99EC0E78E7908EDEFDDCE404F] - 17/07/2011 - 02:55:01 ---A- . (.Nokia - Wireless Communication Device Class Install.) -- C:\Windows\SysNative\nmwcdclsX64.dll [66560]

O44 - LFC:[MD5.A9B34CF99EC0E78E7908EDEFDDCE404F] - 17/07/2011 - 02:55:01 RSHAD . (.Nokia - Wireless Communication Device Class Install.) -- C:\Windows\system32\nmwcdclsX64.dll [66560]

O44 - LFC:[MD5.A0D533E1C33312ECAD518C8C2F0BC116] - 17/07/2011 - 02:41:13 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll [46080]

O44 - LFC:[MD5.A0D533E1C33312ECAD518C8C2F0BC116] - 17/07/2011 - 02:41:13 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\system32\atmlib.dll [46080]

O44 - LFC:[MD5.4AC74A462F3A0506B929F599B5E1B1FB] - 17/07/2011 - 02:41:13 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll [367616]

O44 - LFC:[MD5.4AC74A462F3A0506B929F599B5E1B1FB] - 17/07/2011 - 02:41:13 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\system32\atmfd.dll [367616]

O44 - LFC:[MD5.BDB47B2C34FCD437C22A4B65EF20D688] - 17/07/2011 - 02:00:20 RSHAD . (...) -- C:\Windows\system32\drivers\klin.dat [152233]

O44 - LFC:[MD5.71F4B56C167C48FD50018C091A69CAE4] - 17/07/2011 - 01:49:43 ---A- . (.Hewlett-Packard - Hewlett-Packard WIA minidriver..) -- C:\Windows\SysNative\hpwwiax5.dll [906240]

O44 - LFC:[MD5.B7D260F4446160488ABA209C6E459143] - 17/07/2011 - 01:49:43 ---A- . (.Hewlett-Packard Co. - HP AiO Scan Driver - iop.) -- C:\Windows\SysNative\hpwtiop4.dll [1422848]

O44 - LFC:[MD5.71F4B56C167C48FD50018C091A69CAE4] - 17/07/2011 - 01:49:43 RSHAD . (.Hewlett-Packard - Hewlett-Packard WIA minidriver..) -- C:\Windows\system32\hpwwiax5.dll [906240]

O44 - LFC:[MD5.B7D260F4446160488ABA209C6E459143] - 17/07/2011 - 01:49:43 RSHAD . (.Hewlett-Packard Co. - HP AiO Scan Driver - iop.) -- C:\Windows\system32\hpwtiop4.dll [1422848]

O44 - LFC:[MD5.EC2A5EFFC554CADB1A610E81B593668D] - 17/07/2011 - 01:49:42 ---A- . (.Hewlett Packard - Preload Driver CoInstaller.) -- C:\Windows\SysNative\hppldcoi.dll [553472]

O44 - LFC:[MD5.4B7D00F47B0F414136FB72C5ACAF3EF0] - 17/07/2011 - 01:49:42 ---A- . (.Hewlett-Packard Co. - HP Scan VendorSetup/Co-Installer.) -- C:\Windows\SysNative\hpovst11.dll [488960]

O44 - LFC:[MD5.EC2A5EFFC554CADB1A610E81B593668D] - 17/07/2011 - 01:49:42 RSHAD . (.Hewlett Packard - Preload Driver CoInstaller.) -- C:\Windows\system32\hppldcoi.dll [553472]

O44 - LFC:[MD5.4B7D00F47B0F414136FB72C5ACAF3EF0] - 17/07/2011 - 01:49:42 RSHAD . (.Hewlett-Packard Co. - HP Scan VendorSetup/Co-Installer.) -- C:\Windows\system32\hpovst11.dll [488960]

O44 - LFC:[MD5.B43A6027A53F30E30901C76448574C33] - 17/07/2011 - 01:10:28 RSHAD . (...) -- C:\Windows\system32\drivers\klick.dat [107075]

O44 - LFC:[MD5.FF70BDAC6025B820857C7FE71D961D73] - 17/07/2011 - 01:08:04 ---A- . (...) -- C:\Windows\SysNative\oem2.inf [707378]

O44 - LFC:[MD5.FF70BDAC6025B820857C7FE71D961D73] - 17/07/2011 - 01:08:04 RSHAD . (...) -- C:\Windows\system32\oem2.inf [707378]

O44 - LFC:[MD5.C7D4F357C482DD37E2B05F34093B7B0C] - 17/07/2011 - 00:06:26 RSHAD . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) -- C:\Windows\system32\drivers\klif.sys [615728]

O44 - LFC:[MD5.90CFC5C683AC1A1B8CA50F8BC2F5DC00] - 17/07/2011 - 00:06:08 ---A- . (...) -- C:\Windows\SysNative\bcmwlrc.dll [6656]

O44 - LFC:[MD5.E5932C44B906A7C31F9BD6DC5E95910C] - 17/07/2011 - 00:06:08 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter Coinstaller.) -- C:\Windows\SysNative\bcmwlcoi.dll [95544]

O44 - LFC:[MD5.BED9256BA8620B9250E4C896788DB881] - 17/07/2011 - 00:06:08 ---A- . (.Broadcom Corporation - Broadcom Native 802.11 WLAN IHV Service Ext.) -- C:\Windows\SysNative\bcmihvui64.dll [3561272]

O44 - LFC:[MD5.90CFC5C683AC1A1B8CA50F8BC2F5DC00] - 17/07/2011 - 00:06:08 RSHAD . (...) -- C:\Windows\system32\bcmwlrc.dll [6656]

O44 - LFC:[MD5.E5932C44B906A7C31F9BD6DC5E95910C] - 17/07/2011 - 00:06:08 RSHAD . (.Broadcom Corporation - Broadcom 802.11 Network Adapter Coinstaller.) -- C:\Windows\system32\bcmwlcoi.dll [95544]

O44 - LFC:[MD5.BED9256BA8620B9250E4C896788DB881] - 17/07/2011 - 00:06:08 RSHAD . (.Broadcom Corporation - Broadcom Native 802.11 WLAN IHV Service Ext.) -- C:\Windows\system32\bcmihvui64.dll [3561272]

O44 - LFC:[MD5.6562232C88FA8E900D9FECFD2F7D8699] - 17/07/2011 - 00:06:07 ---A- . (.Broadcom Corporation - Broadcom Native 802.11 WLAN IHV Service.) -- C:\Windows\SysNative\bcmihvsrv64.dll [3896632]

