Problème Internet

[lilou80]

et voila

 

############################## | UsbFix 7.055 | [suppression]

 

Utilisateur: david et vanessa (Administrateur) # PC [TOSHIBA Satellite L350]

Mis à jour le 06/08/2011 par El Desaparecido

Lancé à 13:36:42 | 14/08/2011

Site Web: http://www.teamxscript.org

Submit your sample: http://www.teamxscript.org/Upload.php

Contact: TeamXscript.ElDesaparecido@gmail.com

 

CPU: Intel® Pentium® Dual CPU T3200 @ 2.00GHz

CPU 2: Intel® Pentium® Dual CPU T3200 @ 2.00GHz

Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6001 32-Bit) # Service Pack 1

Internet Explorer 8.0.6001.19088

 

Pare-feu Windows: Activé

RAM -> 1915 Mo

C:\ (%systemdrive%) -> Disque fixe # 56 Go (3 Go libre(s) - 5%) [Vista] # NTFS

D:\ -> Disque amovible # 4 Go (3 Go libre(s) - 81%) [FLASH DRIVE] # FAT32

E:\ -> Disque fixe # 55 Go (37 Go libre(s) - 68%) [Data] # NTFS

F:\ -> CD-ROM

 

################## | Éléments infectieux |

 

Supprimé! C:\Users\Public\NTUSER.DAT{cf90dfa6-37f3-11de-ae08-001e338263b8}.TM.blf

Supprimé! C:\Users\Public\NTUSER.DAT{cf90dfa6-37f3-11de-ae08-001e338263b8}.TMContainer00000000000000000001.regtrans-ms

Supprimé! C:\Users\Public\NTUSER.DAT{cf90dfa6-37f3-11de-ae08-001e338263b8}.TMContainer00000000000000000002.regtrans-ms

Supprimé! C:\Users\Public\NTUSER.DAT{fa12c864-6e05-11de-90f0-001e338263b8}.TM.blf

Supprimé! C:\Users\Public\NTUSER.DAT{fa12c864-6e05-11de-90f0-001e338263b8}.TMContainer00000000000000000001.regtrans-ms

Supprimé! C:\Users\Public\NTUSER.DAT{fa12c864-6e05-11de-90f0-001e338263b8}.TMContainer00000000000000000002.regtrans-ms

Supprimé! C:\$RECYCLE.BIN\S-1-5-21-2146809824-2372817770-2125629079-1000

Supprimé! E:\$RECYCLE.BIN\S-1-5-21-2146809824-2372817770-2125629079-1000

 

################## | Registre |

 

 

################## | Mountpoints2 |

 

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{60921e47-b85a-11df-b549-001e338263b8}

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{956c5415-b76b-11df-83bc-001e338263b8}

 

################## | Listing |

 

[14/08/2011 - 13:37:48 | SHD ] C:\$RECYCLE.BIN

[18/09/2006 - 23:43:36 | N | 24] C:\autoexec.bat

[13/08/2008 - 08:17:12 | D ] C:\Boot

[21/01/2008 - 04:34:29 | RASH | 333203] C:\bootmgr

[13/08/2008 - 08:17:13 | N | 8192] C:\BOOTSECT.BAK

[18/09/2006 - 23:43:37 | N | 10] C:\config.sys

[02/11/2006 - 14:59:44 | SHD ] C:\Documents and Settings

[14/08/2011 - 11:31:00 | ASH | 2009071616] C:\hiberfil.sys

[13/08/2008 - 09:08:31 | D ] C:\Intel

[14/03/2011 - 18:45:46 | N | 0] C:\IO.SYS

[14/03/2011 - 18:45:46 | N | 0] C:\MSDOS.SYS

[13/08/2008 - 09:58:50 | RHD ] C:\MSOCache

[14/08/2011 - 11:30:57 | ASH | 2322870272] C:\pagefile.sys

[21/01/2008 - 04:43:50 | D ] C:\PerfLogs

[13/08/2011 - 23:09:31 | N | 512] C:\PhysicalDisk0_MBR.bin

[13/08/2011 - 23:06:42 | D ] C:\Program Files

[13/08/2011 - 19:01:33 | HD ] C:\ProgramData

[26/12/2008 - 19:30:57 | N | 651] C:\RHDSetup.log

[13/08/2008 - 10:45:18 | N | 70] C:\SWSTAMP.TXT

[14/08/2011 - 11:14:24 | SHD ] C:\System Volume Information

[26/12/2008 - 20:52:03 | D ] C:\Toshiba

[14/08/2011 - 13:37:49 | D ] C:\UsbFix

[14/08/2011 - 13:36:43 | A | 3096] C:\UsbFix.txt

[26/12/2008 - 20:45:40 | D ] C:\Users

[08/07/2011 - 19:43:37 | D ] C:\Windows

[13/08/2008 - 10:06:11 | D ] C:\Works

[14/08/2011 - 00:17:33 | D ] C:\ZHP

[17/06/2011 - 17:09:26 | N | 409] D:\Une.nuit.au.mus%E9e.Screener.by.TheDown.net.lnk

[16/07/2011 - 12:59:08 | N | 735240192] D:\LE.ROI.LION.2.(1998).Vraie.VF.Divx6.French.DVDRip.ARLBOUFFIARD-fuze.avi

[13/08/2011 - 23:04:14 | N | 2533398] D:\ZHPDiag2.zip

[13/08/2011 - 23:09:34 | N | 135022] D:\ZHPDiag.txt

[14/08/2011 - 11:49:40 | N | 1563105] D:\AD-R.exe

[14/08/2011 - 11:51:10 | N | 555008] D:\RogueKiller.exe

[14/08/2011 - 11:51:42 | N | 1235521] D:\UsbFix.exe

[14/08/2011 - 11:58:54 | N | 9466208] D:\mbam-setup-1.51.1.1800.exe

[14/08/2011 - 12:51:46 | N | 1574] D:\RKreport[1].txt

[14/08/2011 - 13:19:20 | N | 2082] D:\UsbFix.txt

[14/08/2011 - 13:37:49 | SHD ] E:\$RECYCLE.BIN

[28/12/2009 - 23:31:55 | D ] E:\film

[27/12/2008 - 05:24:43 | D ] E:\HDDRecovery

[09/02/2010 - 16:38:46 | N | 532] E:\Le Petit Nicolas david.lnk

[22/08/2008 - 17:09:54 | N | 11] E:\R09109FR.tag

[26/12/2008 - 19:27:45 | SHD ] E:\System Volume Information

 

################## | Vaccin |

 

C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)

D:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)

E:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)

 

################## | Upload |

 

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC.zip

http://www.teamxscript.org/Upload.php

Merci de votre contribution.

 

################## | E.O.F |

 

je te remercie de m'aider

[Apollo]

je te remercie de m'aider

 

Attends de voir ma facture

 

Je plaisante.

 

Lance USBFIX et clique sur Désinstaller

 

Réactiver l'UAC sous Vista/7.

