[Résolu] Adobe AIR

bocace · le 16 août 2011

Bonjour à toutes et à tous,

Comme me l'a proposé Dylav, je vous indique les symptômes : lorsque j'installe Adobe air, il est précisé que l'installation s'est déroulée avec succès. J'éteins le micro et le rallume, en fin de parcours une image Adobe air apparaît, indiquant "l'installation de cette application est endommagée".

Je n'en comprends pas la raison, n'ayant jamais rencontré de difficulté avec les différents logiciels Adobe.

voici un rapport :

Rapport de ZHPDiag v1.28.1322 par Nicolas Coolman, Update du 10/08/2011

Run by jp at 16/08/2011 10:43:53

Web site : http://www.premiumor...s s /zhpdiag.html

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421

MFIE: Mozilla Firefox 5.0 v5.0 (Defaut)

---\\ Windows Product Information

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

~ Windows® 7, OEM_SLP channel

System Locked Preinstallation (OEM_SLP) : OK

Windows ID Activation : OK

~ Windows Partial Key : 3Q6C9

Windows License : OK

~ Windows Remaining Initializations Number : 3

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

---\\ System Information

~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 4095 MB (67% free)

System Restore: Activé (Enable)

System drive C: has 515 GB (88%) free of 584 GB

---\\ Logged in mode

~ Computer Name: JP4PC

~ User Name: jp

~ All Users Names: jp, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\jp\AppData\Roaming\

~ %Desktop% : C:\Users\jp\Desktop\

~ %Favorites% : C:\Users\jp\Favorites\

~ %LocalAppData% : C:\Users\jp\AppData\Local\

~ %StartMenu% : C:\Users\jp\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 515 Go of 584 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 12 Go)

E:\ CD-ROM drive (Not Inserted)

G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

~ Scan Security Center in 00mn 00s

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.27/04/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]

[MD5.0732B49B250E306F7A6591029AF9885B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/08/2011 - 06:36:16.) -- C:\Windows\system32\wininet.dll [1389056]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.04/04/2011 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]

[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/04/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.04/04/2011 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448]

[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.04/04/2011 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]

~ Scan Generic Processes in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 36/7995

~ Mes musiques (My Musics) : 100/488

~ Mes Videos (My Videos) : 1/136

~ Mes Favoris (My Favorites) : 2/42

~ Mes Documents (My Documents) : 7/852

~ Mon Bureau (My Desktop) : 1/15

~ Menu demarrer (Programs) : 8/27

~ Scan Hidden Files in 00mn 05s

---\\ Processus lancés

[MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3493720] [PID.1820]

[MD5.66275E52615AF9D2F18EB3442D00CFE3] - (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [210216] [PID.2256]

[MD5.6C9CD3ECBA6732661C8BBE37A877A2BD] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [924632] [PID.748]

[MD5.BFF67166267E2FAE0589C3F992EAA1A5] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [664576] [PID.3376]

~ Scan Processes Running in 00mn 00s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\jp\AppData\Roaming\Mozilla\Firefox\Profiles\q3va42e4.default\prefs.js

M3 - MFPP: Plugins - [jp] -- C:\Users\jp\AppData\Roaming\Mozilla\Firefox\Profiles\q3va42e4.default\searchplugins\bing.xml

M0 - MFSP: prefs.js [jp - q3va42e4.default] Google

M2 - MFEP: prefs.js [jp - q3va42e4.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.17 (.http://www.cacaoweb.org/.)

M2 - MFEP: prefs.js [jp - q3va42e4.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20110704 (.WOT Services Oy.)

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java™ Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPOFF12.DLL

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll

~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKUS\S-1-5-21-679903683-664782049-283030905-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Google

R1 - HKUS\S-1-5-21-679903683-664782049-283030905-1000\Software\Microsoft\Internet Explorer\Main,Search Page = Google

R3 - URLSearchHook: (no name) [64Bits] - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (...) (No version) -- (.not file.)

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll

R3 - URLSearchHook: (no name) [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (...) (No version) -- (.not file.)

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

---\\ Redirection du fichier Hosts (O1)

~ Scan Hosts File in 00mn 07s

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: HP Print Enhancer [64Bits] - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) [64Bits] - {1d970ed5-3eda-438d-bffd-715931e2775b} Clé orpheline

O2 - BHO: Search Helper [64Bits] - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\

O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java™ Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java™ Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class [64Bits] - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

~ Scan BHO in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Wow6432Node\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe

O4 - HKUS\S-1-5-18\..\Run: [OrangePlayer] . (.Orange - Media Player.) -- C:\Program Files (x86)\Orange\Media Player\Media Player.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\Run: [OrangePlayer] . (.Orange - Media Player.) -- C:\Program Files (x86)\Orange\Media Player\Media Player.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [OrangePlayer] . (.Orange - Media Player.) -- C:\Program Files (x86)\Orange\Media Player\Media Player.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Scan Application in 00mn 00s

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\jp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\jp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\jp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Jouer à HP Games.lnk . (.WildTangent, Inc..) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe

O4 - Global Startup: C:\Users\jp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\jp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

~ Scan Global Startup in 00mn 00s

---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)

O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no

~ Scan IE Control Panel in 00mn 00s

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - (.not file.) - C:\Windows\system32\GPhotos.scr

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.exe

~ Scan IE Menu Contextuel in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

~ Scan Winsock in 00mn 00s

---\\ Site dans la Zone de confiance d'Internet Explorer (O15)

O15 - Trusted Zone: [HKCU\...\Domains] http.mappy.com

O15 - Trusted Zone: [HKCU\...\Domains\www] http.mappy.com

~ Scan IE Zone Confiance in 00mn 06s

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{56D8AC69-B980-443C-BEE1-0DB4ABDBC7A0}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{56D8AC69-B980-443C-BEE1-0DB4ABDBC7A0}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{56D8AC69-B980-443C-BEE1-0DB4ABDBC7A0}: DhcpNameServer = 192.168.1.1

~ Scan Domain in 00mn 00s

---\\ Protocole additionnel (O18)

O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: grooveLocalGWS [64Bits] - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: skype-ie-addon-data [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

~ Scan Protocole Additionnel in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ Scan SSODL in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe

O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA - Pas de description.) - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard Company - HP Support Assistant.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: Process Monitor (LVPrcS64) . (.Logitech Inc. - LVPrcSrv Module..) - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

O23 - Service: Orange update Core Service (Orange update Core Service) . (...) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe (.not file.)

O23 - Service: Secunia PSI Agent (Secunia PSI Agent) . (.Secunia - Secunia PSI Agent.) - C:\Program Files (x86)\Secunia\PSI\PSIA.exe

O23 - Service: Secunia Update Agent (Secunia Update Agent) . (.Secunia - Secunia Update Agent.) - C:\Program Files (x86)\Secunia\PSI\sua.exe

O23 - Service: (UMVPFSrv) . (.Logitech Inc. - Logitech User mode UMVPF service.) - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

~ Scan Services in 00mn 00s

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Ad-Aware Update (Weekly).job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCDRScheduledMaintenance.job

[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)

[MD5.1F706E1F23E4E4A7FBE4F243D0A6D5C4] [APT] [AssistanceLivebox] (...) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe

[MD5.66275E52615AF9D2F18EB3442D00CFE3] [APT] [CLMLSvc] (.CyberLink.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

[MD5.00000000000000000000000000000000] [APT] [DVDAgent] (...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (.not file.)

[MD5.ECAC52036A7B9AEF61C1BAE8F753454B] [APT] [ExtendedServicePlan] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe

[MD5.9879731CDFCE67A1214DD636DEBF62A3] [APT] [PCDRScheduledMaintenance] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor for Windows\pcdrcui.exe

[MD5.ECAC52036A7B9AEF61C1BAE8F753454B] [APT] [RecoveryCDWin7] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe

[MD5.ECAC52036A7B9AEF61C1BAE8F753454B] [APT] [servicePlan] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe

[MD5.00000000000000000000000000000000] [APT] [{00D091AF-6896-4C64-93C6-3E8864FA9BD2}] (...) -- E:\INSTALL.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{08205EA5-CA9B-4429-B2CF-B528D5CAFE14}] (...) -- C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{1708A2B2-0E38-441E-A0FD-93A5256B52D4}] (...) -- E:\INSTALL.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{1C3643F5-DA76-4E58-B256-DD8789FB387B}] (...) -- E:\INSTALL.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{1C81BE65-E3DC-4E23-8622-D6E1CD8F3B85}] (...) -- C:\Users\jp\Desktop\win_AssistanceLivebox_setup.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{1D6923F8-38A1-49A2-A67E-A8C6463B6CAE}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.29EE0B9590F6DD4B38B46069F58A1521] [APT] [{2D371C26-D7F3-4180-A10C-0B71B8A2F552}] (.InstallShield Software Corporation.) -- C:\Windows\IsUn040c.exe

[MD5.00000000000000000000000000000000] [APT] [{30FEE51D-8347-47D6-8F19-D9F4BE8B4621}] (...) -- C:\Users\jp\Desktop\LB_v1.5.exe (.not file.)