O44 - LFC:[MD5.6562232C88FA8E900D9FECFD2F7D8699] - 17/07/2011 - 00:06:07 RSHAD . (.Broadcom Corporation - Broadcom Native 802.11 WLAN IHV Service.) -- C:\Windows\system32\bcmihvsrv64.dll [3896632]

O44 - LFC:[MD5.07237C66E05DA6778E9F3CB67FA00736] - 17/07/2011 - 00:03:14 RSHAD . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\Windows\system32\drivers\scdemu.sys [91568]

O44 - LFC:[MD5.C3727A0867CFC3E057080C321DB58A15] - 16/07/2011 - 22:40:41 ---A- . (...) -- C:\Windows\SysNative\license.rtf [57704]

O44 - LFC:[MD5.C3727A0867CFC3E057080C321DB58A15] - 16/07/2011 - 22:40:41 ---A- . (...) -- C:\Windows\system32\license.rtf [57704]

O44 - LFC:[MD5.D0AA5D539CA9B3B0011CEA4BA4494BB3] - 16/07/2011 - 22:39:57 ---A- . (...) -- C:\Windows\DtcInstall.log [1774]

O44 - LFC:[MD5.51BD82C4B8003327250FCD9DAEA39873] - 16/07/2011 - 22:39:49 ---A- . (...) -- C:\Windows\TSSysprep.log [1313]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/07/2011 - 22:39:38 RSHAD . (...) -- C:\Windows\system32\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf [0]

O44 - LFC:[MD5.8B138ED363128BFF2C2E1E7FEA9793B4] - 16/06/2011 - 08:00:00 ---A- . (...) -- C:\Windows\avisplitter.ini [38]

O44 - LFC:[MD5.C5DEA5B95AF9AA981C88CAB94A58213E] - 20/11/2010 - 03:52:51 ---A- . (...) -- C:\Windows\SysNative\locale.nls [419880]

O44 - LFC:[MD5.C5DEA5B95AF9AA981C88CAB94A58213E] - 20/11/2010 - 03:52:51 ---A- . (...) -- C:\Windows\system32\locale.nls [419880]

O44 - LFC:[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - 10/11/2010 - 01:48:34 ---A- . (...) -- C:\Windows\SysNative\ScavengeSpace.xml [10429]

O44 - LFC:[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - 10/11/2010 - 01:48:34 RSHAD . (...) -- C:\Windows\system32\ScavengeSpace.xml [10429]

O44 - LFC:[MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - 05/11/2010 - 02:20:53 ---A- . (...) -- C:\Windows\SysNative\systemsf.ebd [347904]

O44 - LFC:[MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - 05/11/2010 - 02:20:53 RSHAD . (...) -- C:\Windows\system32\systemsf.ebd [347904]

O44 - LFC:[MD5.C236A8735A48B165A2A7724357DBE332] - 05/11/2010 - 02:20:45 ---A- . (...) -- C:\Windows\SysNative\RacRules.xml [105559]

O44 - LFC:[MD5.C236A8735A48B165A2A7724357DBE332] - 05/11/2010 - 02:20:45 ---A- . (...) -- C:\Windows\system32\RacRules.xml [105559]

~ Scan Files in 02mn 05s

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"vidc.i420"="lvcod64.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\system32\lvcod64.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

~ Scan Keys in 00mn 01s

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 10/06/2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 13/07/2009 - 01:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 13/07/2009 - 01:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 13/07/2009 - 01:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 18/07/2011 - 06:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 10/06/2009 - 01:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 18/07/2011 - 06:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 13/07/2009 - 01:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 13/07/2009 - 01:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 20:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.FB4FDA64F2E8552EAEB5986C3F34462C] - 08/07/2009 - 00:45:50 RSHAD . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL664.SYS [2769400]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 14/07/2009 - 20:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 14/07/2009 - 20:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 01:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 14/07/2009 - 20:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 14/07/2009 - 20:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 14/07/2009 - 20:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 20:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.31C1FAC4AE14FB2F8771C59BA3F90BAD] - 17/07/2011 - 10:14:16 RSHAD . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\ccdcmbox64.sys [27136]

O58 - SDL:[MD5.88F2F2CB9FAEE2E14BCCF384F4C88061] - 17/07/2011 - 10:14:12 RSHAD . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\ccdcmbx64.sys [19968]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 13/07/2009 - 01:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 10/06/2009 - 01:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 20:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.E403AACF8C7BB11375122D2464560311] - 10/08/2011 - 13:17:08 RSHAD . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [34152]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 13/07/2009 - 20:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 18/07/2011 - 13:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]

O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 18/07/2011 - 06:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O58 - SDL:[MD5.137D5454EC0008E45CF26BE0DDE1EB77] - 29/05/2011 - 17:46:40 RSHAD . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\system32\drivers\idmwfp.sys [146568]

O58 - SDL:[MD5.24CC43ECDEEFD4C19FBBEE4951B647F1] - 23/09/2009 - 19:23:02 RSHAD . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd64.sys [6180832]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 13/07/2009 - 01:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.E656FE10D6D27794AFA08136685A69E8] - 17/07/2011 - 13:23:24 RSHAD . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\system32\drivers\kl1.sys [460888]

O58 - SDL:[MD5.D865DD8B0448E3F963D68C04C532858F] - 17/07/2011 - 13:23:28 RSHAD . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\system32\drivers\kl2.sys [11864]

O58 - SDL:[MD5.C7D4F357C482DD37E2B05F34093B7B0C] - 17/07/2011 - 00:06:26 RSHAD . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) -- C:\Windows\system32\drivers\klif.sys [615728]

O58 - SDL:[MD5.89FB5A33D7171B6D84F5EB721D5055E1] - 17/07/2011 - 18:36:24 RSHAD . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) -- C:\Windows\system32\drivers\klim6.sys [29488]

O58 - SDL:[MD5.9468D07E91BA136D82415F5DFC1FE168] - 17/07/2011 - 20:27:10 RSHAD . (.Kaspersky Lab - KLMOUFLT Mouse Device Filter [fre_wlh_AMD64].) -- C:\Windows\system32\drivers\klmouflt.sys [22544]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 13/07/2009 - 01:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 13/07/2009 - 01:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 13/07/2009 - 01:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 13/07/2009 - 01:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.4CB64D7458ABD8396BCD389A69C8FC80] - 09/05/2007 - 21:46:36 RSHAD . (.Logitech Inc. - Audio filter for Express Plus.) -- C:\Windows\system32\drivers\lv302a64.sys [16032]