 

~~~~~~~~~~~~~~~~~~

1) Télécharge Ad-Remover de C-XX et Enregistre-le sur le bureau.

 

http://www.teamxscript.org/adremoverTelechargement.html

 

Ferme toutes les applications ouvertes pour l'installer.

 

Sous XP: Double-clique, (Clic droit/exécuter comme administrateur pour Vista/7) sur l'icône placée sur le bureau.

 

Si le firewall se manifeste, accorde les autorisations à l'outil pour qu'il puisse travailler.

 

Clique sur scanner

 

 

Le rapport se trouve aussi sous C:\Ad-Report Scan.

Copie/colle-le dans ta réponse stp.

 

 

----------------------------------------------------

 

2) Relance Ad-Remover et cette fois, clique sur Nettoyer

 

Le bureau va disparaître, c'est normal.

 

Le rapport à poster sera sur C:\Ad-Report Clean.

 

*** Poste les deux rapports stp.

 

-------------------------------------------

Seulement après avoir posté les rapports:

3) Relance Ad-Remover et clique sur Désinstaller.

 

@++

[lilou80]

et voila le 1er rapport:

 

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 13:54:51 le 14/08/2011, Mode normal

 

Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1 (X86)

david et vanessa@PC (TOSHIBA Satellite L350)

 

============== RECHERCHE ==============

 

 

Fichier trouvé: C:\Users\david et vanessa\AppData\Local\ygmqe.bat

Fichier trouvé: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js

Fichier trouvé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js

Fichier trouvé: C:\Windows\system32\Macromed\Flash\FlashPlayerTrust\UnifiedToolbar.cfg

Dossier trouvé: C:\Program Files\AskBarDis

Dossier trouvé: C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65

Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato

Dossier trouvé: C:\Users\david et vanessa\AppData\Roaming\ClickPotatoLite

Dossier trouvé: C:\Program Files\ClickPotatoLite

Dossier trouvé: C:\ProgramData\ClickPotatoLiteSA

Dossier trouvé: C:\ProgramData\QuestBrwSearch

Dossier trouvé: C:\Program Files\QuestBrwSearch

Dossier trouvé: C:\Users\david et vanessa\AppData\LocalLow\ShoppingReport2

Dossier trouvé: C:\Program Files\ShoppingReport2

Dossier trouvé: C:\Program Files\UnifiedToolbar

Dossier trouvé: C:\Users\david et vanessa\AppData\Roaming\AGI

Dossier trouvé: C:\ProgramData\AGI

Dossier trouvé: C:\Program Files\AGI

Dossier trouvé: C:\ProgramData\Kiwee Toolbar

Dossier trouvé: C:\Users\david et vanessa\AppData\LocalLow\Kiwee Toolbar

Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kiwee Toolbar

Dossier trouvé: C:\Program Files\Kiwee Toolbar

Fichier trouvé: C:\Users\david et vanessa\AppData\Local\wgoeo_nav.dat

Fichier trouvé: C:\Users\david et vanessa\AppData\Local\wgoeo.dat

Fichier trouvé: C:\Users\david et vanessa\AppData\Local\wgoeo_navps.dat

 

Clé trouvée: HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}

Clé trouvée: HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}

Clé trouvée: HKLM\Software\Classes\CLSID\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}

Clé trouvée: HKLM\Software\Classes\AppID\{CC50232E-FDB1-436F-B658-452F88E81736}

Clé trouvée: HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}

Clé trouvée: HKLM\Software\Classes\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}

Clé trouvée: HKLM\Software\Classes\CLSID\{1C99B848-84CB-4CE4-8CD8-ED5719484D9F}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1C99B848-84CB-4CE4-8CD8-ED5719484D9F}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C99B848-84CB-4CE4-8CD8-ED5719484D9F}

Clé trouvée: HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}

Clé trouvée: HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}

Clé trouvée: HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}

Clé trouvée: HKLM\Software\Classes\AppID\{E142D053-7023-4B33-AF22-91F14202142D}

Clé trouvée: HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}

Clé trouvée: HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}

Clé trouvée: HKLM\Software\Classes\CLSID\{6E15D3C4-C6FC-4F02-B130-77CC5B1F09DB}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6E15D3C4-C6FC-4F02-B130-77CC5B1F09DB}

Clé trouvée: HKLM\Software\Classes\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C}

Clé trouvée: HKLM\Software\Classes\AppID\{D2083641-E57F-4eab-BB85-0582424F4A29}

Clé trouvée: HKLM\Software\Classes\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}

Clé trouvée: HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}

Clé trouvée: HKLM\Software\Classes\CLSID\{E03BAFDC-EB9D-4C35-A7A2-AB6C62FF0A68}

Clé trouvée: HKLM\Software\Classes\CLSID\{E6375F37-E4D1-4F51-B651-4658C27AC5BF}

Clé trouvée: HKLM\Software\Classes\AppID\{A5461FCA-320C-4D6F-A150-A53823CE8142}

Clé trouvée: HKLM\Software\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}

Clé trouvée: HKLM\Software\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}

Clé trouvée: HKLM\Software\Classes\Interface\{3E16A203-C0AA-4D44-ACC5-38A70A8C76DA}

Clé trouvée: HKLM\Software\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}

Clé trouvée: HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}

Clé trouvée: HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}

Clé trouvée: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}

Clé trouvée: HKLM\Software\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}

Clé trouvée: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}

Clé trouvée: HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}

Clé trouvée: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}

Clé trouvée: HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}

Clé trouvée: HKLM\Software\Classes\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}

Clé trouvée: HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}

Clé trouvée: HKLM\Software\Classes\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08}

Clé trouvée: HKLM\Software\Classes\TypeLib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6}

Clé trouvée: HKLM\Software\Classes\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC}

Clé trouvée: HKLM\Software\Classes\TypeLib\{C7403C30-3644-43D8-A82F-4BD84B9682D9}

Clé trouvée: HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}

Clé trouvée: HKLM\Software\Classes\TypeLib\{D44FD6F0-9746-484E-B5C4-C66688393872}

Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ygmqe

Clé trouvée: HKLM\Software\Classes\AG.MediaPlayerCOM

Clé trouvée: HKLM\Software\Classes\agcore.Config.AGConfig

Clé trouvée: HKLM\Software\Classes\agcore.Search.Search

Clé trouvée: HKLM\Software\Classes\agcore.Text.JSON

Clé trouvée: HKLM\Software\Classes\agihelper.AGUtils

Clé trouvée: HKLM\Software\Classes\AskIBar.PopSwatterBarButton

Clé trouvée: HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1

Clé trouvée: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl

Clé trouvée: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1

Clé trouvée: HKLM\Software\Classes\AskToolBar.SettingsPlugin

Clé trouvée: HKLM\Software\Classes\AskToolBar.SettingsPlugin.1

Clé trouvée: HKLM\Software\Classes\ClickPotatoLiteAx.Info

Clé trouvée: HKLM\Software\Classes\ClickPotatoLiteAx.Info.1

Clé trouvée: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles

Clé trouvée: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles.1

Clé trouvée: HKLM\Software\Classes\KiweeIEToolbar.KiweeToolbar

Clé trouvée: HKLM\Software\Classes\KiweeIEToolbar.KiweeToolbar.1

Clé trouvée: HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo

Clé trouvée: HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo.1

Clé trouvée: HKLM\Software\Classes\MenuButtonIE.ButtonIE

Clé trouvée: HKLM\Software\Classes\MenuButtonIE.ButtonIE.1

Clé trouvée: HKLM\Software\Classes\ShoppingReport2.HbAx

Clé trouvée: HKLM\Software\Classes\ShoppingReport2.HbAx.1

Clé trouvée: HKLM\Software\Classes\ShoppingReport2.HbInfoBand

Clé trouvée: HKLM\Software\Classes\ShoppingReport2.HbInfoBand.1

Clé trouvée: HKLM\Software\Classes\ShoppingReport2.IEButton

Clé trouvée: HKLM\Software\Classes\ShoppingReport2.IEButton.1

Clé trouvée: HKLM\Software\Classes\ShoppingReport2.IEButtonA

Clé trouvée: HKLM\Software\Classes\ShoppingReport2.IEButtonA.1

Clé trouvée: HKLM\Software\Classes\ShoppingReport2.RprtCtrl

Clé trouvée: HKLM\Software\Classes\ShoppingReport2.RprtCtrl.1

Clé trouvée: HKLM\Software\Classes\UnifiedToolbar.UnifiedToolbar

Clé trouvée: HKLM\Software\Classes\AppID\MenuButtonIE.DLL

Clé trouvée: HKLM\Software\AGI

Clé trouvée: HKLM\Software\ClickPotatoLite

Clé trouvée: HKLM\Software\QuestBrowse

Clé trouvée: HKLM\Software\ShoppingReport2

Clé trouvée: HKCU\Software\AGI

Clé trouvée: HKCU\Software\AskBarDis

Clé trouvée: HKCU\Software\ClickPotatoLiteSA

Clé trouvée: HKCU\Software\fcn

Clé trouvée: HKCU\Software\ShoppingReport2

Clé trouvée: HKCU\Software\AppDataLow\AskBarDis

Clé trouvée: HKCU\Software\AppDataLow\Software\ShoppingReport2

Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}

Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{23A287DB-449A-462F-BDE1-8635A61671CE}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8AADE841-03C5-486A-B048-BB112CC0CAC5}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ClickpotatoliteSA

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\QuestBrowse

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport2

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8AADE841-03C5-486A-B048-BB112CC0CAC5}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ClickpotatoliteSA

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\QuestBrowse

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6}

Clé trouvée: HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}

 

Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|toolbar@kiwee.com

Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|unifiedtoolbar@aginteractive.com

Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|ClickPotatoLite@ClickPotatoLite.com

Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|KiweeHook

Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{0BC6E3FA-78EF-4886-842C-5A1258C4455A}

Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98}

Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{1C99B848-84CB-4CE4-8CD8-ED5719484D9F}

Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98}

Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}

 

 

============== SCAN ADDITIONNEL ==============

 

**** Internet Explorer Version [8.0.6001.19088] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_URLSearchHooks|{0BC6E3FA-78EF-4886-842C-5A1258C4455A} - "agihelper.AGUtils" (mscoree.dll) (x)

HKCU_SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} - "Search the Web" (hxxp://search.imgag.com/?appid=kwtb&component=&c=GNKWO50020&sbs=2&sc=2&f=web&ver...)

HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=1Pd9w8Dl4nZB57btc8dC5EKSq_8?q={searchTerms})

HKCU_SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} - "Ask Search" (hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q={searchTerms}&c...)

HKLM_SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} - "Search the Web" (hxxp://search.imgag.com/?appid=kwtb&component=&c=GNKWO50020&sbs=2&sc=2&f=web&ver...)

HKCU_Toolbar\WebBrowser|{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} (x)

HKCU_Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98} (C:\Program Files\AskBarDis\bar\bin\askBar.dll)

HKLM_Toolbar|{3041d03e-fd4b-44e0-b742-2d9b88305f98} (C:\Program Files\AskBarDis\bar\bin\askBar.dll)

HKLM_Toolbar|{1c99b848-84cb-4ce4-8cd8-ed5719484d9f} (mscoree.dll) (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)

HKLM_ElevationPolicy\{87a0b80b-5ba7-4cb0-9553-105d68777d60} - C:\Program Files\AGI\core\4.2.0.10752\AGUser.exe (?)

HKLM_ElevationPolicy\{a00068b1-1e4e-41c7-afa9-baeb9697e2b9} - C:\Program Files\Common Files\Research In Motion\AppLoader\Loader.exe (Research In Motion Limited)

HKLM_ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} - C:\Program Files\ClickPotatoLite\bin\10.0.659.0\Weather.exe (x)

HKLM_ElevationPolicy\{B9C9C9C7-B9B2-4203-BB34-AADB48E94647} - C:\Program Files\AGI\Python25\pythonw.exe (x)

HKLM_Extensions\{76577871-04EC-495E-A12B-91F7C3600AFA} - "eBay - Achetez, Vendez" (c:\toshiba\Webshops\ebay.ico)

HKLM_Extensions\{8A918C1D-E123-4E36-B562-5C1519E434CE} - "Amazon.fr" (c:\toshiba\Webshops\amazon.ico)

HKLM_Extensions\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - "ClickPotato" (C:\Program Files\ClickPotatoLite\bin\10.0.659.0\ClickPotatoLiteSABHO.dll,201)

BHO\{0bc6e3fa-78ef-4886-842c-5a1258c4455a} - "agihelper.AGUtils" (mscoree.dll) (x)

BHO\{201f27d4-3704-41d6-89c1-aa35e39143ed} - "AskBar BHO" (C:\Program Files\AskBarDis\bar\bin\askBar.dll)

BHO\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - "Windows Live Family Safety Browser Helper Class" (C:\Program Files\Windows Live\Family Safety\fssbho.dll)

BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)

BHO\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} (?)

BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 0 Fichier(s)

 

C:\Ad-Report-SCAN[1].txt - 14/08/2011 13:55:08 (16960 Octet(s))

 

Fin à: 13:55:48, 14/08/2011

 

============== E.O.F ==============

 

 

et voila le 2ème :

 

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

 

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 13:56:29 le 14/08/2011, Mode normal

 

Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1 (X86)

david et vanessa@PC (TOSHIBA Satellite L350)

 

============== ACTION(S) ==============

 

 

Fichier supprimé: C:\Users\david et vanessa\AppData\Local\ygmqe.bat

Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js

Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js

Fichier supprimé: C:\Windows\system32\Macromed\Flash\FlashPlayerTrust\UnifiedToolbar.cfg

Dossier supprimé: C:\Program Files\AskBarDis

Dossier supprimé: C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65

Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato

Dossier supprimé: C:\Users\david et vanessa\AppData\Roaming\ClickPotatoLite