[MD5.C09116C3F2F168DAB019C047AFDD5285] [APT] [{36488216-BD61-45EA-BFF1-510E6E6228F8}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

[MD5.00000000000000000000000000000000] [APT] [{48F191F4-11B0-45E3-8061-F82EAEA86A17}] (...) -- E:\INSTALL.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{4A58CF47-4E0B-46D8-A116-1E288E7C593D}] (...) -- C:\Users\jp\Desktop\LB_v1.5.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{5CD0DCDF-0B04-43E6-A080-418876527790}] (...) -- E:\INSTALL.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{6152FE47-EFBC-43BA-854E-BFA99A3EFEBA}] (...) -- E:\INSTALL.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{645A9549-81BC-4C2C-B511-C54A2B2B60E8}] (...) -- E:\INSTALL.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{6B185A61-7740-4C18-8D8A-35F86C6AE038}] (...) -- E:\CEZANNE.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{6D1F8FA9-0EAE-4276-8A7F-B10A63054D19}] (...) -- E:\EINST31.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{7ABCF746-DEA2-4B10-901E-19B48FCF7FCC}] (...) -- E:\CEZANNE.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{85ACB3A3-8B12-46F5-BD7F-F8827EC9F5AF}] (...) -- E:\CEZANNE.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{8E6B4618-10C0-40FA-98C7-96271B768377}] (...) -- C:\Users\jp\Desktop\win_AssistanceLivebox_setup.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{9048E2FC-4D52-492E-A7D1-87D9037AC175}] (...) -- E:\INSTALL.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{939A98EE-019B-4F71-B7FE-BE6EAF9C2955}] (...) -- E:\INSTALL.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{94198ABC-235A-417E-9D37-CB7C8C3C47D5}] (...) -- E:\INSTALL.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{B117AAC5-6B9F-4F37-B820-445B41A89162}] (...) -- E:\INSTALL.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{B554FD16-8F93-4549-B108-FF2AC5FDDCC3}] (...) -- C:\Users\jp\Desktop\vlc-1.1.0-win32.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{B5DBE338-46C6-4584-A022-736BF8B87CB2}] (...) -- C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{B6768841-723E-45DD-B9B2-83CF730873FE}] (...) -- E:\EINST31.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{BD5147B3-59E5-486E-A076-43A69480902C}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{C6669194-B488-4DB9-8EDB-51F22D8895A1}] (...) -- C:\Users\jp\Desktop\vlc-1.1.0-win32.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{C6D6F35F-BDA7-48CA-9885-EECDBC76E8A3}] (...) -- C:\Users\jp\Desktop\vlc-1.1.0-win32.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{D113F0BC-3236-40A9-86AB-CE6B0ACC209F}] (...) -- C:\Users\jp\Desktop\win_AssistanceLivebox_setup.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{D2865F7E-C474-4502-A731-650BC9E66807}] (...) -- E:\EINST31.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{DA15E18F-E618-4DC5-82F5-EDB53875B09B}] (...) -- E:\INSTALL.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{E856AA05-68A9-4B7E-9E01-FAAE17274FBE}] (...) -- E:\INSTALL.exe (.not file.)

[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe

[MD5.FDC7C934ADB8C3B51A3C21781B608673] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

[MD5.FDC7C934ADB8C3B51A3C21781B608673] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

~ Scan Scheduled Task in 00mn 06s

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys

~ Scan Drivers in 00mn 00s

---\\ Logiciels installés (O42)

O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: BankPerfect 7.3 - (.Fabio Chelly.) [HKLM] -- BankPerfect

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Coffret de pilotes Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- lvdrivers_12.10

O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}

O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}

O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler

O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM] -- HPExtendedCapabilities

O42 - Logiciel: HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 - (.HP.) [HKLM] -- {CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}

O42 - Logiciel: HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall

O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM] -- HP Imaging Device Functions

O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}

O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}

O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}

O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM] -- {B2EE25B9-5B00-4ACF-94F0-92433C28C39E}

O42 - Logiciel: HP Print Projects 1.0 - (.HP.) [HKLM] -- HP Print Projects

O42 - Logiciel: HP Remote Solution - (.Hewlett-Packard.) [HKLM] -- HP Remote Solution

O42 - Logiciel: HP Remote Solution - (.Hewlett-Packard.) [HKLM] -- {C611CF88-969D-43E6-A877-D6D6439DD081}

O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {17B4760F-334B-475D-829F-1A3E94A6A4E6}

O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing

O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools

O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM] -- {08DB3902-2CE0-474D-BCE3-0177766CE9F1}

O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: Logitech Vid HD - (.Logitech Inc...) [HKLM] -- Logitech Vid

O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc. Inc..) [HKLM] -- {D40EB009-0499-459c-A8AF-C9C110766215}

O42 - Logiciel: Magic Desktop - (.EasyBits Software AS.) [HKLM] -- EasyBits Magic Desktop

O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Media Player - (.Orange.) [HKLM] -- Media Player

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_ENTERPRISE_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISE_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}

O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {3023EBDA-BF1B-4831-B347-E5018555F26E}

O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr)

O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN

O42 - Logiciel: Orange WebTV Player 1.29418 - (.Orange.) [HKLM] -- Orange WebTV Player_is1

O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor for Windows

O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3

O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}

O42 - Logiciel: Secunia PSI (2.0.0.3001) - (.Pas de propriétaire.) [HKLM] -- Secunia PSI

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD0DE453-0804-4495-9C91-33D0F9AA5463}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636

O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD907315-705A-4475-A1A0-2A1245803E4D}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0173254-F442-4D04-9154-43FA157B83D0}

O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2494047) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5D930261-AA5B-48D1-931F-425C9D767490}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies

O42 - Logiciel: TP-LINK Driver Installation Program - (.TP-LINK.) [HKLM] -- {E63F3DF4-18E8-4F46-BBD8-E64FC9C370AD}

O42 - Logiciel: Toutankhamon - (.Pas de propriétaire.) [HKLM] -- Toutankhamon

O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}

O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}

O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1365864D-4C58-489D-9982-844D75691CCC}

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2586924) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3B65DCBC-61EC-4578-9DF2-40D3B3829CD8}

O42 - Logiciel: VLC media player 1.1.10 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: Virtualis Crédit Mutuel - (.Pas de propriétaire.) [HKLM] -- Virtualis Crédit Mutuel

O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ALWIL Software]

[HKCU\Software\ATI]

[HKCU\Software\AVAST Software]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Orange]

[HKCU\Software\AppDataLow\Software\uTorrentBar_FR]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\BankPerfect]

[HKCU\Software\Borland]

[HKCU\Software\CDDB]

[HKCU\Software\Canneverbe Limited]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\CyberLink]

[HKCU\Software\EasyBits]

[HKCU\Software\Google]

[HKCU\Software\HP]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\HookNetwork]

[HKCU\Software\IM Providers]

[HKCU\Software\ImageViewer]

[HKCU\Software\JavaSoft]

[HKCU\Software\Leadertech]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\LogiShrd]

[HKCU\Software\Logitech]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Norton]

[HKCU\Software\ODBC]

[HKCU\Software\Orange]

[HKCU\Software\PC-Doctor]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\Secunia]

[HKCU\Software\SkypeApps]

[HKCU\Software\Skype]

[HKCU\Software\Softonic]

[HKCU\Software\Trolltech]

[HKCU\Software\Windows Live Writer]

[HKCU\Software\Wow6432Node]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\cacaoweb]

[HKCU\Software\yahooinstall]

[HKLM\Software\ALWIL Software]

[HKLM\Software\AMD]

[HKLM\Software\ATI Technologies]

[HKLM\Software\ATI]

[HKLM\Software\AVAST Software]

[HKLM\Software\Adobe]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\Borland]

[HKLM\Software\Canneverbe Limited]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Conduit]

[HKLM\Software\CyberLink]

[HKLM\Software\DivXNetworks]

[HKLM\Software\EasyBits]

[HKLM\Software\FRANCE TELECOM]

[HKLM\Software\GEAR Software]

[HKLM\Software\Google]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\LogiShrd]

[HKLM\Software\Logitech]

[HKLM\Software\MAGIX]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NETGEAR]

[HKLM\Software\Nero]

[HKLM\Software\ODBC]

[HKLM\Software\OrangePlayerTemp]

[HKLM\Software\Orange]

[HKLM\Software\PC-Doctor]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SRS Labs]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Secunia]

[HKLM\Software\Sensible Vision]

[HKLM\Software\Skype]

[HKLM\Software\Sonic]

[HKLM\Software\TP-LINK]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\WildTangent]

[HKLM\Software\Wilson WindowWare]

[HKLM\Software\Windows]

[HKLM\Software\Wow6432Node]

[HKLM\Software\mozilla.org]

[HKLM\Software\webtogo]

~ Scan Softwares in 00mn 00s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 16/06/2010 - 14:50:26 - [175767833] ----D- C:\Program Files\Alwil Software

O43 - CFD: 05/12/2009 - 08:34:40 - [19033550] ----D- C:\Program Files\ATI

O43 - CFD: 30/07/2011 - 16:05:46 - [8458144] ----D- C:\Program Files\CCleaner

O43 - CFD: 15/09/2010 - 14:16:14 - [200921360] ----D- C:\Program Files\Common Files