O58 - SDL:[MD5.37EA62238E17AE88E4713D9246CA1C1C] - 09/05/2007 - 21:46:48 RSHAD . (.Logitech Inc. - Logitech QuickCam Driver.) -- C:\Windows\system32\drivers\LV302V64.SYS [1127328]

O58 - SDL:[MD5.0034F69D0007D3F77F6B96FA51228E85] - 09/05/2007 - 21:50:48 RSHAD . (.Logitech Inc. - USB Statistic Driver.) -- C:\Windows\system32\drivers\LVUSBS64.sys [50208]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 10/06/2009 - 01:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 13/07/2009 - 01:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 13/07/2009 - 01:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.863AA6C58AC85A22355AE943C605E44B] - 17/07/2011 - 10:09:48 RSHAD . (.Nokia - Nokia USB Phone Generic Client.) -- C:\Windows\system32\drivers\nmwcdnsucx64.sys [12800]

O58 - SDL:[MD5.7983D9201788407C4D1FC4D0BAA04E32] - 17/07/2011 - 10:09:48 RSHAD . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\nmwcdnsux64.sys [171008]

O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 18/07/2011 - 06:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 18/07/2011 - 06:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O58 - SDL:[MD5.BC0018C2D29F655188A0ED3FA94FDB24] - 17/07/2011 - 12:44:42 RSHAD . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\system32\drivers\pccsmcfdx64.sys [25600]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 10/06/2009 - 01:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 13/07/2009 - 01:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.07237C66E05DA6778E9F3CB67FA00736] - 17/07/2011 - 03:28:08 RSHAD . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\Windows\system32\drivers\scdemu.sys [91568]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 14/07/2009 - 20:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 10/06/2009 - 01:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 13/07/2009 - 01:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 01:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.B047D12F70881FF51B1161FCD72EC102] - 07/08/2011 - 10:24:34 RSHAD . (.SigmaTel, Inc. - NDRC.) -- C:\Windows\system32\drivers\sthda64.sys [1235456]

O58 - SDL:[MD5.AA33FC47ED58C34E6E9261E4F850B7EB] - 10/08/2011 - 08:06:08 RSHAD . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl64.sys [51712]

O58 - SDL:[MD5.0FBB0080B287BBCBF5C7076E3D74A35C] - 17/07/2011 - 10:14:22 RSHAD . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\usbser_lowerfltjx64.sys [9216]

O58 - SDL:[MD5.FBD861E69E1F583BEC906FCD04E4F84E] - 17/07/2011 - 10:14:20 RSHAD . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\usbser_lowerfltx64.sys [9216]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 13/07/2009 - 01:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 10/06/2009 - 01:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

O58 - SDL:[MD5.0C4540311E11664B245A263E1154CEF8] - 13/07/2009 - 21:01:11 RSHAD . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL6.SYS [292864]

O58 - SDL:[MD5.18E40C245DBFAF36FD0134A7EF2DF396] - 13/07/2009 - 21:01:11 RSHAD . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT6.SYS [740864]

O58 - SDL:[MD5.02071D207A9858FBE3A48CBFD59C4A04] - 13/07/2009 - 21:01:11 RSHAD . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV6.SYS [1485312]

~ Scan Drivers in 00mn 06s

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 18/12/2009 - C:\Program Files (x86)\systemRequirementsLab\cpudrv64.sys - No object (No service) .(...) - LEGACY_CPUDRV64

O64 - Services: CurCS - 02/07/2011 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys - No object(No service) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2X64

O64 - Services: CurCS - 28/03/2011 - C:\Windows\system32\DRIVERS\idmwfp.sys - No object(No service) .(.Tonec Inc. - Internet Download Manager WFP Driver.) - LEGACY_IDMWFP

O64 - Services: CurCS - 04/03/2011 - C:\Windows\system32\DRIVERS\kl1.sys - No object(No service) .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - LEGACY_KL1

O64 - Services: CurCS - 04/03/2011 - C:\Windows\system32\DRIVERS\kl2.sys - No object(No service) .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - LEGACY_KL2

O64 - Services: CurCS - 17/07/2011 - C:\Windows\system32\DRIVERS\klif.sys - No object(No service) .(.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) - LEGACY_KLIF

O64 - Services: CurCS - 10/03/2011 - C:\Windows\system32\DRIVERS\klim6.sys - No object(No service) .(.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - LEGACY_KLIM6

O64 - Services: CurCS - 10/02/2011 - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys - No object(No service) .(.TuneUp Software - TuneUp Utilities Driver.) - LEGACY_TUNEUPUTILITIESDRV

~ Scan Services in 00mn 17s

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Hicham\AppData\Local\Google\Chrome\Application\chrome.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Hicham\AppData\Local\Google\Chrome\Application\chrome.exe

O67 - Shell Spawning: <.js> <jsfile>[HKCR\..\open\Command] (.Adobe Systems, Inc. - Adobe Dreamweaver CS5.5.) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 01s

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Hicham\AppData\Local\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - Bing

~ Scan Keys in 00mn 00s

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.0F1945535870D268E211F3FA59763CBA] [sPRF][10/08/2011] (...) -- C:\Users\Hicham\AppData\Local\Temp\SkypeSetup.exe [812032]

~ Scan Files in 00mn 00s

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "TCP Query User{D0213FF4-6229-4106-8D00-5FE397DB9156}C:\program files (x86)\internet download manager\idman.exe" | In - Private - P6 - TRUE | .(.Tonec Inc..) -- C:\program files (x86)\internet download manager\idman.exe

O87 - FAEL: "UDP Query User{12266BAB-C679-408E-8904-01D86DB573BC}C:\program files (x86)\internet download manager\idman.exe" | In - Private - P17 - TRUE | .(.Tonec Inc..) -- C:\program files (x86)\internet download manager\idman.exe

O87 - FAEL: "{F6FAA7B9-436A-4391-93A8-A3E98EEF942A}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe

O87 - FAEL: "{7EE89F0D-FCE8-4800-B8EB-43A75AE71461}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe

O87 - FAEL: "{3092CC1A-0DB4-46AB-A710-9C611270B60B}" | In - None - P17 - TRUE | .(.Nokia - Nokia Ovi Suite.) -- C:\Program Files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe

O87 - FAEL: "{C5C543EF-9114-4E15-87AB-B551E1181A7C}" | In - None - P17 - TRUE | .(.Nokia Corporation - Nokia Service Layer Host Process.) -- C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe

O87 - FAEL: "{2C9217D6-26ED-4916-BA92-B2B7B153A1FA}" |In - None - P17 - TRUE | .(...) -- C:\Users\Hicham\AppData\Local\Temp\7zS0B0A\OJ6500vE709_Full_14\setup\hpznui40.exe (.not file.)