Dossier supprimé: C:\Program Files\ClickPotatoLite

Dossier supprimé: C:\ProgramData\ClickPotatoLiteSA

Dossier supprimé: C:\ProgramData\QuestBrwSearch

Dossier supprimé: C:\Program Files\QuestBrwSearch

Dossier supprimé: C:\Users\david et vanessa\AppData\LocalLow\ShoppingReport2

Dossier supprimé: C:\Program Files\ShoppingReport2

Dossier supprimé: C:\Program Files\UnifiedToolbar

Dossier supprimé: C:\Users\david et vanessa\AppData\Roaming\AGI

Dossier supprimé: C:\ProgramData\AGI

Dossier supprimé: C:\Program Files\AGI

Dossier supprimé: C:\ProgramData\Kiwee Toolbar

Dossier supprimé: C:\Users\david et vanessa\AppData\LocalLow\Kiwee Toolbar

Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kiwee Toolbar

Dossier supprimé: C:\Program Files\Kiwee Toolbar

Fichier supprimé: C:\Users\david et vanessa\AppData\Local\wgoeo_nav.dat

Fichier supprimé: C:\Users\david et vanessa\AppData\Local\wgoeo.dat

Fichier supprimé: C:\Users\david et vanessa\AppData\Local\wgoeo_navps.dat

 

(!) -- Fichiers temporaires supprimés.

 

 

Clé supprimée: HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}

Clé supprimée: HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}

Clé supprimée: HKLM\Software\Classes\CLSID\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}

Clé supprimée: HKLM\Software\Classes\AppID\{CC50232E-FDB1-436F-B658-452F88E81736}

Clé supprimée: HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}

Clé supprimée: HKLM\Software\Classes\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}

Clé supprimée: HKLM\Software\Classes\CLSID\{1C99B848-84CB-4CE4-8CD8-ED5719484D9F}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1C99B848-84CB-4CE4-8CD8-ED5719484D9F}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C99B848-84CB-4CE4-8CD8-ED5719484D9F}

Clé supprimée: HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}

Clé supprimée: HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}

Clé supprimée: HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}

Clé supprimée: HKLM\Software\Classes\AppID\{E142D053-7023-4B33-AF22-91F14202142D}

Clé supprimée: HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}

Clé supprimée: HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}

Clé supprimée: HKLM\Software\Classes\CLSID\{6E15D3C4-C6FC-4F02-B130-77CC5B1F09DB}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6E15D3C4-C6FC-4F02-B130-77CC5B1F09DB}

Clé supprimée: HKLM\Software\Classes\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C}

Clé supprimée: HKLM\Software\Classes\AppID\{D2083641-E57F-4eab-BB85-0582424F4A29}

Clé supprimée: HKLM\Software\Classes\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}

Clé supprimée: HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}

Clé supprimée: HKLM\Software\Classes\CLSID\{E03BAFDC-EB9D-4C35-A7A2-AB6C62FF0A68}

Clé supprimée: HKLM\Software\Classes\CLSID\{E6375F37-E4D1-4F51-B651-4658C27AC5BF}

Clé supprimée: HKLM\Software\Classes\AppID\{A5461FCA-320C-4D6F-A150-A53823CE8142}

Clé supprimée: HKLM\Software\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}

Clé supprimée: HKLM\Software\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}

Clé supprimée: HKLM\Software\Classes\Interface\{3E16A203-C0AA-4D44-ACC5-38A70A8C76DA}

Clé supprimée: HKLM\Software\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}

Clé supprimée: HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}

Clé supprimée: HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}

Clé supprimée: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}

Clé supprimée: HKLM\Software\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}

Clé supprimée: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}

Clé supprimée: HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}

Clé supprimée: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}

Clé supprimée: HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}

Clé supprimée: HKLM\Software\Classes\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}

Clé supprimée: HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}

Clé supprimée: HKLM\Software\Classes\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08}

Clé supprimée: HKLM\Software\Classes\TypeLib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6}

Clé supprimée: HKLM\Software\Classes\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC}

Clé supprimée: HKLM\Software\Classes\TypeLib\{C7403C30-3644-43D8-A82F-4BD84B9682D9}

Clé supprimée: HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}

Clé supprimée: HKLM\Software\Classes\TypeLib\{D44FD6F0-9746-484E-B5C4-C66688393872}

Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ygmqe

Clé supprimée: HKLM\Software\Classes\AG.MediaPlayerCOM

Clé supprimée: HKLM\Software\Classes\agcore.Config.AGConfig

Clé supprimée: HKLM\Software\Classes\agcore.Search.Search

Clé supprimée: HKLM\Software\Classes\agcore.Text.JSON

Clé supprimée: HKLM\Software\Classes\agihelper.AGUtils

Clé supprimée: HKLM\Software\Classes\AskIBar.PopSwatterBarButton

Clé supprimée: HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1

Clé supprimée: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl

Clé supprimée: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1

Clé supprimée: HKLM\Software\Classes\AskToolBar.SettingsPlugin

Clé supprimée: HKLM\Software\Classes\AskToolBar.SettingsPlugin.1

Clé supprimée: HKLM\Software\Classes\ClickPotatoLiteAx.Info

Clé supprimée: HKLM\Software\Classes\ClickPotatoLiteAx.Info.1

Clé supprimée: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles

Clé supprimée: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles.1

Clé supprimée: HKLM\Software\Classes\KiweeIEToolbar.KiweeToolbar

Clé supprimée: HKLM\Software\Classes\KiweeIEToolbar.KiweeToolbar.1

Clé supprimée: HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo

Clé supprimée: HKLM\Software\Classes\KiweeIEToolbar.ToolbarInfo.1

Clé supprimée: HKLM\Software\Classes\MenuButtonIE.ButtonIE

Clé supprimée: HKLM\Software\Classes\MenuButtonIE.ButtonIE.1

Clé supprimée: HKLM\Software\Classes\ShoppingReport2.HbAx

Clé supprimée: HKLM\Software\Classes\ShoppingReport2.HbAx.1

Clé supprimée: HKLM\Software\Classes\ShoppingReport2.HbInfoBand

Clé supprimée: HKLM\Software\Classes\ShoppingReport2.HbInfoBand.1

Clé supprimée: HKLM\Software\Classes\ShoppingReport2.IEButton

Clé supprimée: HKLM\Software\Classes\ShoppingReport2.IEButton.1

Clé supprimée: HKLM\Software\Classes\ShoppingReport2.IEButtonA

Clé supprimée: HKLM\Software\Classes\ShoppingReport2.IEButtonA.1

Clé supprimée: HKLM\Software\Classes\ShoppingReport2.RprtCtrl

Clé supprimée: HKLM\Software\Classes\ShoppingReport2.RprtCtrl.1

Clé supprimée: HKLM\Software\Classes\UnifiedToolbar.UnifiedToolbar

Clé supprimée: HKLM\Software\Classes\AppID\MenuButtonIE.DLL

Clé supprimée: HKLM\Software\AGI

Clé supprimée: HKLM\Software\ClickPotatoLite

Clé supprimée: HKLM\Software\QuestBrowse

Clé supprimée: HKLM\Software\ShoppingReport2

Clé supprimée: HKCU\Software\AGI

Clé supprimée: HKCU\Software\AskBarDis

Clé supprimée: HKCU\Software\ClickPotatoLiteSA

Clé supprimée: HKCU\Software\fcn

Clé supprimée: HKCU\Software\ShoppingReport2

Clé supprimée: HKCU\Software\AppDataLow\AskBarDis

Clé supprimée: HKCU\Software\AppDataLow\Software\ShoppingReport2

Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}

Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{23A287DB-449A-462F-BDE1-8635A61671CE}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8AADE841-03C5-486A-B048-BB112CC0CAC5}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ClickpotatoliteSA

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\QuestBrowse

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport2

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8AADE841-03C5-486A-B048-BB112CC0CAC5}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ClickpotatoliteSA

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\QuestBrowse

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6}

Clé supprimée: HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}

 

Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|toolbar@kiwee.com

Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|unifiedtoolbar@aginteractive.com

Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|ClickPotatoLite@ClickPotatoLite.com

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|KiweeHook

Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{0BC6E3FA-78EF-4886-842C-5A1258C4455A}

Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98}

Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{1C99B848-84CB-4CE4-8CD8-ED5719484D9F}

Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98}

Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}

 

 

============== SCAN ADDITIONNEL ==============

 

**** Internet Explorer Version [8.0.6001.19088] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=1Pd9w8Dl4nZB57btc8dC5EKSq_8?q={searchTerms})

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)

HKLM_ElevationPolicy\{a00068b1-1e4e-41c7-afa9-baeb9697e2b9} - C:\Program Files\Common Files\Research In Motion\AppLoader\Loader.exe (Research In Motion Limited)

HKLM_ElevationPolicy\{B9C9C9C7-B9B2-4203-BB34-AADB48E94647} - C:\Program Files\AGI\Python25\pythonw.exe (x)

HKLM_Extensions\{76577871-04EC-495E-A12B-91F7C3600AFA} - "eBay - Achetez, Vendez" (c:\toshiba\Webshops\ebay.ico)

HKLM_Extensions\{8A918C1D-E123-4E36-B562-5C1519E434CE} - "Amazon.fr" (c:\toshiba\Webshops\amazon.ico)

BHO\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - "Windows Live Family Safety Browser Helper Class" (C:\Program Files\Windows Live\Family Safety\fssbho.dll)

BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)

BHO\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} (?)

BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 302 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

 

C:\Ad-Report-CLEAN[1].txt - 14/08/2011 13:56:37 (15728 Octet(s))

C:\Ad-Report-SCAN[1].txt - 14/08/2011 13:55:08 (17099 Octet(s))

 

Fin à: 13:58:18, 14/08/2011

 

============== E.O.F ==============

[Apollo]

Il faut prendre l'habitude d'éviter au maximum l'installation de toolbars ou moteurs de recherche; avec un peu d'attention, c'est facile:

A lire absolument: Lisez d'abord, cliquez après !!! : Questions sur la Sécurité Windows

 

1) Télécharger ATF Cleaner par Atribune.

• Installe-le sur le bureau. (A conserver car très utile après chaque séance de surf)
   
  Double-clique ATF-Cleaner.exe afin de lancer le programme.
  --> Sous Vista/7: Clic droit/exécuter en temps qu'administrateur.
   
  Sous l'onglet Main, choisis : Select All
  Cliquer sur le bouton Empty Selected
  

Si tu utilises le navigateur Firefox :

• Clique Firefox au haut et choisis : Select All
  Cliquer le bouton Empty Selected
  NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
  

Si tu utilises le navigateur Opera :

• Clique Opera au haut et choisis : Select All
  Cliquer le bouton Empty Selected
  NOTE : Si tu veux conserver tes mots de passe sauvegardés, cliquer No à l'invite.
  

Clique Exit, du menu principal, afin de fermer le programme.

Pour obtenir du Support technique, double-clique l'adresse électronique située au bas de chacun des menus.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2) Télécharge Malwarebytes' Anti-Malware (MBAM).

 

Malwarebytes : Malwarebytes Anti-Malware PRO removes malware including viruses, spyware, worms and trojans, plus it protects your computer clique pour la version FREE et enregistre l'exécutable sur le bureau.

 

Si MBAM est déjà installé, aller directement à la mise à jour puis à l'analyse.

 

Ce logiciel est à garder.

 

Uniquement en cas de problème de mise à jour:

 

Télécharger mises à jour MBAM

 

Exécute le fichier après l'installation de MBAM

 

Connecter les supports amovibles (clés usb etc.) avant de lancer l'analyse.

 

• Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  
• Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  
• Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  
• Sélectionne "Exécuter un examen complet"
  
• Clique sur "Rechercher"
  
• L'analyse démarre, le scan est relativement long, c'est normal.
  
• A la fin de l'analyse, un message s'affiche :

  L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  
• Ferme tes navigateurs.
  
• Si des malwares ont été détectés, clique sur Afficher les résultats.
  Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  
• MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

Si MBAM demande à redémarrer le pc, fais-le.

 

Si au redémarrage Windows te dit qu'il a bloqué certains programmes de démarrage, clique sur la bulle puis sur Exécuter les programmes bloqués/Malwarebytes Anti-Malware.

 

@++

[lilou80]

Ayé il a fini voila le rapport :

 

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

 

Version de la base de données: 7463

 

Windows 6.0.6001 Service Pack 1

Internet Explorer 8.0.6001.19088

 

14/08/2011 17:11:59

mbam-log-2011-08-14 (17-11-59).txt

 

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|)

Elément(s) analysé(s): 307529

Temps écoulé: 57 minute(s), 54 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 1

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 12

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

HKEY_CLASSES_ROOT\exefile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: () Good: ("%1" %*) -> Quarantined and deleted successfully.

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

c:\program files\ad-remover\quarantine\C\program files\clickpotatolite\bin\10.0.659.0\clickpotatolitesaax.dll.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\ad-remover\quarantine\C\program files\clickpotatolite\bin\10.0.659.0\clickpotatolitesabho.dll.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\ad-remover\quarantine\C\program files\clickpotatolite\bin\10.0.659.0\clickpotatolitesahook.dll.vir (Adware.HotBar.Gen) -> Quarantined and deleted successfully.