O43 - CFD: 27/05/2011 - 06:55:32 - [9321792] ----D- C:\Program Files\Defraggler

O43 - CFD: 04/04/2011 - 16:58:02 - [90256916] ----D- C:\Program Files\DVD Maker

O43 - CFD: 10/06/2010 - 16:19:28 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 05/12/2009 - 08:50:26 - [1364803] ----D- C:\Program Files\Hewlett-Packard

O43 - CFD: 10/08/2011 - 11:19:52 - [6203631] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 28/07/2011 - 15:01:54 - [1951827] ----D- C:\Program Files\iPod

O43 - CFD: 28/07/2011 - 15:02:18 - [2358288] ----D- C:\Program Files\iTunes

O43 - CFD: 15/09/2010 - 14:16:46 - [22566755] ----D- C:\Program Files\Logitech

O43 - CFD: 14/07/2009 - 09:45:56 - [149237810] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 03/07/2010 - 16:59:10 - [1141526] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 17/09/2010 - 18:32:42 - [0] ----D- C:\Program Files\Orange

O43 - CFD: 05/12/2009 - 08:49:10 - [153997100] ----D- C:\Program Files\PC-Doctor for Windows

O43 - CFD: 05/12/2009 - 08:37:38 - [2178436] ----D- C:\Program Files\PlayReady

O43 - CFD: 05/12/2009 - 08:25:34 - [15364824] ----D- C:\Program Files\Realtek

O43 - CFD: 14/07/2009 - 07:32:40 - [36813993] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 04/04/2011 - 16:58:02 - [4039680] ----D- C:\Program Files\Windows Defender

O43 - CFD: 04/04/2011 - 16:58:02 - [9224824] ----D- C:\Program Files\Windows Journal

O43 - CFD: 23/10/2010 - 10:55:26 - [43896] ----D- C:\Program Files\Windows Live

O43 - CFD: 04/04/2011 - 16:58:02 - [6667776] ----D- C:\Program Files\Windows Mail

O43 - CFD: 04/04/2011 - 16:58:02 - [7687085] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 10/06/2010 - 16:19:28 - [12627636] ----D- C:\Program Files\Windows NT

O43 - CFD: 04/04/2011 - 16:58:02 - [5516056] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 04/04/2011 - 16:58:02 - [244736] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 04/04/2011 - 16:58:02 - [10037294] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 20/06/2010 - 12:00:22 - [6580905] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 25/04/2011 - 17:01:42 - [115274280] ----D- C:\Program Files\Common Files\logishrd

O43 - CFD: 16/06/2011 - 15:42:04 - [66260414] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 05/12/2009 - 17:22:10 - [12194291] ----D- C:\Program Files\Common Files\System

O43 - CFD: 02/08/2011 - 14:26:40 - [479] ----D- C:\ProgramData\Adobe

O43 - CFD: 16/06/2010 - 14:50:26 - [12227337] ----D- C:\ProgramData\Alwil Software

O43 - CFD: 19/06/2010 - 16:25:08 - [233651712] ----D- C:\ProgramData\Apple

O43 - CFD: 30/11/2010 - 12:47:06 - [67151149] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 05/12/2009 - 08:35:18 - [187] ----D- C:\ProgramData\ATI

O43 - CFD: 10/06/2010 - 16:19:28 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 13/10/2010 - 11:23:32 - [0] ----D- C:\ProgramData\Canneverbe Limited

O43 - CFD: 12/09/2010 - 09:22:22 - [136386] ----D- C:\ProgramData\CyberLink

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 10/06/2010 - 16:19:28 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 04/11/2010 - 09:43:04 - [0] ----D- C:\ProgramData\Google

O43 - CFD: 20/12/2010 - 12:36:32 - [54138504] ----D- C:\ProgramData\Hewlett-Packard

O43 - CFD: 22/09/2010 - 09:16:16 - [17475305] ----D- C:\ProgramData\HP

O43 - CFD: 12/06/2010 - 10:23:48 - [8988] ----D- C:\ProgramData\HP Product Assistant

O43 - CFD: 10/06/2010 - 16:58:54 - [54192] ----D- C:\ProgramData\InstallShield

O43 - CFD: 15/09/2010 - 18:01:46 - [72] ----D- C:\ProgramData\Lavasoft

O43 - CFD: 15/09/2010 - 14:19:04 - [5871321] ----D- C:\ProgramData\LogiShrd

O43 - CFD: 20/09/2010 - 17:51:46 - [21140950] ----D- C:\ProgramData\Logitech

O43 - CFD: 13/01/2011 - 00:18:58 - [16694477] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 10/06/2010 - 16:19:28 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 13/12/2010 - 10:44:38 - [278962399] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 10/08/2011 - 11:18:34 - [367586] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 10/06/2010 - 16:19:28 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 07/05/2011 - 16:24:42 - [1562476] ----D- C:\ProgramData\MusicStation

O43 - CFD: 13/10/2010 - 20:56:38 - [533] ----D- C:\ProgramData\Nero

O43 - CFD: 16/06/2010 - 15:19:20 - [323] ----D- C:\ProgramData\Norton

O43 - CFD: 05/12/2009 - 09:14:36 - [11323640] ----D- C:\ProgramData\NortonInstaller

O43 - CFD: 15/08/2010 - 11:08:12 - [0] ----D- C:\ProgramData\NOS

O43 - CFD: 02/08/2011 - 14:27:12 - [1948575] ----D- C:\ProgramData\Orange

O43 - CFD: 13/12/2010 - 10:31:18 - [144] ----D- C:\ProgramData\PC Drivers HeadQuarters

O43 - CFD: 05/12/2009 - 08:49:08 - [3247933] ----D- C:\ProgramData\PC-Doctor for Windows

O43 - CFD: 23/07/2010 - 17:11:42 - [102186] ----D- C:\ProgramData\Recovery

O43 - CFD: 22/12/2010 - 17:34:34 - [45810910] ----D- C:\ProgramData\Skype

O43 - CFD: 13/01/2011 - 16:29:12 - [7648] ----D- C:\ProgramData\Spybot - Search & Destroy

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 16/06/2010 - 20:14:26 - [224] ----D- C:\ProgramData\Sun

O43 - CFD: 05/12/2009 - 09:16:06 - [364686] ----D- C:\ProgramData\Temp

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 18/06/2010 - 11:34:56 - [4511] ----D- C:\ProgramData\TP-LINK

O43 - CFD: 12/06/2010 - 10:37:06 - [206] ----D- C:\ProgramData\WEBREG

O43 - CFD: 16/06/2010 - 19:40:02 - [1372921313] ----D- C:\ProgramData\WildTangent

O43 - CFD: 20/12/2010 - 12:42:52 - [35253750] ----D- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC}

O43 - CFD: 05/12/2009 - 08:52:34 - [21397340] ----D- C:\ProgramData\{44AFD825-9603-4521-9447-A6E1C5CA2F3D}

O43 - CFD: 20/06/2010 - 12:02:26 - [893135] ----D- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

O43 - CFD: 05/12/2009 - 08:34:18 - [5733577] --H-D- C:\ProgramData\{D441869F-BEC4-446D-9888-C5CA29F160F9}

O43 - CFD: 12/06/2010 - 07:43:30 - [21219164] ----D- C:\ProgramData\{DA06AA03-DF24-4ECE-939E-1B0939235C66}

O43 - CFD: 16/08/2011 - 10:43:48 - [3624729] -S--D- C:\Users\jp\AppData\Roaming\Microsoft

O43 - CFD: 02/08/2011 - 14:26:40 - [3382779] ----D- C:\Users\jp\AppData\Roaming\Adobe

O43 - CFD: 20/06/2010 - 12:06:22 - [347506] ----D- C:\Users\jp\AppData\Roaming\Apple Computer

O43 - CFD: 10/06/2010 - 16:39:38 - [0] ----D- C:\Users\jp\AppData\Roaming\ATI

O43 - CFD: 05/05/2011 - 19:18:04 - [1605740] ----D- C:\Users\jp\AppData\Roaming\BankPerfect

O43 - CFD: 10/08/2011 - 09:44:56 - [3235044] ----D- C:\Users\jp\AppData\Roaming\cacaoweb

O43 - CFD: 13/10/2010 - 11:23:32 - [1556] ----D- C:\Users\jp\AppData\Roaming\Canneverbe Limited

O43 - CFD: 19/06/2010 - 12:31:16 - [0] ----D- C:\Users\jp\AppData\Roaming\CyberLink

O43 - CFD: 02/05/2011 - 19:55:48 - [199] ----D- C:\Users\jp\AppData\Roaming\dvdcss

O43 - CFD: 12/06/2010 - 15:45:58 - [131367] ----D- C:\Users\jp\AppData\Roaming\Hewlett-Packard

O43 - CFD: 30/06/2010 - 10:13:24 - [186052] ----D- C:\Users\jp\AppData\Roaming\HP

O43 - CFD: 10/08/2011 - 09:34:00 - [436] ----D- C:\Users\jp\AppData\Roaming\HP Support Assistant