O87 - FAEL: "{7D77F4F0-43EC-453F-AD02-9A8AAB293A93}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Update Client.) -- C:\Program Files (x86)\HP\hp software update\hpwucli.exe

O87 - FAEL: "{F646BE08-9599-4C00-A0A6-2D92EA846359}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.5\FlashBuilder.exe

O87 - FAEL: "{C366E1B2-B2D1-4D46-93A5-440F58F68B7D}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.5\FlashBuilder.exe

O87 - FAEL: "{E8039BF5-BD20-4DF9-9D59-349C74A8419D}" | In - Private - P6 - TRUE | .(.PoivY - Client to make VoIP calls..) -- C:\Program Files (x86)\PoivY.com\PoivY\PoivY.exe

O87 - FAEL: "{B7D17D31-54A8-4D9E-9821-CA1C68BE4F26}" | In - Private - P17 - TRUE | .(.PoivY - Client to make VoIP calls..) -- C:\Program Files (x86)\PoivY.com\PoivY\PoivY.exe

O87 - FAEL: "{468C2180-6006-47D3-958D-CB5D53ACF138}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe

O87 - FAEL: "{A4A818F0-E385-4286-B260-526E4508A65D}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe

O87 - FAEL: "{4B29D64E-C27B-4B0E-A03A-560A6D46EC9F}" | In - None - P17 - TRUE | .(.Skype Limited - Facebook Video Calling.) -- C:\Users\Hicham\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe

O87 - FAEL: "{FF7CD749-B1F8-4D03-8339-B6A8C8722AF7}" | In - Public - P6 - TRUE | .(.PoivY - Client to make VoIP calls..) -- C:\Program Files (x86)\PoivY.com\PoivY\PoivY.exe

O87 - FAEL: "{996361BF-500F-4C53-8355-B1C062F317B2}" | In - Public - P17 - TRUE | .(.PoivY - Client to make VoIP calls..) -- C:\Program Files (x86)\PoivY.com\PoivY\PoivY.exe

O87 - FAEL: "{D322127F-40BC-4BC0-A20A-F289A8382917}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{3C3A7B63-87C6-4CA6-AE06-A5F91A40A419}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{2E3DC3C4-5EB0-4470-8B1D-DF89F56D02B9}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{A560D35B-8CE2-42E9-ABA9-22CC454476D1}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{A4C0B1A0-2090-496E-97AF-76FE3482F3AD}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{3605D420-936C-4A37-BABC-5DF4F0350653}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{807F1039-9955-4CF9-9F87-01606FF253D9}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{5D606B71-F4EB-44A0-A978-6E3B341F29AA}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{6E1BC4B2-97DF-416C-99A4-657D47D5F929}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{61BFEE89-109D-46A9-BBAC-6EB90D3F3E5F}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{3AD2847C-095E-461A-B549-6831AD09E61D}" | In - Domain - P17 - TRUE | .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe

O87 - FAEL: "{B1FBD185-6BE7-4F54-BD7C-4D2416FB460D}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{1D66765D-90CF-4DDE-9D6C-816AE42FB9A9}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{78DFF1F1-E738-4E13-B490-4C89CC70EA16}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{3B77F6F5-FA16-4F16-978D-4635734FBE82}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{8E59B5B8-A4DB-4A0E-A584-3925A56EAB13}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{3C3C1574-CE51-47B3-A1FA-E7C2C06BB20E}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{44B56668-D8BA-4B2E-8ED4-A18E1592CD07}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{450E2596-3ECA-4A53-A539-CE68D378644B}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{C8D1064E-34A7-4DE0-AD4F-777D42AA52DC}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{02C7574B-CC7B-4D10-946E-B23EEC9402E0}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe

~ Scan Firewall in 00mn 12s

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 8606 - (10/08/2011)

Clés trouvées (Keys found) : 8

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 2

Fichiers trouvés (Files found) : 0

 

[HKLM\Software\Classes\Wow6432Node\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] =>Adware.Hotbar

[HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] =>Adware.Hotbar

[HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.AskSBar

[HKLM\Software\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}] =>Toolbar.Facemood

[HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}] =>Spyware.Soft2PC

[HKLM\Software\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}] =>Toolbar.Facemood

[HKCU\Software\Winamp Toolbar] =>Toolbar.Winamp

[HKLM\Software\Wow6432Node\Winamp Toolbar] =>Toolbar.Winamp

C:\ProgramData\Winamp Toolbar =>Toolbar.Winamp

C:\Program Files (x86)\Winamp Toolbar =>Toolbar.Winamp

~ Scan Additionnel in 01mn 14s

 

 

 

---\\ Recherche détournement de DNS routeur (O89)

Serveur : sagembox.home

Address: 192.168.1.1

DNS request timed out.

timeout was 2 seconds.

Nom : www.l.google.com

Addresses: 74.125.39.103

74.125.39.104

74.125.39.105

74.125.39.106

74.125.39.147

74.125.39.99

Aliases: www.google.fr

www.google.com

~ Scan DNS in 00mn 11s

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 20/07/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

SR - | Auto 10/08/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SR - | Auto 17/07/2011 202296 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe

SS - | Demand 10/08/2011 387944 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

SR - | Demand 10/08/2011 934760 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SS - | Demand 17/07/2011 421376 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\x64\maconfservice.exe

SR - | Auto 20/07/2011 503080 | C:\Program Files (x86)\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe

SR - | Demand 17/07/2011 633856 | (ServiceLayer) . (.Nokia.) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

SS - | Auto 07/08/2011 94208 | (STacSV) . (.SigmaTel, Inc..) - C:\Program Files (x86)\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe

SS - | Demand 18/07/2011 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

SR - | Auto 10/08/2011 2027840 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe

SS - | Auto 13/07/2009 27136 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe

SR - | Auto 13/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

~ Scan Services in 00mn 46s

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by Hicham at 11/08/2011 03:25:46