c:\program files\ad-remover\quarantine\C\program files\clickpotatolite\bin\10.0.659.0\clickpotatoliteuninstaller.exe.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\ad-remover\quarantine\C\program files\clickpotatolite\bin\10.0.659.0\launchhelp.dll.vir (Adware.Seekmo) -> Quarantined and deleted successfully.

c:\program files\ad-remover\quarantine\C\program files\clickpotatolite\bin\10.0.659.0\firefox\extensions\plugins\npclntax_clickpotatolitesa.dll.vir (Adware.ClickPotato) -> Quarantined and deleted successfully.

c:\program files\ad-remover\quarantine\C\program files\questbrwsearch\questbrwsearch.exe.vir (Adware.QuestBrowse) -> Quarantined and deleted successfully.

c:\program files\ad-remover\quarantine\C\program files\questbrwsearch\uninstall.exe.vir (Adware.QuestBrowse) -> Quarantined and deleted successfully.

c:\program files\ad-remover\quarantine\C\programdata\questbrwsearch\questbrowse127.exe.vir (Adware.QuestBrowse) -> Quarantined and deleted successfully.

c:\Users\david et vanessa\AppData\Local\gaa.exe (Trojan.ExeShell.Gen) -> Quarantined and deleted successfully.

c:\Users\david et vanessa\AppData\Local\qym.exe (Trojan.ExeShell.Gen) -> Quarantined and deleted successfully.

c:\Users\david et vanessa\downloads\VLCSetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.

[Apollo]

plops

 

Comment va l'ordi?

 

Fais un nouveau zhapdiag siouplé.

 

Rappel procédure:

 

ZHPDiag :

 

• Télécharge ZHPDiag de Nicolas Coolman. et enregistre-le sur le BUREAU.
   
   
  
• Double-clique sur ZHPDiag.exe pour lancer l'installation
  
  • Important:
    Sous Vista et Windows 7 : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur

N'oublie pas de cocher la case qui permet de mettre un raccourci sur le Bureau.

 

[*]L'outil a créé 2 icônes ZHPDiag et ZHPFix sur le Bureau.

 

[*]Double-clique sur ZHPDiag pour lancer l'exécution

• Important:
  Sous Vista et Windows 7 : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur

 

[*]Clique sur le tournevis.

[*]Clique sur la loupe pour lancer l'analyse. Tu patientes jusqu'à ce que le scan affiche 100%

Tu refermes ZHPDiag

 

[*]Le rapport ZHPDiag.txt se trouve sur le Bureau.

Ce rapport étant trop long pour le forum, héberge le :

• soit directement sur le forum en pièce jointe dans ta réponse : Ajouter un fichier en pièce jointe sur le forum <<< Seulement pour le forum Vista-XP.fr!
  
• soit sur Cijoint.fr et copie-colle le lien fourni dans ta réponse.
  
• Free large file hosting. Send big files the easy way! copier/coller le tout premier lien fourni.

 

Info: Apollo Et Compagnie :: ZHPDiag, un outil de diagnostic

 

@++

[lilou80]

ben nikel j'arrive à aller sur le net c'est génial et juste peut-tu me dire à chaque démarrage de l'ordi j'ai une fenetre narrateur microsoft qui s'affiche comment je peut la retirer stp et voila le rapport :

 

Rapport de ZHPDiag v1.28.1323 par Nicolas Coolman, Update du 12/08/2011

Run by david et vanessa at 14/08/2011 17:30:37

Web site : ZHPDiag Outil de diagnostic

 

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.19088 (Defaut)

 

---\\ Windows Product Information

Windows Vista Home Basic Edition, 32-bit Service Pack 1 (Build 6001)

Windows Server License Manager Script : OK

~ Vista, OEM_COA_SLP channel

Windows ID Activation : OK

~ Windows Partial Key : MK2YF

Windows License : OK

Windows Automatic Updates : OK

 

---\\ System Information

~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 1915 MB (43% free)

System Restore: Activé (Enable)

System drive C: has 4 GB (6%) free of 56 GB

 

---\\ Logged in mode

~ Computer Name: PC

~ User Name: david et vanessa

~ All Users Names: david et vanessa, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

 

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\david et vanessa\AppData\Roaming\

~ %Desktop% : C:\Users\david et vanessa\Desktop\

~ %Favorites% : C:\Users\david et vanessa\Favorites\

~ %LocalAppData% : C:\Users\david et vanessa\AppData\Local\

~ %StartMenu% : C:\Users\david et vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 4 Go of 56 Go)

D:\ Floppy drive, Flash card reader, USB Key (Free 3 Go of 4 Go)

E:\ Hard drive, Flash drive, Thumb drive (Free 37 Go of 55 Go)

F:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

~ Scan Security Center in 00mn 00s

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - (.Microsoft Corporation - Explorateur Windows.) (.26/12/2008 - 07:29:41.) -- C:\Windows\Explorer.exe [2927104]

[MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]

[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:33:13.) -- C:\Windows\system32\Wininit.exe [96768]

[MD5.DE4685DE5130039FA63DA66C0F72F787] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/06/2011 - 07:08:58.) -- C:\Windows\system32\wininet.dll [916480]

[MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/01/2008 - 03:34:38.) -- C:\Windows\system32\Winlogon.exe [314880]

[MD5.0D83C87A801A3DFCD1BF73893FE7518C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/08/2008 - 07:38:18.) -- C:\Windows\system32\drivers\atapi.sys [21560]

[MD5.B4EFFE29EB4F15538FD8A9681108492D] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.21/01/2008 - 03:33:23.) -- C:\Windows\system32\drivers\ntfs.sys [1081912]

[MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.21/01/2008 - 08:20:47.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]

~ Scan Generic Processes in 00mn 00s

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 9/1869

~ Mes musiques (My Musics) : 3/31

~ Mes Videos (My Videos) : 1/32

~ Mes Favoris (My Favorites) : 2/56

~ Mes Documents (My Documents) : 1/74

~ Mon Bureau (My Desktop) : 3/48

~ Menu demarrer (Programs) : 6/22

~ Scan Hidden Files in 00mn 04s

 

 

 

---\\ Processus lancés

[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.2336]

[MD5.98888488D0E6DB0256E5E661BCD35EB6] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416] [PID.2556]

[MD5.6E3FEFB74326A230237613F2B035C71F] - (.TOSHIBA CORPORATION - ConfigFree Task tray menu.) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [1056768] [PID.1260]

[MD5.8B9145D229D4E89D15ACB820D4A3A90F] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [39792] [PID.3192]

[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192] [PID.1288]

[MD5.04A49FE5EFA859B5A92428A02E0FFE29] - (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [103824] [PID.1544]

[MD5.E1FAAF7915BC07352CCF1DFF37058414] - (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [581632] [PID.3964]

[MD5.F61200A4B3E6E781DE8B5653517566D7] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [150040] [PID.2900]

[MD5.EB7F7F7DBA47FDC1E2FA386B00DA0F90] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [170520] [PID.2980]

[MD5.8EF0123B03F1DDD8A618EB1D0BA71F54] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [145944] [PID.1236]

[MD5.6C887E9BA3AE7F62635F098BFC9853CD] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6037504] [PID.2720]

[MD5.B0674AE101707D21F9E30484D6465704] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [431456] [PID.1840]

[MD5.D140C5FDFD1924E3CC173CF8376B5E22] - (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [509816] [PID.2876]

[MD5.F0CF4D72581B1E0B528086E9FB5DA23B] - (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [716800] [PID.3292]

[MD5.B1DB5EDB658F3FF4F13AC069CE622893] - (.Chicony - traybar.) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [417792] [PID.2664]

[MD5.4AB05041D5C922B9A7A5D9059F5538CD] - (.Microsoft Corporation - User session Windows Mobile device handler.) -- C:\Windows\WindowsMobile\wmdSync.exe [215552] [PID.2460]

[MD5.C418B204BED40A0979D203EBB1E9A32B] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [141600] [PID.1424]

[MD5.4168B08FA453C8B9314CDDA3824F6311] - (.ALWIL Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2769336] [PID.3044]

[MD5.E2724029D3648C2EB226D16678727FA9] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe [202256] [PID.1620]

[MD5.FD3CD13303AEEB07D72BF453A061401A] - (.Research In Motion Limited - RIM Auto Update.) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe [623960] [PID.3952]

[MD5.5D29764082133F302126C85AB96ACB80] - (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080] [PID.3284]

[MD5.AFA1F8CC076AB0462512A78473D86D53] - (.BitTorrent, Inc. - DNA.) -- C:\Users\david et vanessa\Program Files\DNA\btdna.exe [323392] [PID.4024]

[MD5.6EFBB9B03EBB14A59DA3A14795323D16] - (.SFR - Media Center.) -- C:\Program Files\SFR\Media Center\MediaCenter.exe [742720] [PID.4044]

[MD5.83170B8E03213093B065A9638E146499] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [7424000] [PID.1428]

[MD5.873867A02F0E83F18CF871E776B651DC] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [7418368] [PID.4196]

[MD5.7CE0BEB1DA5628C128EB8782A6FE1747] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [PID.4272]

[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472] [PID.4452]

[MD5.CF8CA02425EFA12BA122291A9780EC65] - (.Intel Corporation - igfxext Module.) -- C:\Windows\system32\igfxext.exe [174616] [PID.4992]

[MD5.A98C8BA7036258DC73A41FDF326320C8] - (...) -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe [4787712] [PID.5028]

[MD5.9A815510679C7ECD04ED194A9C9C25E5] - (.TOSHIBA CORPORATION - ConfigFree Switch Manager.) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe [405504] [PID.5452]

[MD5.07D0AF06A5D2445C9DC5824C567E36B8] - (.Apache Software Foundation - Apache HTTP Server.) -- C:\Program Files\SFR\Media Center\httpd\httpd.exe [24635] [PID.5632]

[MD5.09CFCEB5072C9FA0BFE0A551F6D5CE07] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [95528] [PID.6124]

[MD5.ED65737D70FDEAC29F738E77D2496EE5] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638232] [PID.5112]

[MD5.745EE2C6FB0B43C9F00E017F5E5D7317] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe [307376] [PID.5200]

[MD5.731F05B5C01B3CA9B813561C0B90E722] - (.Microsoft Corporation - Windows Live Toolbar User Elevation Helper.) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe [224632] [PID.4600]

[MD5.1D83444342978B8A1E5663D6D185E290] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664576] [PID.4388]

[MD5.27BB54357A51594D9F9B6257B5B9A879] - (.Microsoft Corporation - Narrator.) -- C:\Windows\System32\Narrator.exe [991232] [PID.5732]

[MD5.F96EBC5A624349D81DCC7600A3C5DC43] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.2920]

[MD5.C9BE08664611DDAF98E2331E9288B00B] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [46104] [PID.]

[MD5.0BA91E1358AD25236863039BB2609A2E] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [2623488] [PID.]

[MD5.0BDD72BA9009EF4914CDEA08107A8262] - (.ALWIL Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384] [PID.]

[MD5.39E435C90C9C4F780FA0ED05CA3C3A1B] - (.Agere Systems - Agere Soft Modem Call Progress Service.) -- C:\Windows\system32\agrsmsvc.exe [9216] [PID.]

[MD5.536FCD2CEC5161BFCC91CC21726B9DB2] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144712] [PID.]

[MD5.3F56903E124E820AEECE6D471583C6C1] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [238888] [PID.]

[MD5.D10D01B2DFCD8D2F32A32ED29E8DA1C2] - (.TOSHIBA CORPORATION - Service of ConfigFree..) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960] [PID.]

[MD5.ED07239256537A99EADF38F56739A9C0] - (.SFR & Celliance - Service Windows SFR ABCd.) -- C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe [657536] [PID.]

[MD5.CE0B5D587839614A16480D7B8395FFE9] - (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [99720] [PID.]

[MD5.89F74C86523F5E334628DBCE66E6D165] - (.TOSHIBA Corporation - TOSHIBA Navi Support Service.) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [83312] [PID.]

[MD5.C5AC715B65B01788ABC22D10749DDDD8] - (.TOSHIBA Corporation - TDCSrv Application.) -- C:\Windows\system32\TODDSrv.exe [129632] [PID.]

[MD5.DA6903958CBDC091FFCBBCA70CCFF34C] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [431456] [PID.]

[MD5.DCA621CE31CA604C762001883E385DF8] - (.TOSHIBA Corporation - TosIPCSrv.exe.) -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976] [PID.]

[MD5.332D341D92B933600D41953B08360DFB] - (.Ulead Systems, Inc. - ULCDRSvr.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152] [PID.]

[MD5.3566310DF25EA5C3B2E9F50F5B50EAC1] - (.Toshiba - Service for SmartFaceV.) -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [73728] [PID.]

[MD5.16613A1BAD034D4ECF957AF18B7C2FF5] - (.Microsoft Corporation - Programme d’installation de modules Windows.) -- C:\Windows\servicing\TrustedInstaller.exe [39424] [PID.]

[MD5.31116E352808019E69ECA58D1A6C66B0] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [545568] [PID.]

~ Scan Processes Running in 00mn 03s

 

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\david et vanessa\AppData\Local\Google\Chrome\User Data\Default\Preferences

G0 - GCSP: Preference [user Data\Default][HomePage] Google

G2 - GCE: Preference [user Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.1 (Activé)

~ Scan Google Browser in 00mn 00s

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

P2 - FPN: [HKLM] [@bittorrent.com/BitTorrentDNA] - (.BitTorrent, Inc. - Delivery Network Acceleration by BitTorrent™.) -- C:\Program Files\DNA\plugins\npbtdna.dll

P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 1.4.2.7.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll

P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.732] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll

P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.732] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll

P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=1.0.0.0] - (.RealNetworks, Inc. - RealPlayer HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.732] - (.RealNetworks, Inc. - 6.0.12.732.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll

P2 - FPN: [HKLM] [@RIM.com/WebSLLauncher,version=1.0] - (...) -- C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

P2 - FPN: [HKCU] [@bittorrent.com/BitTorrentDNA] - (.BitTorrent, Inc. - Delivery Network Acceleration by BitTorrent™.) -- C:\Users\david et vanessa\Program Files\DNA\plugins\npbtdna.dll