O43 - CFD: 20/12/2010 - 12:46:46 - [21465] ----D- C:\Users\jp\AppData\Roaming\hpqLog

O43 - CFD: 10/08/2011 - 09:34:00 - [33763] ----D- C:\Users\jp\AppData\Roaming\HpUpdate

O43 - CFD: 10/06/2010 - 16:38:22 - [0] ----D- C:\Users\jp\AppData\Roaming\Identities

O43 - CFD: 16/06/2010 - 19:40:12 - [0] ----D- C:\Users\jp\AppData\Roaming\iWin

O43 - CFD: 19/03/2011 - 20:45:00 - [2242] ----D- C:\Users\jp\AppData\Roaming\KeePass

O43 - CFD: 15/09/2010 - 14:18:38 - [233] ----D- C:\Users\jp\AppData\Roaming\Leadertech

O43 - CFD: 12/06/2010 - 07:00:40 - [56979] ----D- C:\Users\jp\AppData\Roaming\Macromedia

O43 - CFD: 13/01/2011 - 00:19:12 - [2107] ----D- C:\Users\jp\AppData\Roaming\Malwarebytes

O43 - CFD: 14/07/2009 - 09:44:40 - [0] ----D- C:\Users\jp\AppData\Roaming\Media Center Programs

O43 - CFD: 07/10/2010 - 12:02:14 - [988519] ----D- C:\Users\jp\AppData\Roaming\Media Player

O43 - CFD: 12/06/2010 - 07:22:08 - [23645285] ----D- C:\Users\jp\AppData\Roaming\Mozilla

O43 - CFD: 13/10/2010 - 20:45:18 - [0] ----D- C:\Users\jp\AppData\Roaming\Nero

O43 - CFD: 07/05/2011 - 16:24:44 - [937] ----D- C:\Users\jp\AppData\Roaming\newfolder3

O43 - CFD: 16/06/2010 - 20:17:06 - [1645339] ----D- C:\Users\jp\AppData\Roaming\OpenOffice.org

O43 - CFD: 10/08/2011 - 09:21:40 - [0] ----D- C:\Users\jp\AppData\Roaming\Orange

O43 - CFD: 12/07/2011 - 21:03:00 - [4230454] ----D- C:\Users\jp\AppData\Roaming\Skype

O43 - CFD: 12/07/2011 - 21:01:56 - [9632] ----D- C:\Users\jp\AppData\Roaming\skypePM

O43 - CFD: 20/06/2010 - 10:19:42 - [13824] ----D- C:\Users\jp\AppData\Roaming\Template

O43 - CFD: 08/06/2011 - 18:37:32 - [83146] ----D- C:\Users\jp\AppData\Roaming\vlc

O43 - CFD: 16/06/2010 - 19:39:08 - [653] ----D- C:\Users\jp\AppData\Roaming\WildTangent

O43 - CFD: 12/06/2010 - 07:42:44 - [0] ----D- C:\Users\jp\AppData\Roaming\WinBatch

O43 - CFD: 23/10/2010 - 13:00:40 - [0] ----D- C:\Users\jp\AppData\Roaming\Windows Live Writer

O43 - CFD: 03/07/2010 - 19:26:20 - [8352] ----D- C:\Users\jp\AppData\Roaming\_MDLogs

O43 - CFD: 11/02/2011 - 18:49:26 - [362462988] ----D- C:\Users\jp\AppData\Local\Microsoft

O43 - CFD: 02/08/2011 - 14:26:38 - [15982075] ----D- C:\Users\jp\AppData\Local\Adobe

O43 - CFD: 19/06/2010 - 16:25:10 - [0] ----D- C:\Users\jp\AppData\Local\Apple

O43 - CFD: 20/06/2010 - 12:02:34 - [40507222] ----D- C:\Users\jp\AppData\Local\Apple Computer

O43 - CFD: 10/06/2010 - 16:19:34 - [0] -SH-D- C:\Users\jp\AppData\Local\Application Data

O43 - CFD: 03/07/2010 - 10:03:50 - [0] ----D- C:\Users\jp\AppData\Local\Apps

O43 - CFD: 18/12/2010 - 17:38:26 - [7626846] ----D- C:\Users\jp\AppData\Local\Ares

O43 - CFD: 10/06/2010 - 16:39:38 - [63660] ----D- C:\Users\jp\AppData\Local\ATI

O43 - CFD: 19/06/2010 - 11:06:40 - [0] ----D- C:\Users\jp\AppData\Local\CyberLink

O43 - CFD: 30/01/2011 - 12:27:24 - [0] ----D- C:\Users\jp\AppData\Local\Diagnostics

O43 - CFD: 07/05/2011 - 16:24:00 - [9875456] ----D- C:\Users\jp\AppData\Local\Downloaded Installations

O43 - CFD: 03/11/2010 - 12:44:24 - [366375524] ----D- C:\Users\jp\AppData\Local\Google

O43 - CFD: 14/06/2010 - 15:50:44 - [69202765] ----D- C:\Users\jp\AppData\Local\Hewlett-Packard

O43 - CFD: 10/06/2010 - 16:19:34 - [0] -SH-D- C:\Users\jp\AppData\Local\Historique

O43 - CFD: 23/03/2011 - 12:30:00 - [603520] ----D- C:\Users\jp\AppData\Local\Hook Network

O43 - CFD: 30/06/2010 - 10:13:24 - [86952] ----D- C:\Users\jp\AppData\Local\HP

O43 - CFD: 15/09/2010 - 14:18:52 - [4511060] ----D- C:\Users\jp\AppData\Local\LogiShrd

O43 - CFD: 29/04/2011 - 15:45:30 - [265355] ----D- C:\Users\jp\AppData\Local\Microsoft Games

O43 - CFD: 27/09/2010 - 18:16:10 - [350224] ----D- C:\Users\jp\AppData\Local\Microsoft Help

O43 - CFD: 30/07/2010 - 15:44:24 - [687611] ----D- C:\Users\jp\AppData\Local\MigWiz

O43 - CFD: 12/06/2010 - 07:21:50 - [52746376] ----D- C:\Users\jp\AppData\Local\Mozilla

O43 - CFD: 09/12/2010 - 16:23:08 - [1151861] ----D- C:\Users\jp\AppData\Local\piratrax

O43 - CFD: 19/06/2010 - 11:06:38 - [0] ----D- C:\Users\jp\AppData\Local\PowerCinema

O43 - CFD: 16/09/2010 - 08:47:20 - [0] ----D- C:\Users\jp\AppData\Local\Secunia PSI

O43 - CFD: 15/09/2010 - 17:04:44 - [0] ----D- C:\Users\jp\AppData\Local\Sunbelt Software

O43 - CFD: 16/08/2011 - 09:56:10 - [442368] ----D- C:\Users\jp\AppData\Local\Temp

O43 - CFD: 10/06/2010 - 16:19:34 - [0] -SH-D- C:\Users\jp\AppData\Local\Temporary Internet Files

O43 - CFD: 10/06/2010 - 20:22:48 - [4191043] ----D- C:\Users\jp\AppData\Local\VirtualStore

O43 - CFD: 09/12/2010 - 20:07:14 - [36864] ----D- C:\Users\jp\AppData\Local\Windows Live

O43 - CFD: 25/10/2010 - 08:59:06 - [374870] ----D- C:\Users\jp\AppData\Local\Windows Live Writer

O43 - CFD: 20/06/2010 - 08:23:20 - [6722] ----D- C:\Users\jp\AppData\Local\WindowsUpdate

O43 - CFD: 16/08/2011 - 10:44:14 - [4005952] ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 16/08/2011 - 09:48:52 - [164336192] ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 10/07/2011 - 22:08:10 - [2428606] ----D- C:\Program Files (x86)\Apple Software Update

O43 - CFD: 05/12/2009 - 08:35:18 - [93794223] ----D- C:\Program Files (x86)\ATI Technologies

O43 - CFD: 04/04/2011 - 16:04:52 - [1618682] ----D- C:\Program Files (x86)\BankPerfect

O43 - CFD: 16/08/2011 - 09:48:50 - [776809996] ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 05/12/2009 - 08:43:16 - [931317193] ----D- C:\Program Files (x86)\Cyberlink

O43 - CFD: 16/06/2010 - 21:09:08 - [94378339] ----D- C:\Program Files (x86)\EasyBits For Kids

O43 - CFD: 28/11/2010 - 20:08:08 - [2420768] ----D- C:\Program Files (x86)\Feedback Tool

O43 - CFD: 04/11/2010 - 09:43:04 - [75703715] ----D- C:\Program Files (x86)\Google

O43 - CFD: 20/12/2010 - 12:43:30 - [1101194747] ----D- C:\Program Files (x86)\Hewlett-Packard

O43 - CFD: 16/06/2010 - 22:14:46 - [194302658] ----D- C:\Program Files (x86)\hp

O43 - CFD: 05/12/2009 - 09:05:48 - [265535868] ----D- C:\Program Files (x86)\HP Games

O43 - CFD: 04/07/2010 - 17:02:08 - [4825249] ----D- C:\Program Files (x86)\HP Photosmart 11