 

device: opened successfully

user: error reading MBR

 

Disk trace:

error: Read Descripteur non valide

kernel: error reading MBR

~ Scan MBR in 00mn 50s

 

 

 

End of the scan (1446 lines in 08mn 53s)(0)

Modifié par Hichou09

Posté(e)

Voici le rapport de scan Ad-remover:

 

 

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

 

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 03:32:19 le 11/08/2011, Mode normal

 

Microsoft Windows 7 Édition Intégrale Service Pack 1 (X64)

Hicham@HICHAM-PC (Dell Inc. Latitude D830)

 

============== RECHERCHE ==============

 

 

 

Clé trouvée: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Clé trouvée: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

 

 

============== SCAN ADDITIONNEL ==============

 

**** Mozilla Firefox Version [5.0.1 (fr)] ****

 

Plugins\npdnu.dll (AOL LLC)

Plugins\npdnupdater2.dll (AOL LLC)

Plugins\npwachk.dll (Nullsoft, Inc.)

HKLM_MozillaPlugins\Adobe Reader (x)

HKCU_MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin (x)

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Searchplugins\fcmdSrch.xml ( hxxp://start.facemoods.com/?a=ddrnw&f=4&q={searchTerms}/)

Components\browsercomps.dll (Mozilla Foundation)

Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension for Firefox )

HKLM_Extensions|virtualKeyboard@kaspersky.ru - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru

HKLM_Extensions|linkfilter@kaspersky.ru - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru

HKLM_Extensions|KavAntiBanner@Kaspersky.ru - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru

HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

HKLM_Extensions|msntoolbar@msn.com - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox

HKLM_Extensions|{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}

HKLM_Extensions|web2pdfextension@web2pdf.adobedotcom - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

HKCU_Extensions|mozilla_cc@internetdownloadmanager.com - C:\Users\Hicham\AppData\Roaming\IDM\idmmzcc3

HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

 

-- C:\Users\Hicham\AppData\Roaming\Mozilla\FireFox\Profiles\h1qxre1n.default --

Extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} (Winamp Toolbar)

Prefs.js - browser.startup.homepage_override.buildID, 20110707182747

Prefs.js - browser.startup.homepage_override.mstone, rv:5.0.1

 

========================================

 

**** Google Chrome Version [12.0.742.122] ****

 

Extension\dchlnpcodkpfdpacogkljefecpegganj (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx) (?)

Extension\jagncdcchgajhfhijbbhecadmaiegcmh (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx) (?)

Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)

Extension\pjldcfjmnllhmgjclecdnfampinooman (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx) (?)

 

-- C:\Users\Hicham\AppData\Local\Google\Chrome\User Data\Default --

Preferences - default_search_provider: "Google" (Activé: true) (?)

Plugin - Chrome NaCl (Activé: false) (C:\Users\Hicham\AppData\Local\Google\Chrome\Application\12.0.742.122\ppGoogleNaClPluginChrome.dll)

Plugin - Kaspersky Anti-Virus (Activé: true) (C:\Users\Hicham\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin/npVKPlugin.dll)

Plugin - Kaspersky Anti-Virus (Activé: true) (C:\Users\Hicham\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll)

Plugin - Kaspersky Anti-Virus (Activé: true) (C:\Users\Hicham\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.397_0\plugin/npUrlAdvisor.dll)

Plugin - Bing Bar (Activé: true) (C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll)

Plugin - Facebook Video Calling Plugin (Activé: true) (C:\Users\Hicham\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll)

Plugin - "Java" (Activé: true)

Plugin - "Silverlight" (Activé: true)

Plugin - "Chrome NaCl" (Activé: false)

Plugin - "Kaspersky Anti-Virus" (Activé: true)

Plugin - "Bing Bar" (Activé: true)

Plugin - "Facebook Video Calling Plugin" (Activé: true)

 

========================================

 

**** Internet Explorer Version [9.0.8112.16421] ****

 

HKCU_Main|Search bar - hxxp://search.camfrog.com/ie

HKCU_Main|Search Page - hxxp://search.camfrog.com

HKCU_Main|Start Page - hxxp://www.messfrance.com

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157

HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157

HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} (C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll)

HKLM_Toolbar|{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} (C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll)

HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)

HKLM_Toolbar|{AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} (C:\Program Files (x86)\Camfrog\CamfrogBar\CamfrogBar.dll)

HKLM_Toolbar|{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} (C:\Program Files (x86)\Winamp Toolbar\winamptb.dll)

HKCU_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Hicham\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)

HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)

HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)

HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)

HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)

HKLM_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Hicham\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)

HKLM_ElevationPolicy\{6A7C9604-8A57-4B28-821B-BDEDF0E04788} - C:\Program Files\Microsoft Office\Office14\winproj.exe (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{7BD9A644-9DC6-42be-8872-CBF5524276BD} - C:\Program Files (x86)\Common Files\Software Update Utility\dnu.exe (AOL LLC)

HKLM_ElevationPolicy\{a8c2644d-bf72-4a89-a88c-d85f565f2f46} - c:\program files (x86)\winamp toolbar\winamptbServer.exe (AOL Inc.)

HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)

HKLM_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)

HKLM_Extensions\{4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - "PalTalk" (C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe,476)

BHO\{0055C089-8582-441B-A0BF-17B458C2A3A8} - "IDM integration (IDMIEHlprObj Class)" (C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll)

BHO\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - "Winamp Toolbar Loader" (C:\Program Files (x86)\Winamp Toolbar\winamptb.dll)

BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

BHO\{AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - "Camfrog Toolbar" (C:\Program Files (x86)\Camfrog\CamfrogBar\CamfrogBar.dll)

 

========================================

 

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files (x86)\Ad-Remover\Backup: 0 Fichier(s)

 

C:\Ad-Report-SCAN[1].txt - 11/08/2011 03:33:25 (8233 Octet(s))

 

Fin à: 03:39:01, 11/08/2011

 

============== E.O.F ==============

 

et ci-dessous le rapport Ad-remover clean:

 

 

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

 

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 03:42:18 le 11/08/2011, Mode normal

 

Microsoft Windows 7 Édition Intégrale Service Pack 1 (X64)

Hicham@HICHAM-PC (Dell Inc. Latitude D830)

 

============== ACTION(S) ==============

 

 

 

(!) -- Fichiers temporaires supprimés.