~ Scan Firefox Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKUS\S-1-5-21-2146809824-2372817770-2125629079-1000\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll

~ Scan IE Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

 

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

~ Scan Keys in 00mn 00s

 

 

 

---\\ Redirection du fichier Hosts (O1)

~ Scan Hosts File in 00mn 00s

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} . (.Microsoft Corporation - Family Safety Browser Helper Object Library.) -- C:\Program Files\Windows Live\Family Safety\fssbho.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline

O2 - BHO: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} Clé orpheline

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

~ Scan BHO in 00mn 00s

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

~ Scan Toolbar in 00mn 00s

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O4 - HKLM\..\Run: [Google EULA Launcher] . (...) -- c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe

O4 - HKLM\..\Run: [Toshiba TEMPO] . (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe

O4 - HKLM\..\Run: [topi] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe

O4 - HKLM\..\Run: [TPwrMain] . (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

O4 - HKLM\..\Run: [HSON] . (.TOSHIBA Corporation - HotStartOn.) -- C:\Program Files\TOSHIBA\TBS\HSON.exe

O4 - HKLM\..\Run: [smoothView] . (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe

O4 - HKLM\..\Run: [00TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba - Vista Registration.) -- C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe

O4 - HKLM\..\Run: [Camera Assistant Software] . (.Chicony - traybar.) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe

O4 - HKLM\..\Run: [Windows Mobile-based device management] . (.Microsoft Corporation - User session Windows Mobile device handler.) -- C:\Windows\WindowsMobile\wmdSync.exe

O4 - HKLM\..\Run: [fssui] . (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files\Windows Live\Family Safety\fsui.exe

O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [avast5] . (.ALWIL Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe

O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

O4 - HKLM\..\Run: [blackBerryAutoUpdate] . (.Research In Motion Limited - RIM Auto Update.) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

O4 - HKCU\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.exe

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [bitTorrent DNA] . (.BitTorrent, Inc. - DNA.) -- C:\Users\david et vanessa\Program Files\DNA\btdna.exe

O4 - HKCU\..\Run: [Neuf Media Center] . (.SFR - Media Center.) -- C:\Program Files\SFR\Media Center\MediaCenter.exe

O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-21-2146809824-2372817770-2125629079-1000\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-21-2146809824-2372817770-2125629079-1000\..\Run: [TOSCDSPD] TOSCDSPD.exe

O4 - HKUS\S-1-5-21-2146809824-2372817770-2125629079-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-21-2146809824-2372817770-2125629079-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-21-2146809824-2372817770-2125629079-1000\..\Run: [bitTorrent DNA] . (.BitTorrent, Inc. - DNA.) -- C:\Users\david et vanessa\Program Files\DNA\btdna.exe

O4 - HKUS\S-1-5-21-2146809824-2372817770-2125629079-1000\..\Run: [Neuf Media Center] . (.SFR - Media Center.) -- C:\Program Files\SFR\Media Center\MediaCenter.exe

O4 - HKUS\S-1-5-21-2146809824-2372817770-2125629079-1000\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe

~ Scan Application in 00mn 00s

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\david et vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\david et vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe

O4 - Global Startup: C:\Users\david et vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

O4 - Global Startup: C:\Users\david et vanessa\Desktop\Aller sur MSN.fr.lnk - Clé orpheline

O4 - Global Startup: C:\Users\david et vanessa\Desktop\DivX Movies.lnk . (...) -- C:\Users\david et vanessa\Videos\DivX Movies

O4 - Global Startup: C:\Users\david et vanessa\Desktop\Internet - Raccourci (2).lnk - Clé orpheline

O4 - Global Startup: C:\Users\david et vanessa\Desktop\sortie ecole 2011 - Raccourci.lnk . (...) -- C:\Users\david et vanessa\Downloads\sortie ecole 2011

O4 - Global Startup: C:\Users\david et vanessa\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - Global Startup: C:\Users\david et vanessa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\david et vanessa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

~ Scan Global Startup in 00mn 00s

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe

O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll

~ Scan IE Menu Contextuel in 00mn 00s

 

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: &Envoyer à OneNote - {76577871-04EC-495E-A12B-91F7C3600AFA} . (...) -- c:\toshiba\Webshops\ebay.ico

O9 - Extra button: &Envoyer à OneNote - {8A918C1D-E123-4E36-B562-5C1519E434CE} . (...) -- c:\toshiba\Webshops\amazon.ico

O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO

~ Scan IE Extra Buttons in 00mn 00s

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

~ Scan Winsock in 00mn 00s

 

 

 

---\\ Site dans la Zone de confiance d'Internet Explorer (O15)

O15 - Trusted Zone: [HKCU\...\Domains] http.mappy.com

O15 - Trusted Zone: [HKCU\...\Domains\www] http.mappy.com

O15 - Trusted Zone: [HKCU\...\Domains] http.orange.fr

O15 - Trusted Zone: [HKCU\...\Domains\www] http.orange.fr

~ Scan IE Zone Confiance in 00mn 00s

 

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

~ Scan Objets ActiveX in 00mn 00s

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{64706E86-B67C-4CA2-9C0A-DA8A5350A704}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{B682BA1C-9CE4-4C95-B726-E534C38A03D4}: DhcpNameServer = 109.0.66.20 109.0.66.10

O17 - HKLM\System\CS1\Services\Tcpip\..\{64706E86-B67C-4CA2-9C0A-DA8A5350A704}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{B682BA1C-9CE4-4C95-B726-E534C38A03D4}: DhcpNameServer = 109.0.66.20 109.0.66.10

O17 - HKLM\System\CS2\Services\Tcpip\..\{B682BA1C-9CE4-4C95-B726-E534C38A03D4}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS3\Services\Tcpip\..\{B682BA1C-9CE4-4C95-B726-E534C38A03D4}: DhcpNameServer = 192.168.1.1

~ Scan Domain in 00mn 00s

 

 

 

---\\ Protocole additionnel (O18)

O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll

O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll

O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

~ Scan Protocole Additionnel in 00mn 00s

 

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll

~ Scan Winlogon in 00mn 00s

 

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.dll

~ Scan AppInit DLL in 00mn 00s

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

~ Scan SSODL in 00mn 00s

 

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

~ Scan STS/SSO in 00mn 00s

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) - C:\Windows\system32\agrsmsvc.exe

O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus (avast! Antivirus) . (.ALWIL Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - Service of ConfigFree..) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: Service Google Update (gupdate1ca881436ee6e72) (gupdate1ca881436ee6e72) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Service SFR Gestionnaire Connexion (ServiceSFRABCD) . (.SFR & Celliance - Service Windows SFR ABCd.) - C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe

O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) . (.Toshiba Europe GmbH - Toshiba TEMPRO.) - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe

O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) . (.TOSHIBA Corporation - TOSHIBA Navi Support Service.) - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe

O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA SMART Log Service (TOSHIBA SMART Log Service) . (.TOSHIBA Corporation - TosIPCSrv.exe.) - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) . (.Ulead Systems, Inc. - ULCDRSvr.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

~ Scan Services in 00mn 00s

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{E6009F7A-C242-4B8B-9A89-04A2B34D11E7}.job

[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.B7EE47B4D960BF55BDD7EC1812373872] [APT] [RealUpgradeLogonTaskS-1-5-21-2146809824-2372817770-2125629079-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe

[MD5.B7EE47B4D960BF55BDD7EC1812373872] [APT] [RealUpgradeScheduledTaskS-1-5-21-2146809824-2372817770-2125629079-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe

[MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

~ Scan Scheduled Task in 00mn 03s

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys

O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys

O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys

O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: (RtlProt) . (.Windows ® Codename Longhorn DDK provider - Realtek Utility I/O Driver.) - C:\Windows\system32\DRIVERS\rtlprot.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\system32\drivers\tcpip.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems.) [HKLM] -- ShockwaveFlash

O42 - Logiciel: Adobe Reader 8.1.2 Security Update 1 (KB403742) - (.Pas de propriétaire.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81200000003}_Adobe Reader 8.1.2 - Français

O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKCU] -- BitTorrent

O42 - Logiciel: BlackBerry Desktop Software 5.0.1 - (.Research In Motion Ltd..) [HKLM] -- BlackBerry_{F5BDF2BB-C990-4351-A05B-B2243D4037D4}

O42 - Logiciel: Camera Assistant Software for Toshiba - (.Chicony Electronics Co.,Ltd..) [HKLM] -- {37C866E4-AA67-4725-9E95-A39968DD7960}

O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.SEIKO EPSON CORPORATION.) [HKLM] -- {93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}

O42 - Logiciel: DNA - (.BitTorrent Inc..) [HKCU] -- BitTorrent DNA

O42 - Logiciel: DVD MovieFactory for TOSHIBA - (.Ulead Systems, Inc..) [HKLM] -- {F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}

O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}

O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9}

O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters

O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}

O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}

O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857}

O42 - Logiciel: EPSON Easy Photo Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {3D78F2A2-C893-4ABD-B5FE-AD7011837755}

O42 - Logiciel: EPSON File Manager - (.Pas de propriétaire.) [HKLM] -- {2EB81825-E9EE-44F4-8F51-1240C3898DC6}

O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities

O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner

O42 - Logiciel: EPSON Scan Assistant - (.Pas de propriétaire.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}

O42 - Logiciel: EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus CX7300_CX8300_DX7400_DX8400 Guide d'utilisation

O42 - Logiciel: Gestionnaire de Connexion SFR 2009.11 - (.Pas de propriétaire.) [HKLM] -- Gestionnaire de Connexion SFR_is1

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome

O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop

O42 - Logiciel: Google SketchUp 6 - (.Google.) [HKLM] -- {98736A65-3C79-49EC-B7E9-A3C77774B0E6}

O42 - Logiciel: Google SketchUp 6 - (.Google.) [HKLM] -- {B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI

O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}

O42 - Logiciel: Kiwee Chatbar - (.AG Interactive.) [HKLM] -- {1793bdb7-d5c1-33be-97e2-7c3e60b6ab43}

O42 - Logiciel: Kiwee Toolbar for Firefox - (.AG Interactive.) [HKLM] -- {10deb052-db5d-32a6-9ff2-200e810d1a7b}

O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Manuels TOSHIBA - (.TOSHIBA.) [HKLM] -- {5B0202A8-CC6B-4443-AD73-FE9DF1FC1622}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN

O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3

O42 - Logiciel: REALTEK RTL8187B Wireless LAN Driver - (.Pas de propriétaire.) [HKLM] -- {895722FE-25FE-4854-95AC-B0C42F9DBEDA}

O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0

O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}

O42 - Logiciel: Realtek WiFi Protected Setup Library - (.REALTEK Semiconductor Corp..) [HKLM] -- {02CA24DD-C8B0-4280-BE53-7862869C2EB1}

O42 - Logiciel: Réducteur de bruit du lecteur de CD/DVD - (.TOSHIBA.) [HKLM] -- {9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}

O42 - Logiciel: SFR - Media Center - (.SFR.) [HKLM] -- SFR_Media Center

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870

O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD907315-705A-4475-A1A0-2A1245803E4D}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0173254-F442-4D04-9154-43FA157B83D0}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870

O42 - Logiciel: Security Update for Windows Media Encoder (KB2447961) - (.Microsoft Corporation.) [HKLM] -- KB2447961

O42 - Logiciel: Security Update for Windows Media Encoder (KB954156) - (.Microsoft Corporation.) [HKLM] -- KB954156

O42 - Logiciel: Security Update for Windows Media Encoder (KB979332) - (.Microsoft Corporation.) [HKLM] -- KB979332

O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA.) [HKLM] -- {12B3A009-A080-4619-9A2A-C6DB151D8D67}

O42 - Logiciel: TOSHIBA DVD PLAYER - (.TOSHIBA Corporation.) [HKLM] -- {6C5F3BDC-0A1B-4436-A696-5939629D5C31}

O42 - Logiciel: TOSHIBA Extended Tiles for Windows Mobility Center - (.Toshiba.) [HKLM] -- InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}

O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}

O42 - Logiciel: TOSHIBA Hardware Setup - (.Pas de propriétaire.) [HKLM] -- {2883F6F5-0509-43F3-868C-D50330DD9DD3}