O43 - CFD: 16/08/2011 - 08:48:44 - [111435746] --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 10/08/2011 - 11:19:54 - [6469875] ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 28/07/2011 - 15:02:18 - [123201110] ----D- C:\Program Files (x86)\iTunes

O43 - CFD: 30/06/2011 - 08:53:08 - [91719604] ----D- C:\Program Files (x86)\Java

O43 - CFD: 20/09/2010 - 17:52:40 - [131414734] ----D- C:\Program Files (x86)\Logitech

O43 - CFD: 01/08/2011 - 14:41:50 - [6994170] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware

O43 - CFD: 05/12/2009 - 09:10:52 - [2664525] ----D- C:\Program Files (x86)\Microsoft

O43 - CFD: 15/09/2010 - 19:27:34 - [800662] ----D- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 29/06/2011 - 19:36:28 - [663909096] ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 16/06/2011 - 15:40:52 - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 07/05/2011 - 16:22:14 - [4192884] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 07/05/2011 - 16:22:14 - [346631] ----D- C:\Program Files (x86)\Microsoft Synchronization Services

O43 - CFD: 03/07/2010 - 17:01:52 - [14904] ----D- C:\Program Files (x86)\Microsoft Visual Studio

O43 - CFD: 03/07/2010 - 16:59:04 - [1387249] ----D- C:\Program Files (x86)\Microsoft Visual Studio 8

O43 - CFD: 16/12/2010 - 12:03:48 - [145421942] ----D- C:\Program Files (x86)\Microsoft Works

O43 - CFD: 03/07/2010 - 17:01:26 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 11/08/2011 - 16:37:20 - [36391181] ----D- C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 03/07/2010 - 17:02:00 - [26521] ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 20/06/2010 - 09:20:56 - [106340576] ----D- C:\Program Files (x86)\MSECache

O43 - CFD: 12/06/2010 - 10:50:30 - [0] ----D- C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 07/05/2011 - 16:24:44 - [11690572] ----D- C:\Program Files (x86)\MusicStation

O43 - CFD: 13/10/2010 - 20:54:32 - [94249248] ----D- C:\Program Files (x86)\Nero

O43 - CFD: 10/06/2010 - 16:19:52 - [1352983] R---D- C:\Program Files (x86)\Online Services

O43 - CFD: 10/08/2011 - 09:32:28 - [94433438] ----D- C:\Program Files (x86)\Orange

O43 - CFD: 09/05/2011 - 17:37:14 - [63268052] ----D- C:\Program Files (x86)\OrangeHSS

O43 - CFD: 04/08/2011 - 08:57:48 - [75697179] ----D- C:\Program Files (x86)\QuickTime

O43 - CFD: 05/12/2009 - 08:35:54 - [48435975] ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 14/07/2009 - 07:32:40 - [39159041] ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 13/01/2011 - 17:09:42 - [1307600] ----D- C:\Program Files (x86)\RegCleaner

O43 - CFD: 16/09/2010 - 08:47:08 - [6637215] ----D- C:\Program Files (x86)\Secunia

O43 - CFD: 14/06/2010 - 15:50:44 - [31013246] ----D- C:\Program Files (x86)\Securitoo

O43 - CFD: 22/12/2010 - 17:34:52 - [28191841] R---D- C:\Program Files (x86)\Skype

O43 - CFD: 11/08/2011 - 16:20:18 - [3703] ----D- C:\Program Files (x86)\Syrinx

O43 - CFD: 05/12/2009 - 08:36:04 - [0] --H-D- C:\Program Files (x86)\Temp

O43 - CFD: 18/06/2010 - 11:35:22 - [0] ----D- C:\Program Files (x86)\TP-LINK

O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 08/06/2011 - 18:35:38 - [147109717] ----D- C:\Program Files (x86)\VideoLAN

O43 - CFD: 01/08/2011 - 08:15:10 - [317264] ----D- C:\Program Files (x86)\Virtualis

O43 - CFD: 05/12/2009 - 17:20:52 - [524800] ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 30/03/2011 - 12:07:30 - [290635319] ----D- C:\Program Files (x86)\Windows Live

O43 - CFD: 04/04/2011 - 16:58:04 - [6181376] ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 04/04/2011 - 16:58:04 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 04/04/2011 - 16:58:04 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 04/04/2011 - 16:58:04 - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 04/04/2011 - 16:58:04 - [5994678] ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 19/06/2011 - 15:57:32 - [3606170] ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 16/08/2011 - 09:48:50 - [31529878] ----D- C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 28/07/2011 - 15:01:54 - [96662340] ----D- C:\Program Files (x86)\Common Files\Apple

O43 - CFD: 31/12/2010 - 20:51:06 - [7675827] ----D- C:\Program Files (x86)\Common Files\Borland Shared

O43 - CFD: 03/07/2010 - 17:01:52 - [92976] ----D- C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 16/06/2010 - 15:14:52 - [3004683] ----D- C:\Program Files (x86)\Common Files\France Telecom

O43 - CFD: 12/06/2010 - 10:21:36 - [997653] ----D- C:\Program Files (x86)\Common Files\Hewlett-Packard

O43 - CFD: 12/06/2010 - 10:21:56 - [1817436] ----D- C:\Program Files (x86)\Common Files\HP

O43 - CFD: 05/12/2009 - 08:35:52 - [3989920] ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 30/06/2011 - 08:55:30 - [1258951] ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD: 09/01/2011 - 17:42:04 - [42248] ---AD- C:\Program Files (x86)\Common Files\LightScribe

O43 - CFD: 25/04/2011 - 17:01:42 - [39632378] ----D- C:\Program Files (x86)\Common Files\logishrd

O43 - CFD: 05/12/2009 - 08:46:44 - [56657] ---AD- C:\Program Files (x86)\Common Files\LS Getting Started

O43 - CFD: 20/09/2010 - 17:51:44 - [5241923] ----D- C:\Program Files (x86)\Common Files\LWS

O43 - CFD: 23/10/2010 - 10:55:16 - [273118816] ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 13/10/2010 - 20:50:16 - [19009571] ----D- C:\Program Files (x86)\Common Files\Nero

O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 22/12/2010 - 17:34:38 - [2164104] ----D- C:\Program Files (x86)\Common Files\Skype

O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 04/07/2010 - 12:14:54 - [44257903] ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 05/12/2009 - 09:07:18 - [201544077] ----D- C:\Program Files (x86)\Common Files\Windows Live

~ Scan Program Folder in 00mn 13s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.A5CF5CA292BAD8EA4A78C66DEABC163A] - 16/08/2011 - 08:29:03 ---A- . (...) -- C:\Windows\WindowsUpdate.log [66984]

O44 - LFC:[MD5.AC849B99E032F4017BB1CE37934DD4AF] - 16/08/2011 - 08:24:58 ---A- . (...) -- C:\Windows\setupact.log [112]

O44 - LFC:[MD5.47DFE75545A7E291474C370EC0AD7FD0] - 16/08/2011 - 08:24:56 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/08/2011 - 08:24:54 RSHAD . (...) -- C:\Windows\system32\drivers\lvuvc.hs [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/08/2011 - 08:14:53 ---A- . (...) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.FC17F2FA817A886BA4C1657F511A9A36] - 11/08/2011 - 14:32:30 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700]

O44 - LFC:[MD5.B509D4FC7A69AF8032C4527B2AC3D6A1] - 11/08/2011 - 14:32:30 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106190]

O44 - LFC:[MD5.6A7FA94EA15EF216FB653B8AE80C23F1] - 11/08/2011 - 14:32:30 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130548]

O44 - LFC:[MD5.BB5AEBCA18F1E7F6287ABCED3F8910B8] - 11/08/2011 - 14:32:30 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [615810]

O44 - LFC:[MD5.64F66580A3AC5CF6F7B3E147255147F0] - 11/08/2011 - 14:32:30 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704242]

O44 - LFC:[MD5.FC17F2FA817A886BA4C1657F511A9A36] - 11/08/2011 - 14:32:30 RSHAD . (...) -- C:\Windows\system32\PerfStringBackup.INI [1549700]

O44 - LFC:[MD5.B509D4FC7A69AF8032C4527B2AC3D6A1] - 11/08/2011 - 14:32:30 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [106190]

O44 - LFC:[MD5.6A7FA94EA15EF216FB653B8AE80C23F1] - 11/08/2011 - 14:32:30 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [130548]

O44 - LFC:[MD5.BB5AEBCA18F1E7F6287ABCED3F8910B8] - 11/08/2011 - 14:32:30 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [615810]

O44 - LFC:[MD5.64F66580A3AC5CF6F7B3E147255147F0] - 11/08/2011 - 14:32:30 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [704242]

O44 - LFC:[MD5.76D91231D3A4A76CF1AC97A5743AD74D] - 11/08/2011 - 13:56:29 ---A- . (...) -- C:\Windows\SysNative\lvcoinst.log [28887]

O44 - LFC:[MD5.76D91231D3A4A76CF1AC97A5743AD74D] - 11/08/2011 - 13:56:29 RSHAD . (...) -- C:\Windows\system32\lvcoinst.log [28887]