 

 

Clé supprimée: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Clé supprimée: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

 

 

============== SCAN ADDITIONNEL ==============

 

**** Mozilla Firefox Version [5.0.1 (fr)] ****

 

Plugins\npdnu.dll (AOL LLC)

Plugins\npdnupdater2.dll (AOL LLC)

Plugins\npwachk.dll (Nullsoft, Inc.)

HKLM_MozillaPlugins\Adobe Reader (x)

HKCU_MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin (x)

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Searchplugins\fcmdSrch.xml ( hxxp://start.facemoods.com/?a=ddrnw&f=4&q={searchTerms}/)

Components\browsercomps.dll (Mozilla Foundation)

Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension for Firefox )

HKLM_Extensions|virtualKeyboard@kaspersky.ru - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru

HKLM_Extensions|linkfilter@kaspersky.ru - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru

HKLM_Extensions|KavAntiBanner@Kaspersky.ru - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru

HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

HKLM_Extensions|msntoolbar@msn.com - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox

HKLM_Extensions|{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}

HKLM_Extensions|web2pdfextension@web2pdf.adobedotcom - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

HKCU_Extensions|mozilla_cc@internetdownloadmanager.com - C:\Users\Hicham\AppData\Roaming\IDM\idmmzcc3

HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

 

-- C:\Users\Hicham\AppData\Roaming\Mozilla\FireFox\Profiles\h1qxre1n.default --

Extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} (Winamp Toolbar)

Prefs.js - browser.startup.homepage_override.buildID, 20110707182747

Prefs.js - browser.startup.homepage_override.mstone, rv:5.0.1

 

========================================

 

**** Google Chrome Version [12.0.742.122] ****

 

Extension\dchlnpcodkpfdpacogkljefecpegganj (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx) (?)

Extension\jagncdcchgajhfhijbbhecadmaiegcmh (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx) (?)

Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)

Extension\pjldcfjmnllhmgjclecdnfampinooman (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx) (?)

 

-- C:\Users\Hicham\AppData\Local\Google\Chrome\User Data\Default --

Preferences - default_search_provider: "Google" (Activé: true) (?)

Plugin - Chrome NaCl (Activé: false) (C:\Users\Hicham\AppData\Local\Google\Chrome\Application\12.0.742.122\ppGoogleNaClPluginChrome.dll)

Plugin - Kaspersky Anti-Virus (Activé: true) (C:\Users\Hicham\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin/npVKPlugin.dll)

Plugin - Kaspersky Anti-Virus (Activé: true) (C:\Users\Hicham\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll)

Plugin - Kaspersky Anti-Virus (Activé: true) (C:\Users\Hicham\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.397_0\plugin/npUrlAdvisor.dll)

Plugin - Bing Bar (Activé: true) (C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll)

Plugin - Facebook Video Calling Plugin (Activé: true) (C:\Users\Hicham\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll)

Plugin - "Java" (Activé: true)

Plugin - "Silverlight" (Activé: true)

Plugin - "Chrome NaCl" (Activé: false)

Plugin - "Kaspersky Anti-Virus" (Activé: true)

Plugin - "Bing Bar" (Activé: true)

Plugin - "Facebook Video Calling Plugin" (Activé: true)

 

========================================

 

**** Internet Explorer Version [9.0.8112.16421] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} (C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll)

HKLM_Toolbar|{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} (C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll)

HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)

HKLM_Toolbar|{AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} (C:\Program Files (x86)\Camfrog\CamfrogBar\CamfrogBar.dll)

HKLM_Toolbar|{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} (C:\Program Files (x86)\Winamp Toolbar\winamptb.dll)

HKCU_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Hicham\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)

HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)

HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)

HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)

HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)

HKLM_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Hicham\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)

HKLM_ElevationPolicy\{6A7C9604-8A57-4B28-821B-BDEDF0E04788} - C:\Program Files\Microsoft Office\Office14\winproj.exe (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{7BD9A644-9DC6-42be-8872-CBF5524276BD} - C:\Program Files (x86)\Common Files\Software Update Utility\dnu.exe (AOL LLC)

HKLM_ElevationPolicy\{a8c2644d-bf72-4a89-a88c-d85f565f2f46} - c:\program files (x86)\winamp toolbar\winamptbServer.exe (AOL Inc.)

HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)

HKLM_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)

HKLM_Extensions\{4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - "PalTalk" (C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe,476)

BHO\{0055C089-8582-441B-A0BF-17B458C2A3A8} - "IDM integration (IDMIEHlprObj Class)" (C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll)

BHO\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - "Winamp Toolbar Loader" (C:\Program Files (x86)\Winamp Toolbar\winamptb.dll)

BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

BHO\{AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - "Camfrog Toolbar" (C:\Program Files (x86)\Camfrog\CamfrogBar\CamfrogBar.dll)

 

========================================

 

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files (x86)\Ad-Remover\Backup: 16 Fichier(s)

 

C:\Ad-Report-CLEAN[1].txt - 11/08/2011 03:42:29 (8491 Octet(s))

C:\Ad-Report-SCAN[1].txt - 11/08/2011 03:33:25 (8371 Octet(s))

 

Fin à: 03:50:34, 11/08/2011

 

============== E.O.F ==============

Posté(e)

et voici le scan cleaan de Ad remover

 

 

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

 

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 03:42:18 le 11/08/2011, Mode normal

 

Microsoft Windows 7 Édition Intégrale Service Pack 1 (X64)

Hicham@HICHAM-PC (Dell Inc. Latitude D830)

 

============== ACTION(S) ==============

 

 

 

(!) -- Fichiers temporaires supprimés.

 

 

Clé supprimée: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Clé supprimée: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

 

 

============== SCAN ADDITIONNEL ==============

 

**** Mozilla Firefox Version [5.0.1 (fr)] ****

 

Plugins\npdnu.dll (AOL LLC)

Plugins\npdnupdater2.dll (AOL LLC)

Plugins\npwachk.dll (Nullsoft, Inc.)