O42 - Logiciel: TOSHIBA Software Modem - (.Agere Systems.) [HKLM] -- TOSHIBA Software Modem

O42 - Logiciel: TOSHIBA Supervisor Password - (.Pas de propriétaire.) [HKLM] -- {4B1E87C3-00DE-4898-8E39-E390AAEF2391}

O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}

O42 - Logiciel: TRDCReminder - (.TOSHIBA.) [HKLM] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}

O42 - Logiciel: TRORDCLauncher - (.TOSHIBA.) [HKLM] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}

O42 - Logiciel: Theme Park World - (.Pas de propriétaire.) [HKLM] -- Theme Park World

O42 - Logiciel: Toshiba Online Product Information - (.TOSHIBA.) [HKLM] -- {2290A680-4083-410A-ADCC-7092C67FC052}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}

O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}

O42 - Logiciel: VLC media player 0.9.8a - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: Windows Media Encoder 9 Series - (.Pas de propriétaire.) [HKLM] -- Windows Media Encoder 9

O42 - Logiciel: avast! Free Antivirus - (.Alwil Software.) [HKLM] -- avast5

O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule

O42 - Logiciel: myphotobook 3.6 - (.myphotobook.) [HKLM] -- myphotobook

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ABBYY]

[HKCU\Software\ALWIL Software]

[HKCU\Software\Ad-Remover]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Google]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Binary Noise]

[HKCU\Software\Bugsplat]

[HKCU\Software\CEC_CM_SW]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\DivXNetworks]

[HKCU\Software\EPSON]

[HKCU\Software\Google]

[HKCU\Software\IM Providers]

[HKCU\Software\Intel]

[HKCU\Software\JavaSoft]

[HKCU\Software\KasperskyLab]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\Netscape]

[HKCU\Software\Neuf]

[HKCU\Software\ODBC]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\Policies]

[HKCU\Software\RealNetworks]

[HKCU\Software\Realtek]

[HKCU\Software\Research In Motion]

[HKCU\Software\S3R521]

[HKCU\Software\SEIKO EPSON]

[HKCU\Software\SFR]

[HKCU\Software\Synaptics]

[HKCU\Software\TOSHIBA]

[HKCU\Software\Windows Live Writer]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\eMule]

[HKLM\Software\ABBYY]

[HKLM\Software\ALWIL Software]

[HKLM\Software\AOL]

[HKLM\Software\Adobe]

[HKLM\Software\Agere]

[HKLM\Software\America Online]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\BitTorrent]

[HKLM\Software\BrowserChoice]

[HKLM\Software\Bullfrog Productions Ltd]

[HKLM\Software\C07ft5Y]

[HKLM\Software\Chicony Electronics Co.,Ltd.]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Debug]

[HKLM\Software\DivXNetworks]

[HKLM\Software\EPSON]

[HKLM\Software\FRANCE TELECOM]

[HKLM\Software\GEAR Software]

[HKLM\Software\Google]

[HKLM\Software\InstallShield]

[HKLM\Software\InstalledOptions]

[HKLM\Software\Intel]

[HKLM\Software\InterVideo]

[HKLM\Software\JavaSoft]

[HKLM\Software\KasperskyLab]

[HKLM\Software\Lucent]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Neuf]

[HKLM\Software\ODBC]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\Policies]

[HKLM\Software\Python]

[HKLM\Software\RTLSetup]

[HKLM\Software\RealNetworks]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek USB 2.0 Card Reader]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Research In Motion]

[HKLM\Software\RichFX]

[HKLM\Software\RtWLan]

[HKLM\Software\SFR]

[HKLM\Software\SOFTWARE]

[HKLM\Software\SRS Labs]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\Synaptics]

[HKLM\Software\Sys Modules]

[HKLM\Software\TOSHIBA]

[HKLM\Software\Toshiba Tempo]

[HKLM\Software\Ulead Systems]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\WOW6432Node]

[HKLM\Software\Waves Audio]

[HKLM\Software\Windows]

[HKLM\Software\Xing Technology Corp.]

~ Scan Softwares in 00mn 04s

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 27/06/2011 - 20:11:42 - [124428627] ----D- C:\Program Files\ABBYY FineReader 6.0 Sprint

O43 - CFD: 13/08/2008 - 10:05:40 - [12683094] ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites

O43 - CFD: 14/08/2011 - 14:10:20 - [153985975] ----D- C:\Program Files\Ad-Remover

O43 - CFD: 13/08/2008 - 09:51:14 - [200778970] ----D- C:\Program Files\Adobe

O43 - CFD: 18/03/2010 - 23:06:30 - [126053770] ----D- C:\Program Files\Alwil Software

O43 - CFD: 07/06/2009 - 16:15:12 - [2221118] ----D- C:\Program Files\Apple Software Update

O43 - CFD: 31/01/2009 - 22:33:52 - [1023816] ----D- C:\Program Files\BitTorrent

O43 - CFD: 07/06/2009 - 16:16:08 - [392881] ----D- C:\Program Files\Bonjour

O43 - CFD: 14/03/2011 - 18:46:04 - [161081742] ----D- C:\Program Files\Bullfrog

O43 - CFD: 26/12/2008 - 20:48:56 - [65229120] ----D- C:\Program Files\Camera Assistant Software for Toshiba

O43 - CFD: 08/05/2010 - 13:10:58 - [1052020018] ----D- C:\Program Files\Common Files

O43 - CFD: 18/01/2009 - 20:44:44 - [44950287] ----D- C:\Program Files\DivX

O43 - CFD: 31/01/2009 - 22:33:58 - [422720] ----D- C:\Program Files\DNA

O43 - CFD: 27/12/2008 - 20:24:28 - [10414719] ----D- C:\Program Files\eMule

O43 - CFD: 27/06/2011 - 20:13:00 - [152479569] ----D- C:\Program Files\epson

O43 - CFD: 26/12/2008 - 20:42:18 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 29/12/2009 - 01:19:54 - [466246501] ----D- C:\Program Files\Google

O43 - CFD: 27/06/2011 - 20:20:16 - [157227913] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 26/12/2008 - 19:29:54 - [39033698] ----D- C:\Program Files\Intel

O43 - CFD: 27/06/2011 - 20:20:38 - [6270007] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 13/08/2008 - 09:40:34 - [23151528] ----D- C:\Program Files\InterVideo

O43 - CFD: 02/11/2009 - 22:08:42 - [1582699] ----D- C:\Program Files\iPod

O43 - CFD: 02/11/2009 - 22:09:24 - [112681025] ----D- C:\Program Files\iTunes

O43 - CFD: 15/09/2009 - 23:56:46 - [254254575] ----D- C:\Program Files\Java

O43 - CFD: 28/10/2009 - 23:14:00 - [16664352] ----D- C:\Program Files\JRE

O43 - CFD: 26/12/2008 - 19:34:48 - [378121] ----D- C:\Program Files\ltmoh

O43 - CFD: 14/08/2011 - 14:41:28 - [6953191] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 26/12/2008 - 23:02:20 - [1544075] ----D- C:\Program Files\Microsoft

O43 - CFD: 02/11/2006 - 14:35:52 - [46409848] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 13/08/2011 - 20:09:04 - [378078823] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 23/06/2011 - 08:07:30 - [38411899] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 26/12/2008 - 23:00:28 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 26/12/2008 - 23:01:44 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework

O43 - CFD: 17/12/2010 - 18:25:06 - [145421942] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 28/06/2010 - 13:16:28 - [8167779] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 15/09/2010 - 21:34:50 - [20470054] ----D- C:\Program Files\Movie Maker

O43 - CFD: 31/01/2009 - 22:33:20 - [0] ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 02/11/2006 - 14:35:52 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 13/08/2008 - 08:41:58 - [0] ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 13/08/2008 - 09:58:28 - [19552882] ----D- C:\Program Files\myphotobook

O43 - CFD: 28/10/2009 - 23:14:00 - [385258936] ----D- C:\Program Files\OpenOffice.org 3

O43 - CFD: 02/11/2009 - 22:06:54 - [79279759] ----D- C:\Program Files\QuickTime

O43 - CFD: 28/04/2010 - 00:34:26 - [82981380] ----D- C:\Program Files\Real

O43 - CFD: 26/12/2008 - 20:51:08 - [25339477] ----D- C:\Program Files\Realtek

O43 - CFD: 26/12/2008 - 19:35:48 - [850757] ----D- C:\Program Files\REALTEK RTL8187B Wireless LAN Driver

O43 - CFD: 02/11/2006 - 14:35:52 - [38686465] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 08/05/2010 - 13:12:56 - [75429447] ----D- C:\Program Files\Research In Motion

O43 - CFD: 02/05/2009 - 20:53:10 - [31013246] ----D- C:\Program Files\Securitoo

O43 - CFD: 15/07/2011 - 17:09:42 - [24440814] ----D- C:\Program Files\SFR

O43 - CFD: 13/08/2008 - 09:20:44 - [14542283] ----D- C:\Program Files\Synaptics

O43 - CFD: 26/12/2008 - 20:50:48 - [263408955] ----D- C:\Program Files\TOSHIBA

O43 - CFD: 13/08/2008 - 09:57:50 - [8026889] ----D- C:\Program Files\Toshiba TEMPRO

O43 - CFD: 13/08/2008 - 09:36:20 - [422172468] ----D- C:\Program Files\Ulead Systems

O43 - CFD: 02/11/2006 - 14:58:20 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 27/12/2008 - 20:21:14 - [61995016] ----D- C:\Program Files\VideoLAN

O43 - CFD: 21/01/2008 - 04:47:46 - [1016832] ----D- C:\Program Files\Windows Calendar

O43 - CFD: 21/01/2008 - 04:47:44 - [2760704] ----D- C:\Program Files\Windows Collaboration

O43 - CFD: 21/01/2008 - 04:47:38 - [4492240] ----D- C:\Program Files\Windows Defender

O43 - CFD: 24/02/2011 - 23:09:54 - [156309820] ----D- C:\Program Files\Windows Live

O43 - CFD: 26/12/2008 - 22:58:36 - [245112] ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD: 23/06/2011 - 07:42:52 - [8935608] ----D- C:\Program Files\Windows Mail

O43 - CFD: 13/08/2008 - 09:40:00 - [14164107] ----D- C:\Program Files\Windows Media Components

O43 - CFD: 14/10/2010 - 20:55:40 - [4499178] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 26/12/2008 - 20:42:18 - [7945486] ----D- C:\Program Files\Windows NT

O43 - CFD: 21/01/2008 - 04:47:44 - [8164002] ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD: 21/01/2008 - 04:47:46 - [7102602] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 14/08/2011 - 17:31:04 - [4000935] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 13/08/2008 - 09:50:16 - [10888075] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 02/11/2009 - 22:08:42 - [94209774] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 13/08/2008 - 10:03:50 - [92976] ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 02/05/2009 - 20:51:28 - [35840] ----D- C:\Program Files\Common Files\France Telecom

O43 - CFD: 27/06/2011 - 20:16:36 - [9409278] ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 13/08/2008 - 09:07:48 - [44124670] ----D- C:\Program Files\Common Files\Java

O43 - CFD: 11/09/2009 - 21:54:06 - [245203790] ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 01/02/2009 - 14:12:40 - [1982183] ----D- C:\Program Files\Common Files\Nullsoft

O43 - CFD: 28/04/2010 - 00:35:04 - [21486094] ----D- C:\Program Files\Common Files\Real

O43 - CFD: 08/05/2010 - 13:11:02 - [79479051] ----D- C:\Program Files\Common Files\Research In Motion

O43 - CFD: 08/05/2010 - 13:10:58 - [17663] ----D- C:\Program Files\Common Files\Roxio Shared

O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 21/01/2008 - 04:47:38 - [42700942] ----D- C:\Program Files\Common Files\System

O43 - CFD: 26/12/2008 - 19:35:36 - [1374029] ----D- C:\Program Files\Common Files\Toshiba Shared

O43 - CFD: 13/08/2008 - 09:40:24 - [21678602] ----D- C:\Program Files\Common Files\Ulead Systems

O43 - CFD: 26/12/2008 - 22:21:18 - [433080757] ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 26/12/2008 - 21:50:54 - [41073] -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller

O43 - CFD: 13/08/2008 - 09:57:44 - [4758528] ----D- C:\Program Files\Common Files\Wise Installation Wizard

O43 - CFD: 28/04/2010 - 00:34:12 - [352256] ----D- C:\Program Files\Common Files\xing shared

O43 - CFD: 13/08/2008 - 09:50:54 - [764] ----D- C:\ProgramData\Adobe

O43 - CFD: 18/03/2010 - 23:03:24 - [32618500] ----D- C:\ProgramData\Alwil Software

O43 - CFD: 07/06/2009 - 16:18:14 - [46723344] ----D- C:\ProgramData\Apple

O43 - CFD: 07/06/2009 - 16:16:32 - [76889712] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 26/12/2008 - 20:42:18 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 27/12/2008 - 20:24:54 - [0] ----D- C:\ProgramData\eMule

O43 - CFD: 27/06/2011 - 20:08:00 - [402919] ----D- C:\ProgramData\EPSON

O43 - CFD: 26/12/2008 - 20:42:18 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 02/01/2009 - 00:34:16 - [577589] ----D- C:\ProgramData\Google

O43 - CFD: 31/03/2009 - 22:55:14 - [2491] ----D- C:\ProgramData\IsolatedStorage

O43 - CFD: 14/08/2011 - 14:41:26 - [7219444] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 03/05/2009 - 17:55:18 - [10572] ----D- C:\ProgramData\McAfee

O43 - CFD: 26/12/2008 - 20:42:18 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 14/04/2011 - 08:36:30 - [28524348] ----D- C:\ProgramData\MFAData

O43 - CFD: 08/06/2010 - 15:01:44 - [1178636780] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 23/06/2011 - 07:49:54 - [57040] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 26/12/2008 - 20:42:18 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 28/04/2010 - 00:36:52 - [974379] ----D- C:\ProgramData\Real

O43 - CFD: 08/05/2010 - 13:12:58 - [671457] ----D- C:\ProgramData\Research In Motion

O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 02/11/2006 - 14:59:46 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 26/12/2008 - 19:35:14 - [1024] ----D- C:\ProgramData\Toshiba

O43 - CFD: 26/12/2008 - 20:46:26 - [955] ----D- C:\ProgramData\ToshibaEurope

O43 - CFD: 27/06/2011 - 20:14:20 - [3184] ----D- C:\ProgramData\UDL

O43 - CFD: 13/08/2008 - 09:39:30 - [220835] ----D- C:\ProgramData\Ulead Systems

O43 - CFD: 26/12/2008 - 22:13:38 - [572170] ----D- C:\ProgramData\WLInstaller

O43 - CFD: 13/08/2008 - 10:05:40 - [6904815] ----D- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}

O43 - CFD: 02/11/2009 - 22:09:24 - [542643] ----D- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}

O43 - CFD: 07/06/2009 - 16:16:48 - [3274] ----D- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

O43 - CFD: 08/02/2009 - 23:33:04 - [1552120] ----D- C:\Users\david et vanessa\AppData\Roaming\Adobe

O43 - CFD: 31/12/2009 - 21:00:34 - [385878] ----D- C:\Users\david et vanessa\AppData\Roaming\Apple Computer

O43 - CFD: 31/07/2011 - 23:35:10 - [137016] ----D- C:\Users\david et vanessa\AppData\Roaming\BitTorrent

O43 - CFD: 18/01/2009 - 20:54:32 - [0] ----D- C:\Users\david et vanessa\AppData\Roaming\DivX

O43 - CFD: 14/08/2011 - 17:27:58 - [3797] ----D- C:\Users\david et vanessa\AppData\Roaming\DNA