O44 - LFC:[MD5.45720649587671282F5D40AC0C96931C] - 11/08/2011 - 07:54:29 ---A- . (...) -- C:\Windows\win.ini [422]

O44 - LFC:[MD5.788F570BEAF7E244826E24FB37583AE4] - 11/08/2011 - 07:53:00 ---A- . (...) -- C:\Windows\hpoins44.dat [176660]

O44 - LFC:[MD5.5DA4162C5A2EEF88DE2B7C8F0F6F15F5] - 03/08/2011 - 12:55:34 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [454616]

O44 - LFC:[MD5.5DA4162C5A2EEF88DE2B7C8F0F6F15F5] - 03/08/2011 - 12:55:34 RSHAD . (...) -- C:\Windows\system32\FNTCACHE.DAT [454616]

~ Scan Files in 00mn 13s

---\\ Export de clé d'application autorisée (O47)

O47 - AAKE:Key Export SP - "C:\Users\jp\AppData\Roaming\cacaoweb\cacaoweb.exe" [Enabled] .(...) -- C:\Users\jp\AppData\Roaming\cacaoweb\cacaoweb.exe

~ Scan Keys in 00mn 00s

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"vidc.i420"="lvcod64.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\system32\lvcod64.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

~ Scan Keys in 00mn 00s

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (...) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\ares [Key] . (...) -- C:\Program Files (x86)\Ares\Ares.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\cacaoweb [Key] . (...) -- C:\Users\jp\AppData\Roaming\cacaoweb\cacaoweb.exe

O53 - SMSR:HKLM\...\startupreg\ccleaner [Key] . (...) -- C:\Program Files (x86)\CCleaner\CCleaner64.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\Easybits Recovery [Key] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

O53 - SMSR:HKLM\...\startupreg\GrooveMonitor [Key] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe

O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O53 - SMSR:HKLM\...\startupreg\HPADVISOR [Key] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

O53 - SMSR:HKLM\...\startupreg\hpsysdrv [Key] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe

O53 - SMSR:HKLM\...\startupreg\LogitechQuickCamRibbon [Key] . (...) -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

O53 - SMSR:HKLM\...\startupreg\LWS [Key] . (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

O53 - SMSR:HKLM\...\startupreg\ORAHSSSessionManager [Key] . (...) -- C:\Program Files (x86)\OrangeHSS\SessionManager\SessionManager.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\OrangePlayer [Key] . (.Orange - Media Player.) -- C:\Program Files (x86)\Orange\Media Player\Media Player.exe

O53 - SMSR:HKLM\...\startupreg\PC-Doctor for Windows localizer [Key] . (.PC-Doctor, Inc. - Hardware Diagnostic Tools Localizer.) -- C:\Program Files\PC-Doctor for Windows\localizer.exe

O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe

O53 - SMSR:HKLM\...\startupreg\Sidebar [Key] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O53 - SMSR:HKLM\...\startupreg\SmartMenu [Key] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

O53 - SMSR:HKLM\...\startupreg\SpybotSD TeaTimer [Key] . (...) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\StartCCC [Key] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java™ Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

~ Scan SMSR Keys in 00mn 00s

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "HideFastUserSwitching"=0

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKCU\...\Policies\System] - "DisableLockWorkstation"=0

O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0

O55 - MWPS:[HKCU\...\Policies\System] - "DisableChangePassword"=0

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

~ Scan Keys in 00mn 00s

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 10/06/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 27/04/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 10/06/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 27/04/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.55353CD0DA287B2C3782485740965B54] - 16/06/2010 - 12:32:14 RSHAD . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [22360]

O58 - SDL:[MD5.B38061CDEFB71361E0C7547AC60527E8] - 16/06/2010 - 12:32:24 RSHAD . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [64856]

O58 - SDL:[MD5.91E7ACA95933633B2557F47CDFDB74C3] - 16/06/2010 - 12:32:35 RSHAD . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [31064]

O58 - SDL:[MD5.2B15499F68FAD60CE69264A327E9B0F0] - 26/02/2011 - 12:36:56 RSHAD . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [600920]

O58 - SDL:[MD5.4D939ECB19DC930056593390D1C87C43] - 16/06/2010 - 12:36:54 RSHAD . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [288088]

O58 - SDL:[MD5.D633426C5A207CE21767569AA4946891] - 16/06/2010 - 12:35:28 RSHAD . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [45400]

O58 - SDL:[MD5.0ACC06FCF46F64ED4F11E57EE461C1F4] - 05/10/2009 - 15:34:00 RSHAD . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athrx.sys [1542656]

O58 - SDL:[MD5.FB7602C5C508BE281368AAE0B61B51C6] - 05/12/2009 - 02:04:32 RSHAD . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtiHdmi.sys [121872]

O58 - SDL:[MD5.C9F90FEE4FDC829382B9130A92FB744C] - 05/12/2009 - 01:31:52 RSHAD . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [6204928]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 10/06/2009 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.E403AACF8C7BB11375122D2464560311] - 05/12/2010 - 13:17:08 RSHAD . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [34152]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 14/07/2009 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 04/04/2011 - 14:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]

O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 27/04/2011 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 13/07/2009 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.C586CC39820B6E7FE3657FED8329D300] - 27/07/2010 - 07:11:38 RSHAD . (.Logitech Inc. - Logitech AudioProcessing Filter Driver.) -- C:\Windows\system32\drivers\lvpopf64.sys [271712]

O58 - SDL:[MD5.B3944D06EB4B64D57BD7E5FE89415F58] - 20/09/2010 - 17:43:30 RSHAD . (...) -- C:\Windows\system32\drivers\LVPr2M64.sys [30304]

O58 - SDL:[MD5.EF586B959F747E74C76603FF16AE417B] - 01/04/2011 - 04:06:22 RSHAD . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\Windows\system32\drivers\lvrs64.sys [341856]

O58 - SDL:[MD5.EDF73BFA1BD24D74D1D64DC0ED28A7CD] - 01/04/2011 - 04:07:54 RSHAD . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\Windows\system32\drivers\lvuvc64.sys [4184672]

O58 - SDL:[MD5.9C4FB231B6E02F84580DE2F00F3C5293] - 13/01/2011 - 18:52:42 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25912]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 10/06/2009 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 13/07/2009 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 27/04/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 27/04/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O58 - SDL:[MD5.FB46E9A827A8799EBD7BFA9128C91F37] - 11/02/2011 - 09:30:58 RSHAD . (.Secunia - Secunia PSI Driver.) -- C:\Windows\system32\drivers\psi_mf.sys [17976]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 10/06/2009 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 13/07/2009 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.3B01789EE4EAEE97F5EB46B711387D5E] - 05/12/2009 - 01:05:06 RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [239616]

O58 - SDL:[MD5.3C4B4EE54FEBB09F7E9F58776DE96DCA] - 07/09/2010 - 11:27:34 RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2484072]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 14/07/2009 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 10/06/2009 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 13/07/2009 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.AA33FC47ED58C34E6E9261E4F850B7EB] - 14/06/2011 - 07:06:08 RSHAD . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl64.sys [51712]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 10/06/2009 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 01/08/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys [41272]

O58 - SDL:[MD5.B670C5D89F0726B7A2A7DFB4E968CDF8] - 15/06/2010 - 12:22:58 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\Windows\SysWOW64\pcampr5.sys [34688]

O58 - SDL:[MD5.ECD2F9D67B06606064DAF6961A6D5EFE] - 15/06/2010 - 12:22:58 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\Windows\SysWOW64\pcandis5.sys [32128]

~ Scan Drivers in 00mn 02s

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\adp94xx.sys - No object(No service) .(.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - LEGACY_ADP94XX

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\adpahci.sys - No object(No service) .(.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - LEGACY_ADPAHCI

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\adpu320.sys - No object(No service) .(.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - LEGACY_ADPU320

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\aliide.sys - No object(No service) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE

O64 - Services: CurCS - 11/03/2011 - C:\Windows\system32\drivers\amdsata.sys - No object(No service) .(.Advanced Micro Devices - AHCI 1.2 Device Driver.) - LEGACY_AMDSATA

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\amdsbs.sys - No object(No service) .(.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) - LEGACY_AMDSBS

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\arc.sys - No object(No service) .(.Adaptec, Inc. - Adaptec RAID Storport Driver.) - LEGACY_ARC

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\arcsas.sys - No object(No service) .(.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - LEGACY_ARCSAS

O64 - Services: CurCS - 04/07/2011 - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt(aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\cmdide.sys - No object(No service) .(.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) - LEGACY_CMDIDE

O64 - Services: CurCS - ??/??/???? - C:\Users\jp\AppData\Local\Temp\cpuz134\cpuz134_x64.sys (.not file.) - cpuz134 (cpuz134) .(...) - LEGACY_CPUZ134

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\elxstor.sys - No object(No service) .(.Emulex - Storport Miniport Driver for LightPulse HBA.) - LEGACY_ELXSTOR

O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\HpSAMD.sys - No object(No service) .(.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) - LEGACY_HPSAMD