HKLM_MozillaPlugins\Adobe Reader (x)

HKCU_MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin (x)

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Searchplugins\fcmdSrch.xml ( hxxp://start.facemoods.com/?a=ddrnw&f=4&q={searchTerms}/)

Components\browsercomps.dll (Mozilla Foundation)

Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension for Firefox )

HKLM_Extensions|virtualKeyboard@kaspersky.ru - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru

HKLM_Extensions|linkfilter@kaspersky.ru - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru

HKLM_Extensions|KavAntiBanner@Kaspersky.ru - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru

HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

HKLM_Extensions|msntoolbar@msn.com - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox

HKLM_Extensions|{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}

HKLM_Extensions|web2pdfextension@web2pdf.adobedotcom - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

HKCU_Extensions|mozilla_cc@internetdownloadmanager.com - C:\Users\Hicham\AppData\Roaming\IDM\idmmzcc3

HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

 

-- C:\Users\Hicham\AppData\Roaming\Mozilla\FireFox\Profiles\h1qxre1n.default --

Extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} (Winamp Toolbar)

Prefs.js - browser.startup.homepage_override.buildID, 20110707182747

Prefs.js - browser.startup.homepage_override.mstone, rv:5.0.1

 

========================================

 

**** Google Chrome Version [12.0.742.122] ****

 

Extension\dchlnpcodkpfdpacogkljefecpegganj (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx) (?)

Extension\jagncdcchgajhfhijbbhecadmaiegcmh (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx) (?)

Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)

Extension\pjldcfjmnllhmgjclecdnfampinooman (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx) (?)

 

-- C:\Users\Hicham\AppData\Local\Google\Chrome\User Data\Default --

Preferences - default_search_provider: "Google" (Activé: true) (?)

Plugin - Chrome NaCl (Activé: false) (C:\Users\Hicham\AppData\Local\Google\Chrome\Application\12.0.742.122\ppGoogleNaClPluginChrome.dll)

Plugin - Kaspersky Anti-Virus (Activé: true) (C:\Users\Hicham\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin/npVKPlugin.dll)

Plugin - Kaspersky Anti-Virus (Activé: true) (C:\Users\Hicham\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll)

Plugin - Kaspersky Anti-Virus (Activé: true) (C:\Users\Hicham\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.397_0\plugin/npUrlAdvisor.dll)

Plugin - Bing Bar (Activé: true) (C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll)

Plugin - Facebook Video Calling Plugin (Activé: true) (C:\Users\Hicham\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll)

Plugin - "Java" (Activé: true)

Plugin - "Silverlight" (Activé: true)

Plugin - "Chrome NaCl" (Activé: false)

Plugin - "Kaspersky Anti-Virus" (Activé: true)

Plugin - "Bing Bar" (Activé: true)

Plugin - "Facebook Video Calling Plugin" (Activé: true)

 

========================================

 

**** Internet Explorer Version [9.0.8112.16421] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} (C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll)

HKLM_Toolbar|{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} (C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll)

HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)

HKLM_Toolbar|{AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} (C:\Program Files (x86)\Camfrog\CamfrogBar\CamfrogBar.dll)

HKLM_Toolbar|{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} (C:\Program Files (x86)\Winamp Toolbar\winamptb.dll)

HKCU_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Hicham\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)

HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)

HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)

HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)

HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)

HKLM_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Hicham\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)

HKLM_ElevationPolicy\{6A7C9604-8A57-4B28-821B-BDEDF0E04788} - C:\Program Files\Microsoft Office\Office14\winproj.exe (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{7BD9A644-9DC6-42be-8872-CBF5524276BD} - C:\Program Files (x86)\Common Files\Software Update Utility\dnu.exe (AOL LLC)

HKLM_ElevationPolicy\{a8c2644d-bf72-4a89-a88c-d85f565f2f46} - c:\program files (x86)\winamp toolbar\winamptbServer.exe (AOL Inc.)

HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)

HKLM_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)

HKLM_Extensions\{4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - "PalTalk" (C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe,476)

BHO\{0055C089-8582-441B-A0BF-17B458C2A3A8} - "IDM integration (IDMIEHlprObj Class)" (C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll)

BHO\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - "Winamp Toolbar Loader" (C:\Program Files (x86)\Winamp Toolbar\winamptb.dll)

BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

BHO\{AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - "Camfrog Toolbar" (C:\Program Files (x86)\Camfrog\CamfrogBar\CamfrogBar.dll)

 

========================================

 

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files (x86)\Ad-Remover\Backup: 16 Fichier(s)

 

C:\Ad-Report-CLEAN[1].txt - 11/08/2011 03:42:29 (8491 Octet(s))

C:\Ad-Report-SCAN[1].txt - 11/08/2011 03:33:25 (8371 Octet(s))

 

Fin à: 03:50:34, 11/08/2011

 

============== E.O.F ==============

Posté(e)

Bonsoir Hichou09

 

Je te conseil vivement de supprimer tes logiciels de P2P,source d'infections multiples. ;)

Ludvig Strigeus uTorrent

eMule PeerToPeer

µTorrent PeerToPeer

Bittorent PeerToPeer

 

Applique cette procédure :

 

  • Ferme toutes les applications ouvertes
  • Désactive tes défenses (anti-virus,anti-spyware)
  • Double-clique sur >> ZHPFix
    Pour Vista et seven
    fais un clique droit sur l'icône et exécute en tant qu'administrateur
    zhpfix.jpg
    Un raccourci installé par ZHPDiag sur le Bureau
     
    Sélectionne et surligne correctement avec la souris et "Clique droit > "Copier" ou "Ctrl+C"
    ces lignes ci dessous :
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
    M2 - MFEP: prefs.js [Hicham - h1qxre1n.default\{0b38152b-1b20-484d-a11f-5e04a9b0661f}] [] Winamp Toolbar v5.6.16.1 (.AOL Inc..)
    O4 - HKLM\..\Wow6432Node\Run: [NokiaMServer] Clé orpheline
    O4 - HKLM\..\Wow6432Node\Run: [NokiaMusic FastStart] Clé orpheline
    O4 - Global Startup: C:\Users\Hicham\Desktop\Upgrade to Paltalk Extreme.lnk - Clé orpheline
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1628572374-954855793-4127328231-1001Core.job
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1628572374-954855793-4127328231-1001UA.job
    O42 - Logiciel: Camfrog IE Toolbar 1.0.29 - (.Pas de propriétaire.) [HKLM] -- CamfrogBar
    O42 - Logiciel: Ufasoft SocksChain 3.153 - (.Pas de propriétaire.) [HKCU] -- UfasoftSocksChain
    O42 - Logiciel: WinAmp Bot 10 - (.imFiles.com.) [HKLM] -- WinAmp Bot_is1
    O42 - Logiciel: Winamp Toolbar - (.Pas de propriétaire.) [HKLM] -- Winamp Toolbar
    O43 - CFD: 06/08/2011 - 04:53:32 - [655739] ----D- C:\ProgramData\Winamp Toolbar
    [HKCU\Software\pth264]
    [HKLM\Software\Classes\Wow6432Node\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}]
    [HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}]
    [HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}]
    [HKLM\Software\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}]
    [HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}]
    [HKLM\Software\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}]
    [HKCU\Software\Winamp Toolbar]
    [HKLM\Software\Wow6432Node\Winamp Toolbar]
     
    HOSTFix
    FirewallRaz
    EmptyTemp
    EmptyFlash
  • Clique successivement sur l'icône H (pour effacer le rapport qui s'est affiché) icone-H.jpg puis sur l'icône de la "malette cachée par la feuille" malette-cachee.jpg .
     