O43 - CFD: 29/07/2011 - 12:42:34 - [3991] ----D- C:\Users\david et vanessa\AppData\Roaming\dvdcss

O43 - CFD: 26/12/2008 - 21:00:40 - [3178] ----D- C:\Users\david et vanessa\AppData\Roaming\Google

O43 - CFD: 26/12/2008 - 20:51:14 - [0] ----D- C:\Users\david et vanessa\AppData\Roaming\Identities

O43 - CFD: 26/12/2008 - 20:48:32 - [0] ----D- C:\Users\david et vanessa\AppData\Roaming\InstallShield

O43 - CFD: 26/12/2008 - 21:32:36 - [1975064] ----D- C:\Users\david et vanessa\AppData\Roaming\Macromedia

O43 - CFD: 14/08/2011 - 14:41:34 - [2195451] ----D- C:\Users\david et vanessa\AppData\Roaming\Malwarebytes

O43 - CFD: 03/09/2010 - 22:20:10 - [12185277] -S--D- C:\Users\david et vanessa\AppData\Roaming\Microsoft

O43 - CFD: 31/01/2009 - 22:33:20 - [104743] ----D- C:\Users\david et vanessa\AppData\Roaming\Mozilla

O43 - CFD: 15/11/2009 - 18:48:30 - [17850678] ----D- C:\Users\david et vanessa\AppData\Roaming\myphotobook

O43 - CFD: 28/10/2009 - 23:16:42 - [2252405] ----D- C:\Users\david et vanessa\AppData\Roaming\OpenOffice.org

O43 - CFD: 12/04/2011 - 11:31:50 - [2674161] ----D- C:\Users\david et vanessa\AppData\Roaming\Real

O43 - CFD: 23/06/2011 - 20:44:48 - [14703786] ----D- C:\Users\david et vanessa\AppData\Roaming\Research In Motion

O43 - CFD: 04/09/2010 - 16:04:32 - [177796] ----D- C:\Users\david et vanessa\AppData\Roaming\SFR

O43 - CFD: 07/07/2011 - 16:26:10 - [13824] ----D- C:\Users\david et vanessa\AppData\Roaming\Template

O43 - CFD: 16/04/2010 - 17:19:46 - [337] ----D- C:\Users\david et vanessa\AppData\Roaming\Toshiba

O43 - CFD: 27/12/2008 - 20:22:36 - [447403] ----D- C:\Users\david et vanessa\AppData\Roaming\vlc

O43 - CFD: 26/12/2008 - 23:05:00 - [0] ----D- C:\Users\david et vanessa\AppData\Roaming\Windows Live Writer

O43 - CFD: 26/12/2008 - 20:45:42 - [0] -SH-D- C:\Users\david et vanessa\AppData\Local\Application Data

O43 - CFD: 31/01/2009 - 22:33:38 - [0] ----D- C:\Users\david et vanessa\AppData\Local\DNA

O43 - CFD: 27/12/2008 - 20:24:28 - [57942] ----D- C:\Users\david et vanessa\AppData\Local\eMule

O43 - CFD: 29/07/2011 - 10:54:10 - [677439956] ----D- C:\Users\david et vanessa\AppData\Local\Google

O43 - CFD: 26/12/2008 - 20:45:42 - [0] -SH-D- C:\Users\david et vanessa\AppData\Local\Historique

O43 - CFD: 20/10/2009 - 15:11:22 - [1130691648] ----D- C:\Users\david et vanessa\AppData\Local\Microsoft

O43 - CFD: 22/11/2010 - 22:25:20 - [930588] ----D- C:\Users\david et vanessa\AppData\Local\Microsoft Games

O43 - CFD: 27/12/2008 - 20:26:22 - [0] ----D- C:\Users\david et vanessa\AppData\Local\Microsoft Help

O43 - CFD: 07/07/2011 - 19:34:18 - [3674] ----D- C:\Users\david et vanessa\AppData\Local\Neuf

O43 - CFD: 29/12/2009 - 01:21:04 - [0] ----D- C:\Users\david et vanessa\AppData\Local\Real

O43 - CFD: 14/08/2011 - 17:29:16 - [84370] ----D- C:\Users\david et vanessa\AppData\Local\Temp

O43 - CFD: 26/12/2008 - 20:45:42 - [0] -SH-D- C:\Users\david et vanessa\AppData\Local\Temporary Internet Files

O43 - CFD: 26/12/2008 - 20:52:06 - [0] ----D- C:\Users\david et vanessa\AppData\Local\Toshiba

O43 - CFD: 31/08/2009 - 22:50:32 - [179521] ----D- C:\Users\david et vanessa\AppData\Local\VirtualStore

O43 - CFD: 26/12/2008 - 23:05:12 - [327550] ----D- C:\Users\david et vanessa\AppData\Local\Windows Live Writer

~ Scan Program Folder in 00mn 17s

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.F3BF594F2D49E1F02F67C4A3909A8909] - 14/08/2011 - 16:28:39 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1464285]

O44 - LFC:[MD5.5992E2E6DDB6D9146614C0EB80E8CC34] - 14/08/2011 - 16:22:50 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.A2ECDCD689172BE64236C8475F3BAE33] - 14/08/2011 - 16:22:43 ---A- . (...) -- C:\Windows\PFRO.log [46218]

O44 - LFC:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 14/08/2011 - 13:41:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [41272]

O44 - LFC:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 14/08/2011 - 13:41:23 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22712]

O44 - LFC:[MD5.203F1E52B3603E9D76203FA5665A8DAD] - 14/08/2011 - 12:58:19 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [15934]

O44 - LFC:[MD5.38DFB814F1F924E7BD76B22325902CBB] - 14/08/2011 - 12:55:48 ---A- . (...) -- C:\Ad-Report-SCAN[1].txt [17099]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/08/2011 - 12:53:39 ---A- . (...) -- C:\Windows\agcore.log [0]

O44 - LFC:[MD5.291F7CB88AB13FA3020D34B872AB1FBF] - 14/08/2011 - 12:43:53 ---A- . (...) -- C:\UsbFix_Upload_Me_PC.zip [452607924]

O44 - LFC:[MD5.E9F58411D2E8983720DDABE218495485] - 13/08/2011 - 22:07:38 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [8273532]

O44 - LFC:[MD5.06C4D0381226780BFA060967676494FA] - 13/08/2011 - 22:07:37 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [5580]

O44 - LFC:[MD5.C4A0781CA9EB6EBCA38D6DBC2DD862C4] - 13/08/2011 - 22:07:37 ---A- . (...) -- C:\Windows\system32\perfc009.dat [2450882]

O44 - LFC:[MD5.D7162EB42FE164B04CD81E8F2DC6E4FB] - 13/08/2011 - 22:07:37 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [2762988]

O44 - LFC:[MD5.A10D1F337E6214DD44767ABBA0404952] - 13/08/2011 - 22:07:37 ---A- . (...) -- C:\Windows\system32\perfh009.dat [3038040]

O44 - LFC:[MD5.FE1EEF0B70CBD67193EE337ABB64DC90] - 31/07/2011 - 10:52:47 ---A- . (...) -- C:\Windows\setupact.log [117918]

~ Scan Files in 00mn 27s

 

 

 

---\\ Export de clé d'application autorisée (O47)

O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent\bittorrent.exe" [Enabled] .(.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\bittorrent.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 01s

 

 

 

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{956c543f-b76b-11df-83bc-00a0c6000000}\AutoRun\command. (...) -- D:\SFR.exe (.not file.)

~ Scan Keys in 00mn 00s

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll

O52 - TDSD: \Drivers32\"msacm.dvacm"="C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\system32\DivX.dll

O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\system32\DivX.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.8.5 Codec" . (...) -- (.not file.)

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:32:46 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]

O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:32:51 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]

O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:32:52 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]

O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:32:53 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]

O58 - SDL:[MD5.CE91B158FA490CF4C4D487A4130F4660] - 13/08/2008 - 15:11:00 ---A- . (.Agere Systems - SoftModem Device Driver.) -- C:\Windows\system32\drivers\AGRSM.sys [1161888]

O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:32:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]

O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:32:49 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]

O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:32:50 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]

O58 - SDL:[MD5.FB6A381C32A87EE6588EED61D22DC03B] - 17/01/2010 - 12:08:30 ---A- . (.ALWIL Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [19024]

O58 - SDL:[MD5.0FA9908262D640A80813DBA3FFFCF688] - 25/11/2009 - 12:08:52 ---A- . (.ALWIL Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [51792]

O58 - SDL:[MD5.7827F70B86B29FBF112CBCE547205ACC] - 17/01/2010 - 12:09:08 ---A- . (.ALWIL Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [23376]

O58 - SDL:[MD5.39BF48164A958F4BF0C0EC6CDC447DB5] - 17/01/2010 - 12:12:33 ---A- . (.ALWIL Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [162640]

O58 - SDL:[MD5.755E4AFB683E3306886A0F4DF02A1575] - 17/01/2010 - 12:12:54 ---A- . (.ALWIL Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [46672]

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]

O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]

O58 - SDL:[MD5.BF79E659C506674C0497CC9C61F1A165] - 13/08/2008 - 03:42:42 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdr4_xp.sys [2432]

O58 - SDL:[MD5.2C41CD49D82D5FD85C72D57B6CA25471] - 13/08/2008 - 03:42:42 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdralw2k.sys [2560]

O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:32:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]

O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]

O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:32:50 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]

O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:32:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]

O58 - SDL:[MD5.CBC22823628544735625B280665E434E] - 13/08/2008 - 13:11:14 ---A- . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 32-bit Driver.) -- C:\Windows\system32\drivers\FwLnk.sys [7168]

O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 02/11/2009 - 14:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]

O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:32:52 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]

O58 - SDL:[MD5.DB0CC620B27A928D968C1A1E9CD9CB87] - 26/12/2008 - 17:53:44 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [312344]

O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:32:49 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]

O58 - SDL:[MD5.6FB1858D1F0923D122B0331865695041] - 13/08/2008 - 17:43:16 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [2381312]

O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]

O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]

O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]

O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:32:49 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]

O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:32:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]

O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:32:48 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]

O58 - SDL:[MD5.F0435FE3C1EC2659D2BBF073CA0752EE] - 04/09/2010 - 15:35:00 ---A- . (.ZTE Incorporated - ZTE CDROM Filter.) -- C:\Windows\system32\drivers\massfilter.sys [7680]

O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 14/08/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22712]

O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 14/08/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [41272]

O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:32:53 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]

O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:32:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]

O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]

O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]

O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]

O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]

O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]

O58 - SDL:[MD5.1BF91F352D746AD7469FA71783B5FAE8] - 02/05/2009 - 19:46:22 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\Windows\system32\drivers\PCAMp50.sys [28224]

O58 - SDL:[MD5.1961590AA191B6B7DCF18A6A693AF7B8] - 02/05/2009 - 19:46:20 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\Windows\system32\drivers\PCASp50.sys [27072]

O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 31/03/2009 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\pxhelp20.sys [43872]

O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:32:50 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]

O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]

O58 - SDL:[MD5.2C4FB2E9F039287767C384E46EE91030] - 08/05/2010 - 15:18:02 ---A- . (.Research in Motion Ltd - RIM Virtual Serial Driver.) -- C:\Windows\system32\drivers\RimSerial.sys [27136]

O58 - SDL:[MD5.F17713D108ACA124A139FDE877EEF68A] - 08/05/2010 - 17:33:50 ---A- . (.Research In Motion Limited - BlackBerry Device Driver.) -- C:\Windows\system32\drivers\RimUsb.sys [22784]

O58 - SDL:[MD5.B9CBD3DEA7CA02868621173BF7A2AF9F] - 26/12/2008 - 17:00:04 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2095512]

O58 - SDL:[MD5.B71D269B9AB5417963E986126C12B9FC] - 26/12/2008 - 09:20:32 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\system32\drivers\rtl8187B.sys [290304]

O58 - SDL:[MD5.7157E70A90CCE49DEB8885D23A073A39] - 13/08/2008 - 09:05:08 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [118784]

O58 - SDL:[MD5.0D60B8C10A2C5E8DD620B3FDEB1CDA64] - 26/12/2008 - 10:50:50 ---A- . (.Windows ® Codename Longhorn DDK provider - Realtek Utility I/O Driver.) -- C:\Windows\system32\drivers\RtlProt.sys [25896]

O58 - SDL:[MD5.9FF7D9CF3A5F296613588B0E8DB83AFE] - 13/08/2008 - 16:26:08 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for Vista.) -- C:\Windows\system32\drivers\RTSTOR.sys [62976]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:32:52 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]

O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]

O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]

O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]

O58 - SDL:[MD5.55F6E55CC2430CA8713387106FA79817] - 13/08/2008 - 17:12:48 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [196400]

O58 - SDL:[MD5.1825BCEB47BF41C5A9F0E44DE82FC27A] - 13/08/2008 - 10:50:04 ---A- . (.TOSHIBA Corporation. - Toshiba ODD Writing Driver For x86..) -- C:\Windows\system32\drivers\tdcmdpst.sys [16128]

O58 - SDL:[MD5.4399A9BF7D8F49991A07FD86590A1619] - 26/12/2008 - 18:52:16 ---A- . (.TOSHIBA Corporation - tos_sps2.) -- C:\Windows\system32\drivers\tos_sps32.sys [279376]

O58 - SDL:[MD5.792A8B80F8188ABA4B2BE271583F3E46] - 26/12/2008 - 14:00:52 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\system32\drivers\TVALZ_O.SYS [23640]

O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:32:45 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]

O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]

O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:32:49 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]