O64 - Services: CurCS - 11/03/2011 - C:\Windows\system32\drivers\iaStorV.sys - No object(No service) .(.Intel Corporation - Intel Matrix Storage Manager driver - x64.) - LEGACY_IASTORV

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\iirsp.sys - No object(No service) .(.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - LEGACY_IIRSP

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_fc.sys - No object(No service) .(.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) - LEGACY_LSI_FC

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_sas.sys - No object(No service) .(.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) - LEGACY_LSI_SAS

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_sas2.sys - No object(No service) .(.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) - LEGACY_LSI_SAS2

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_scsi.sys - No object(No service) .(.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) - LEGACY_LSI_SCSI

O64 - Services: CurCS - 07/05/2010 - C:\Windows\system32\DRIVERS\LVPr2M64.sys - Logitech LVPr2M64 Driver (LVPr2M64) .(...) - LEGACY_LVPR2M64

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\megasas.sys - No object(No service) .(.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) - LEGACY_MEGASAS

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\MegaSR.sys - No object(No service) .(.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) - LEGACY_MEGASR

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\nfrd960.sys - No object(No service) .(.IBM Corporation - IBM ServeRAID Controller Driver.) - LEGACY_NFRD960

O64 - Services: CurCS - 11/03/2011 - C:\Windows\system32\drivers\nvraid.sys - No object(No service) .(.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) - LEGACY_NVRAID

O64 - Services: CurCS - 11/03/2011 - C:\Windows\system32\drivers\nvstor.sys - No object(No service) .(.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) - LEGACY_NVSTOR

O64 - Services: CurCS - 17/09/2009 - c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms - PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver(PCDSRVC{F36B3A4C-F95654BD-06000000}_0) .(.PC-Doctor, Inc. - Kernel Driver.) - L

O64 - Services: CurCS - 01/09/2010 - C:\Windows\system32\DRIVERS\psi_mf.sys - PSI(PSI) .(.Secunia - Secunia PSI Driver.) - LEGACY_PSI

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\ql2300.sys - No object(No service) .(.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) - LEGACY_QL2300

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\ql40xx.sys - No object(No service) .(.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) - LEGACY_QL40XX

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\SiSRaid2.sys - No object(No service) .(.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) - LEGACY_SISRAID2

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\sisraid4.sys - No object(No service) .(.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) - LEGACY_SISRAID4

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\stexstor.sys - No object(No service) .(.Promise Technology - Promise SuperTrak EX Series Driver for Win.) - LEGACY_STEXSTOR

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\viaide.sys - No object(No service) .(.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) - LEGACY_VIAIDE

O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\vsmraid.sys - No object(No service) .(.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) - LEGACY_VSMRAID

~ Scan Services in 00mn 02s

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - Google

O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - Orange : téléphones, forfaits, Internet, actualité, sport, video

O69 - SBI: SearchScopes [HKCU] {8C9F9B4E-AF36-46E4-887C-B0908BDD00DD} - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} [DefaultScope] - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {CC1DA801-494E-46CB-8994-45059DF5B853} - (Bing) - Bing

~ Scan Keys in 00mn 00s

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.09EFBD1B55619DD560618C6F1C67836E] [sPRF][16/08/2011] (.Adobe Systems Inc. - Adobe AIR Installer.) -- C:\Users\jp\Desktop\adobe-air_adobe_air_2.7.10.19610_francais_45240.exe [12997136]

[MD5.0CD613576E66287D222E4691BE7C8AB6] [sPRF][27/07/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r82.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2826192]

~ Scan Files in 00mn 00s

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "{FA092EBD-7E87-4A2C-BC47-602138CA15C1}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe

O87 - FAEL: "{AC8D9A84-D4B8-4D63-8FA6-52BAD66C4EDD}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Music Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe

O87 - FAEL: "{7F2FA3B6-B1AC-46A7-B134-C833DEC4C62F}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Photo Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe

O87 - FAEL: "{CC6DC75A-D252-43BD-9451-ACA57D280D70}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Video Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe

O87 - FAEL: "{B012D5B2-CCEA-470B-AD2E-EDBCE9589848}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

O87 - FAEL: "{9E270FED-BEFC-44B9-80BA-19A7A636A6F2}" | In - None - P6 - TRUE | .(.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

O87 - FAEL: "{941E6F55-1A83-4AC8-9D01-0D964C377A6F}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe

O87 - FAEL: "{06727D26-A540-4FF8-B3E4-58DE649D1D0C}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Update Client.) -- C:\Program Files (x86)\HP\hp software update\hpwucli.exe

O87 - FAEL: "{9033E4A0-9FC0-40E8-9A6F-E8ED9B114969}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "TCP Query User{3AA11E55-5BAD-4368-A63F-ECFCB02E772B}C:\program files (x86)\mozilla firefox\firefox.exe" | In - Public - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files (x86)\mozilla firefox\firefox.exe

O87 - FAEL: "UDP Query User{1401A75D-9312-44D3-8121-B36E1C16F872}C:\program files (x86)\mozilla firefox\firefox.exe" | In - Public - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files (x86)\mozilla firefox\firefox.exe

O87 - FAEL: "{628AC560-6A21-4610-A3B0-63586BAD52A5}" | In - Public - P6 - TRUE | .(.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe

O87 - FAEL: "{97933405-D949-47F7-92AF-1A5EC128A5BA}" | In - Public - P17 - TRUE | .(.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe

O87 - FAEL: "{B68EECC0-045F-4F09-8A11-B426B6621C9C}" | In - Domain - P17 - TRUE | .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe

O87 - FAEL: "{592268CC-9428-426B-9F15-3C63C3C753D5}" |In - Public - P6 - TRUE | .(...) -- E:\fscommand\CKSocketServer.exe (.not file.)

O87 - FAEL: "{21DACF0C-15D4-4816-B40F-7C4CF9352DB7}" |In - Public - P17 - TRUE | .(...) -- E:\fscommand\CKSocketServer.exe (.not file.)

O87 - FAEL: "{55DBB198-B24C-44CA-961C-26585C13409C}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe

O87 - FAEL: "{25CBC449-5167-4A88-81B9-DE7FE1926B50}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe

~ Scan Firewall in 00mn 01s

---\\ Scan Additionnel (O88)

Database Version : 8611 - (10/08/2011)

Clés trouvées (Keys found) : 5

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 3

Fichiers trouvés (Files found) : 0

[HKCU\Software\cacaoweb] =>PUP.CacaoWeb

[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb] =>PUP.CacaoWeb

[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit

[HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>Toolbar.Conduit

[HKLM\Software\Wow6432Node\Canneverbe Limited\OpenCandy] =>Adware.OpenCandy

C:\Users\jp\AppData\Roaming\cacaoweb =>PUP.CacaoWeb

C:\Users\jp\AppData\Roaming\iWin =>Adware.BHO

C:\Users\jp\AppData\LocalLow\uTorrentBar_FR =>Toolbar.Conduit

~ Scan Additionnel in 00mn 11s

---\\ Recherche détournement de DNS routeur (O89)

Serveur : livebox.home

Address: 192.168.1.1

DNS request timed out.

timeout was 2 seconds.

Nom : www.l.google.com

Addresses: 209.85.148.105

209.85.148.103

209.85.148.147

209.85.148.99

209.85.148.104

209.85.148.106

Aliases: www.google.fr

www.google.com

~ Scan DNS in 00mn 04s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 19/06/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

SR - | Auto 05/12/2009 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe

SR - | Auto 07/03/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SR - | Auto 04/07/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

SS - | Auto 11/06/2010 65536 | (FTRTSVC) . (.France Telecom SA.) - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

SS - | Demand 05/12/2009 250616 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

SS - | Demand 12/06/2010 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

SR - | Auto 20/12/2010 126520 | (HP Health Check Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

SR - | Auto 20/12/2010 92216 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

SS - | Demand 20/12/2010 751672 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

SS - | Demand 28/07/2011 934760 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SR - | Auto 20/09/2010 197976 | (LVPrcS64) . (.Logitech Inc..) - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

SS - | Auto 30/12/1899 0 | (Orange update Core Service) . (...) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe

SS - | Demand 05/12/2009 23536 | (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) . (.PC-Doctor, Inc..) - c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms

SR - | Auto 11/02/2011 993848 | (Secunia PSI Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\PSIA.exe

SR - | Auto 11/02/2011 399416 | (Secunia Update Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\sua.exe

SR - | Auto 01/04/2011 428640 | (UMVPFSrv) . (.Logitech Inc..) - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

~ Scan Services in 00mn 05s

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by jp at 16/08/2011 10:45:28

device: opened successfully

user: error reading MBR

Disk trace:

error: Read Descripteur non valide

kernel: error reading MBR

~ Scan MBR in 00mn 10s

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.gee k s tog

Run by jp at 16/08/2011 10:45:30

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 00mn 12s

End of the scan (1273 lines in 01mn 37s)(0)

Merci pour aide.

Cordialement.

tomtom95 · le 16 août 2011

Bonjour bocace

Je ne sais pas si on va pouvoir gérer ton problème avec Adobe AIR

Mais on va désinfecté ton pc.