  • Vérifie que toutes les lignes que je t'ai demandé de copier sont dans la fenêtre.
  • Et seulement ces lignes
  • Puis clique sur le bouton [OK]
  • A ce moment apparaîtra au début de chaque ligne
    une petite case vide. [ ]
  • Ensuite clique sur Tous puis sur Nettoyer
  • Valide par Oui la désinstallation des programmes si demandé
  • Laisse l'outil travailler. Si un redémarrage est demandé accepte et redémarre le PC
  • Le rapport ZHPFixReport.txt s'affiche.
    Le rapport ZHPFixReport.txt est enregistré sous C:\Program files\ZHPFix\ZHPFixReport.txt
  • Dans ta prochaine réponse
  • héberger le fichier contenant le rapport ici
    http://cjoint.com/
  • Indique ensuite dans ta prochaine réponse l'adresse d'hébergement de ce rapport

 

 

Télécharge la dernier version MalwareByte's sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :
  • Branche tes supports externes sur le pc (Clé USB,Disque Dur,etc..)
    Sans les ouvrirs
  • Exécute maintenant MalwareByte's Anti-Malware.Clique droit sur l'icône et "Exécuter en tant qu'administrateur"
    sélectionne "Exécuter un examen complet".
  • Coche toutes les cases des lecteurs
  • Afin de lancer la recherche clique sur"Rechercher".
  • Une fois le scan terminé une fenêtre s'ouvre clique sur OK.
  • Si des infections sont présentes
    clique sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
  • poste le rapport dans ta prochaine réponse.
     
    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression accepte en cliquant sur Ok.

 

A+

Posté(e)

Bonjour,

 

J'ai suivi les manip à la lettre de ZHPFix, mais il bloque avec le message suivant:

 

"violation d'acces à l'adresse 7552FEB8 dans le module 'KERNELBASE.dll'. Lecture de l'adresse 00050043"

 

Que dois-je faire svp

 

Merci

Posté(e) (modifié)

Bonjour Hichou09

 

  • Clique démarrer >> dans recherche de windows tape inetcpl.cpl
    En haut:
  • Clique sur inetcpl.cpl sur page d'internet explorer >> onglet avancées.
  • Clique sur rétablir les paramétre avancés
    Puis clique sur Réinitialiser
    Coche la case supprimer les paramétre personnel >> puis une nouvelle fois Réinitialiser
    Ferme IE
     
    Dans recherche de windows tape: cmd en haut cmd.exe clique droit sur l'icône et exécute en tant qu'administrateur
    Dans l'invité de commande tape:
    ipconfig /flushdns >> puis tape sur la touche [entrée]
    Attention aux espace ipconfig < espace > /flushdns
    Ferme l'invité de commande
     
  • Ferme toutes les applications ouvertes
  • Désactive tes défenses (anti-virus,anti-spyware)
  • Double-clique sur ZHPFix
    Pour Vista et seven
    fais un clique droit sur l'icône et exécute en tant qu'administrateur
    zhpfix.jpg
    Un raccourci installé par ZHPDiag sur le Bureau
    A droit clique sur HOSTFix
    Au message d'avertissement clique sur non
    Le rapport ZHPFixReport.txt est enregistré sur ton bureau post le dans ta prochaine réponse.

 

Si tous est OK reprend la procédure du post #5 pour ZHPFix

Et post le rapport stp

 

A+

Modifié par tomtom95
Posté(e)

Bonjour,

 

Merci pour votre aide, voici le rapport Zhpfix

 

Cijoint.fr - Service gratuit de dépôt de fichiers

 

J'ai refais la manip du post 5, je n'ai pas eu de message d'erreurs, voici le rapport:

 

Cijoint.fr - Service gratuit de dépôt de fichiers

 

J'ai fais un scan MBAM et voici le rapport:

 

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

 

Version de la base de données: 7453

 

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

 

13/08/2011 10:41:52

mbam-log-2011-08-13 (10-41-52).txt

 

Type d'examen: Examen complet (C:\|D:\|E:\|)

Elément(s) analysé(s): 455287

Temps écoulé: 3 heure(s), 46 minute(s), 55 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

 

 

Merci pour votre aide

Posté(e)

Bonjour Hichou09

 

Problème avec le fichiers Hosts :roll:

 

 

Télécharge RogueKiller (par tigzy). sur le bureau

  • IMPORTANT:Quitte tous tes programmes en cours
  • Lance RogueKiller.exe.Pour Vista et seven
    fais un clique droit sur l'icône et exécute en tant qu'administrateur.
    110331105357302855.jpg
    Lorsque demandé
  • tape 1 recherche et valide
  • Un rapport (RKreport.txt) sera créer à côté de l'exécutable
    colle son contenu dans la réponse
     
  • Si le programme a été bloqué
    ne pas hésiter a essayer à l'exécuter de nouveau .
     
    NOTE: Aprés avoir posté le premier rapport pour que je l'analyse,je te donnerais d'autres indication comme celle en dessous ;)
     
  • Si infection présente Il faudras Relancer Roguekiller
    et taper 2 suppression
    Un rapport (RKreport.txt) sera créer à côté de l'exécutable
    colle son contenu dans la réponse en fin de procédure.
     
     
    NOTE: Tape 3si le HOSTS est corrompu pour en restaurer une copie saine
    NOTE: S'il y a un proxy de trouvé Tape 4 pour la suppression
     
    Un rapport (RKreport.txt) a du se créer à côté de l'exécutable
    colle son contenu dans la réponse en fin de procédure.

 

A+

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...