O58 - SDL:[MD5.1DF89C499BF45D878B87EBD4421D462D] - 02/11/2009 - 19:42:52 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys [40448]

O58 - SDL:[MD5.8C5094A8AB24DE7496C7C19942F2DF04] - 26/12/2008 - 11:45:20 ---A- . (.Chicony Electronics Co., Ltd. - UVCFTR_S.sys.) -- C:\Windows\system32\drivers\UVCFTR_S.SYS [18432]

O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:32:21 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]

O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:32:49 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]

O58 - SDL:[MD5.A5CA20D8FAA17794F0AF4890EB868FA8] - 04/09/2010 - 19:26:42 ---A- . (.Nicomsoft Ltd. - Advanced WiFi-Manager Kernel Mode Driver.) -- C:\Windows\system32\drivers\wifimanio.sys [21504]

O58 - SDL:[MD5.B8B466103280E45E391E876F05122607] - 04/09/2010 - 15:03:00 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbmdm6k.sys [104960]

O58 - SDL:[MD5.911BA85906BC7602C73441502ABFB565] - 04/09/2010 - 12:49:00 ---A- . (.ZTE Corporation. - USB NDIS Miniport Driver.) -- C:\Windows\system32\drivers\ZTEusbnet.sys [110080]

O58 - SDL:[MD5.69774B89725DDC4781E0EEB9809F3B20] - 04/09/2010 - 15:41:00 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbnmea.sys [105344]

O58 - SDL:[MD5.B8B466103280E45E391E876F05122607] - 04/09/2010 - 15:03:00 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbser6k.sys [104960]

O58 - SDL:[MD5.B8B466103280E45E391E876F05122607] - 04/09/2010 - 15:03:00 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbvoice.sys [104960]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

~ Scan Drivers in 00mn 07s

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 09/03/2010 - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt(aswMonFlt) .(.ALWIL Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT

O64 - Services: CurCS - 06/07/2011 - C:\Windows\system32\drivers\mbamswissarmy.sys - MBAMSwissArmy(MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSWISSARMY

O64 - Services: CurCS - 28/11/2006 - C:\Windows\system32\Drivers\PCAMp50.sys - PCAMp50 NDIS Protocol Driver(PCAMp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMP50

O64 - Services: CurCS - 28/11/2006 - C:\Windows\system32\Drivers\PCASp50.sys - PCASp50 NDIS Protocol Driver(PCASp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_PCASP50

O64 - Services: CurCS - 23/04/2007 - C:\Windows\system32\DRIVERS\rtlprot.sys - Realtke RtlProt WLAN Utility Protocol Driver(RtlProt) .(.Windows ® Codename Longhorn DDK provider - Realtek Utility I/O Driver.) - LEGACY_RTLPROT

~ Scan Services in 00mn 14s

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCU\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {0D83F6DE-782E-4A8D-8626-229E811EB319} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {2A8FCDCD-BA3B-414D-BA9B-FF5F158B28E0} - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {70D46D94-BF1E-45ED-B567-48701376298E} - (Google Desktop) - http://127.0.0.1:4664/search&s=1Pd9w8Dl4nZB57btc8dC5EKSq_8?q={searchTerms}

O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Live Search) - Bing

~ Scan Keys in 00mn 00s

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.37802DC23540941D3D5FFC0CFB97D9F0] [sPRF][14/08/2011] (...) -- C:\Users\david et vanessa\Desktop\AD-R.exe [1563105]

[MD5.D9DE89F0FAF18019BC9595F0F47BCA61] [sPRF][14/08/2011] (.Atribune.org - ATF Cleaner.exe.) -- C:\Users\david et vanessa\Desktop\ATF-Cleaner.exe [50688]

[MD5.9A14A477431A901A7014ED312E0C6C3C] [sPRF][14/08/2011] (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Users\david et vanessa\Desktop\mbam-setup-1.51.1.1800.exe [9466208]

[MD5.78E2FA7394A8C4F0F06358627F345FA1] [sPRF][14/08/2011] (...) -- C:\Users\david et vanessa\Desktop\RogueKiller.exe [555008]

[MD5.0D67B42B14304488C2342F61172A3A56] [sPRF][14/08/2011] (.El Desaparecido.com - UsbFix.) -- C:\Users\david et vanessa\Desktop\UsbFix.exe [1235521]

[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576]

[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608]

[MD5.46E2D72A986DCEF5B2827311E3B5C2EC] [sPRF][15/01/2009] (.Kiwee - Installer Control.) -- C:\Windows\Downloaded Program Files\InstallerControl.dll [204800]

[MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [172032]

~ Scan Files in 00mn 00s

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "{056FB93E-A395-4D45-AAD0-64CBB473ECB0}" | In - Private - P6 - TRUE | .(.BitTorrent, Inc. - DNA.) -- C:\Program Files\DNA\btdna.exe

O87 - FAEL: "{E25083DA-DD15-4347-B2A3-CF51728F3C4C}" | In - Private - P17 - TRUE | .(.BitTorrent, Inc. - DNA.) -- C:\Program Files\DNA\btdna.exe

O87 - FAEL: "TCP Query User{7D995A44-AD0C-4F33-93B2-56EC06AF2750}C:\users\david et vanessa\program files\dna\btdna.exe" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - DNA.) -- C:\users\david et vanessa\program files\dna\btdna.exe

O87 - FAEL: "UDP Query User{D06F5328-F8A9-4BB4-AFD2-3C47924C554C}C:\users\david et vanessa\program files\dna\btdna.exe" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - DNA.) -- C:\users\david et vanessa\program files\dna\btdna.exe

O87 - FAEL: "TCP Query User{99F66266-C956-4151-AED8-0D8BEAF5720B}C:\users\david et vanessa\program files\dna\btdna.exe" | In - Private - P6 - TRUE | .(.BitTorrent, Inc. - DNA.) -- C:\users\david et vanessa\program files\dna\btdna.exe

O87 - FAEL: "UDP Query User{B867781E-DB81-4388-A759-3780912A00DB}C:\users\david et vanessa\program files\dna\btdna.exe" | In - Private - P17 - TRUE | .(.BitTorrent, Inc. - DNA.) -- C:\users\david et vanessa\program files\dna\btdna.exe

O87 - FAEL: "{B26F163E-D739-4FEB-AEA8-FD43F8BEEB66}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{5A039D48-8BCB-4ABF-A560-9C1C62638B47}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{8F8673F6-4ED1-49E0-86F8-F7ED76AC64E1}" | In - Private - P6 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe

O87 - FAEL: "{19D0999C-B40F-422C-9C23-94AA135CF2EF}" | In - Private - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe

O87 - FAEL: "TCP Query User{77C9CFF0-711B-49D7-B614-EC0769FE1D57}C:\program files\bittorrent\bittorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\program files\bittorrent\bittorrent.exe

O87 - FAEL: "UDP Query User{1A2A5017-B4F5-4CA5-8D26-CB9178966381}C:\program files\bittorrent\bittorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\program files\bittorrent\bittorrent.exe

O87 - FAEL: "{D8DCD155-EA44-4B0F-B18A-A3939AE8FD15}" | In - Private - P6 - TRUE | .(.SFR - Gestionnaire de connexion SFR.) -- C:\Program Files\SFR\Gestionnaire de Connexion SFR\ABCd_ZTE.exe

O87 - FAEL: "{CD0DA3F3-5AAD-4AE5-AE12-54249F604927}" | In - Private - P17 - TRUE | .(.SFR - Gestionnaire de connexion SFR.) -- C:\Program Files\SFR\Gestionnaire de Connexion SFR\ABCd_ZTE.exe

O87 - FAEL: "{8C2AA64D-622F-4008-8F40-BE54951DA836}" | In - Public - P6 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) -- C:\Program Files\SFR\Media Center\httpd\httpd.exe

O87 - FAEL: "{0659413C-58E0-42A9-A708-DD9248F04FF7}" | In - Public - P17 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) -- C:\Program Files\SFR\Media Center\httpd\httpd.exe

O87 - FAEL: "TCP Query User{D08C77A9-5A12-42B8-B684-86EE9825472A}C:\program files\bittorrent\bittorrent.exe" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\program files\bittorrent\bittorrent.exe

O87 - FAEL: "UDP Query User{A4831F61-29A3-41CB-8734-683C88AAD428}C:\program files\bittorrent\bittorrent.exe" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\program files\bittorrent\bittorrent.exe

O87 - FAEL: "{6E67C5B4-F76E-4CC6-86E5-8B2573731C92}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Farming Simulator 2011\FarmingSimulator2011.exe (.not file.)

O87 - FAEL: "{2E3FCCA7-FFB9-4511-AF40-21C5B27EBDF9}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Farming Simulator 2011\FarmingSimulator2011.exe (.not file.)

O87 - FAEL: "{DFFE08E4-9132-4E53-93D5-040A310A45FC}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Farming Simulator 2011\game.exe (.not file.)

O87 - FAEL: "{B83B9853-EF4B-483A-A915-A6BD759BEA08}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Farming Simulator 2011\game.exe (.not file.)

~ Scan Firewall in 00mn 03s

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 8611 - (12/08/2011)

Clés trouvées (Keys found) : 7

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 0

Fichiers trouvés (Files found) : 0

 

[HKLM\Software\Classes\AppID\contenthandler.dll] =>Toolbar.Kiwee

[HKLM\Software\Classes\contenthandler.contentselection] =>Toolbar.Kiwee

[HKLM\Software\Classes\contenthandler.contentselection.1] =>Toolbar.Kiwee

[HKLM\Software\Classes\Interface\{5663b370-f3c3-40d1-9c46-0e800aa4d0e8}] =>Toolbar.Kiwee

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}] =>Toolbar.Kiwee

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}] =>Toolbar.Kiwee

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO

~ Scan Additionnel in 00mn 10s

 

 

 

---\\ Recherche détournement de DNS routeur (O89)

Serveur : vip-dns-gp-secondary.dns.sfr.net

Address: 109.0.66.20

Nom : www.l.google.com

Addresses: 74.125.39.104

74.125.39.106

74.125.39.105

74.125.39.103

74.125.39.147

74.125.39.99

Aliases: www.google.fr

www.google.com

~ Scan DNS in 00mn 02s

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 13/08/2008 9216 | (AgereModemAudio) . (.Agere Systems.) - C:\Windows\system32\agrsmsvc.exe

SR - | Auto 07/06/2009 144712 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

SR - | Auto 09/03/2010 40384 | (avast! Antivirus) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

SS - | Demand 09/03/2010 40384 | (avast! Mail Scanner) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

SS - | Demand 09/03/2010 40384 | (avast! Web Scanner) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

SR - | Auto 07/06/2009 238888 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SR - | Auto 13/08/2008 40960 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

SS - | Demand 14/08/2010 30192 | Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

SS - | Auto 29/12/2009 133104 | (gupdate1ca881436ee6e72) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 29/12/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 26/04/2009 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

SR - | Demand 02/11/2009 545568 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SR - | Auto 04/09/2010 657536 | (ServiceSFRABCD) . (.SFR & Celliance.) - C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe

SR - | Demand 26/12/2008 73728 | (SmartFaceVWatchSrv) . (.Toshiba.) - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe

SR - | Auto 13/08/2008 99720 | (TempoMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe

SR - | Auto 26/12/2008 83312 | (TNaviSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe

SR - | Auto 13/08/2008 129632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe

SR - | Auto 26/12/2008 431456 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

SR - | Auto 26/12/2008 126976 | (TOSHIBA SMART Log Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

SR - | Auto 13/08/2008 49152 | (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

~ Scan Services in 00mn 04s

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

~ Scan MBR in 00mn 06s

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by david et vanessa at 14/08/2011 17:34:03

 

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 00mn 08s

 

 

 

End of the scan (1260 lines in 03mn 26s)(0)

[Apollo]

Il n'y a plus que 6% d'espace libre sur la partition système, c'est trop peu, surtout pour Vista.

 

Il faudra soit repartitionner pour élargir la partition C, soit déplacer de gros fichiers comme la musique ou les films (supports externes ou DVD), cci afin de récupérer au moins 15 % d'espace libre, ce qui est le minimum acceptable pour un système.

 

j'ai une fenetre narrateur microsoft qui s'affiche

 

Tu peux me faire une capture de cette fenêtre stp?

 

Désinstalle ZHPDiag par programmes et fonctionnalités.

 

Télécharge la nouvelle version: http://www.moncompteur.com/compteurclick.php?idLink=18026

 

Ensuite:

 

ZHPFix :

 

• Ferme toutes les applications ouvertes
   
  
• Double-clique sur ZHPFix, raccourci installé par ZHPDiag sur le Bureau
  Important:
  Sous Vista et Windows 7 : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur.
   
  
• Clique sur H .
   
  
• Copie-colle les lignes ci-dessous dans la fenêtre

 

O2 - BHO: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} Clé orpheline      
O51 - MPSK:{956c543f-b76b-11df-83bc-00a0c6000000}\AutoRun\command. (...) -- D:\SFR.exe (.not file.)    
[MD5.46E2D72A986DCEF5B2827311E3B5C2EC] [sPRF][15/01/2009] (.Kiwee - Installer Control.) -- C:\Windows\Downloaded Program Files\InstallerControl.dll [204800]    
[HKLM\Software\Classes\AppID\contenthandler.dll]    
[HKLM\Software\Classes\contenthandler.contentselection]    
[HKLM\Software\Classes\contenthandler.contentselection.1]     
[HKLM\Software\Classes\Interface\{5663b370-f3c3-40d1-9c46-0e800aa4d0e8}]     
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}]    
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}]    
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]  
emptytemp
emptyflash
sysrestore  

 

• Clique sur l'icone représentant la lettre H (« coller les lignes Helper »). Le script doit automatiquement apparaitre dans ZHPFix, sinon, colle-le.
   
  Clique sur le bouton GO pour lancer le nettoyage

 

• Valide par Oui la désinstallation des programmes si demandé
   
  
• Laisse l'outil travailler. Si un redémarrage est demandé, accepte et redémarre le PC
   
  
• Le rapport ZHPFixReport.txt s'affiche. Copie-colle le contenu de ce rapport dans ta réponse.
  Le rapport ZHPFixReport.txt est enregistré sous C:\Program files\ZHPFix\ZHPFixReport.txt

 

Info: Apollo Et Compagnie :: ZHPDiag, un outil de diagnostic

 

~~~~~~~~~~~~~~~~~~~

A propos de kiwee TB: Apollo Et Compagnie :: Désinstaller Kiwee Toolbar

 

@++