Désactiver TeaTimer de spybot qui ne sert à rien et peut faire échouer une désinfection:!
Affiche d'abord le Mode Avancé dans Spybot
Options Avancées :
menu Mode
-Mode Avancé. Une colonne de menus apparaît dans la partie gauche :
clique sur Outils
clique sur Résident
-Dans Résident :
décoche Résident "TeaTimer" pour le désactiver.
Si dans Spybot S&D tu as vacciné
Sur l'onglet "vaccination"
Clique sur "Vaccination" dans la colonne sur la gauche :
Clique sur annuler (la flèche bleue) pour annuler la vaccination.
IMPORTANT Il faut aussi savoir que Spybot utilise une technologie dépassée.
Si vous ajoutez à cela les problèmes causés par la vaccination qui ralentit le système et TeaTimer qui peut faire obstacle à une désinfection..... voir pour le désinstaller du pc

Ferme toutes les applications ouvertes
Désactive tes défenses (anti-virus?anti-spyware)
Double-clique sur ZHPFix
Pour Vista et seven
fais un clique droit sur l'icône et exécute en tant qu'administrateur

Un raccourci installé par ZHPDiag sur le Bureau

Sélectionne et surligne correctement avec la souris et "Clique droit > "Copier" ou "Ctrl+C"
ces lignes ci dessous :
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
M2 - MFEP: prefs.js [jp - q3va42e4.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.17 (.http://www.cacaoweb.org/.)
R3 - URLSearchHook: (no name) [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (...) (No version) -- (.not file.)
O2 - BHO: (no name) [64Bits] - {1d970ed5-3eda-438d-bffd-715931e2775b} Clé orpheline
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{00D091AF-6896-4C64-93C6-3E8864FA9BD2}] (...) -- E:\INSTALL.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{30FEE51D-8347-47D6-8F19-D9F4BE8B4621}] (...) -- C:\Users\jp\Desktop\LB_v1.5.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{4A58CF47-4E0B-46D8-A116-1E288E7C593D}] (...) -- C:\Users\jp\Desktop\LB_v1.5.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{6B185A61-7740-4C18-8D8A-35F86C6AE038}] (...) -- E:\CEZANNE.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{6D1F8FA9-0EAE-4276-8A7F-B10A63054D19}] (...) -- E:\EINST31.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{7ABCF746-DEA2-4B10-901E-19B48FCF7FCC}] (...) -- E:\CEZANNE.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{85ACB3A3-8B12-46F5-BD7F-F8827EC9F5AF}] (...) -- E:\CEZANNE.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{B554FD16-8F93-4549-B108-FF2AC5FDDCC3}] (...) -- C:\Users\jp\Desktop\vlc-1.1.0-win32.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{B6768841-723E-45DD-B9B2-83CF730873FE}] (...) -- E:\EINST31.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{C6669194-B488-4DB9-8EDB-51F22D8895A1}] (...) -- C:\Users\jp\Desktop\vlc-1.1.0-win32.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{C6D6F35F-BDA7-48CA-9885-EECDBC76E8A3}] (...) -- C:\Users\jp\Desktop\vlc-1.1.0-win32.exe (.not file.)
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR]
[HKCU\Software\Norton]
[HKCU\Software\cacaoweb]
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb]
[HKLM\Software\Conduit]
[HKLM\Software\Wow6432Node\Conduit]
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR]
[HKLM\Software\Wow6432Node\Canneverbe Limited\OpenCandy]
O43 - CFD: 10/08/2011 - 09:44:56 - [3235044] ----D- C:\Users\jp\AppData\Roaming\cacaoweb
O43 - CFD: 16/06/2010 - 19:40:12 - [0] ----D- C:\Users\jp\AppData\Roaming\iWin
O43 - CFD: 18/12/2010 - 17:38:26 - [7626846] ----D- C:\Users\jp\AppData\Local\Ares
O47 - AAKE:Key Export SP - "C:\Users\jp\AppData\Roaming\cacaoweb\cacaoweb.exe" [Enabled] .(...) -- C:\Users\jp\AppData\Roaming\cacaoweb\cacaoweb.exe
O53 - SMSR:HKLM\...\startupreg\cacaoweb [Key] . (...) -- C:\Users\jp\AppData\Roaming\cacaoweb\cacaoweb.exe
O87 - FAEL: "{592268CC-9428-426B-9F15-3C63C3C753D5}" |In - Public - P6 - TRUE | .(...) -- E:\fscommand\CKSocketServer.exe (.not file.)
O87 - FAEL: "{21DACF0C-15D4-4816-B40F-7C4CF9352DB7}" |In - Public - P17 - TRUE | .(...) -- E:\fscommand\CKSocketServer.exe (.not file.)

Commande:
EmptyTemp
EmptyFlash
Clique successivement sur l'icône H (pour effacer le rapport qui s'est affiché) puis sur l'icône de la "malette cachée par la feuille" .
Vérifie que toutes les lignes que je t'ai demandé de copier sont dans la fenêtre.
Et seulement ces lignes
Puis clique sur le bouton [OK]
A ce moment apparaîtra au début de chaque ligne
une petite case vide. [ ]
Ensuite clique sur Tous puis sur Nettoyer
Valide par Oui la désinstallation des programmes si demandé
Laisse l'outil travailler. Si un redémarrage est demandé accepte et redémarre le PC
Le rapport ZHPFixReport.txt s'affiche. Copie-colle le contenu de ce rapport dans ta réponse.

Le rapport ZHPFixReport.txt est enregistré sous C:\Program files\ZHPFix\ZHPFixReport.txt

Télécharge sur le site AD-R (de C_XX) sur ton Bureau.

/!\ Ferme toutes applications en cours /!\
Double-clique sur le raccourci AD-R.exe (clique droit -> lancer en tant qu'administrateur ) qui est sur ton bureau pour lancer l'outil .
Au menu principal choisis l'option "Nettoyer" et tape sur [entrée] .

/!\ Laisse travailler l'outil et ne touche à rien /!\

Poste le rapport qui apparait à la fin .

( Le rapport est sauvegardé sous C:\Ad-report-clean-(date).log )

A+

bocace · le 17 août 2011

Bonjour Tomtom95

Merci de me répondre.

Je suis arrivé à l'instruction suivante : "Laisse l'outil travailler" Ce que j'ai fait.

Rapidement , j'ai eu le message auquel j'ai répondu ok : "violation d'accès à l'adresse 74E6FEB8 dans le module "KERNELBASEdll" lecture de l'adresse 0017004B"

La ligne verte de progression avance jusqu'au 3/4 de son parcours. Une heure après c'est toujours la même chose.

Qu'ai je raté?

@+

Bonjour bocace

Je ne sais pas si on va pouvoir gérer ton problème avec Adobe AIR

Mais on va désinfecté ton pc.

Désactiver TeaTimer de spybot qui ne sert à rien et peut faire échouer une désinfection:!
Affiche d'abord le Mode Avancé dans Spybot

Options Avancées :

menu Mode
-Mode Avancé. Une colonne de menus apparaît dans la partie gauche :

clique sur Outils

clique sur Résident
-Dans Résident :

décoche Résident "TeaTimer" pour le désactiver.

Si dans Spybot S&D tu as vacciné
Sur l'onglet "vaccination"

Clique sur "Vaccination" dans la colonne sur la gauche :

Clique sur annuler (la flèche bleue) pour annuler la vaccination.
IMPORTANT Il faut aussi savoir que Spybot utilise une technologie dépassée.

Si vous ajoutez à cela les problèmes causés par la vaccination qui ralentit le système et TeaTimer qui peut faire obstacle à une désinfection..... voir pour le désinstaller du pc

Ferme toutes les applications ouvertes

Désactive tes défenses (anti-virus?anti-spyware)

Double-clique sur ZHPFix
Pour Vista et seven
fais un clique droit sur l'icône et exécute en tant qu'administrateur

Un raccourci installé par ZHPDiag sur le Bureau

Sélectionne et surligne correctement avec la souris et "Clique droit > "Copier" ou "Ctrl+C"
ces lignes ci dessous :

Clique successivement sur l'icône H (pour effacer le rapport qui s'est affiché) puis sur l'icône de la "malette cachée par la feuille" .

Vérifie que toutes les lignes que je t'ai demandé de copier sont dans la fenêtre.

Et seulement ces lignes

Puis clique sur le bouton [OK]

A ce moment apparaîtra au début de chaque ligne
une petite case vide. [ ]

Ensuite clique sur Tous puis sur Nettoyer

Valide par Oui la désinstallation des programmes si demandé

Laisse l'outil travailler. Si un redémarrage est demandé accepte et redémarre le PC

Le rapport ZHPFixReport.txt s'affiche. Copie-colle le contenu de ce rapport dans ta réponse.

Le rapport ZHPFixReport.txt est enregistré sous C:\Program files\ZHPFix\ZHPFixReport.txt

Télécharge sur le site AD-R (de C_XX) sur ton Bureau.

/!\ Ferme toutes applications en cours /!\

Double-clique sur le raccourci AD-R.exe (clique droit -> lancer en tant qu'administrateur ) qui est sur ton bureau pour lancer l'outil .

Au menu principal choisis l'option "Nettoyer" et tape sur [entrée] .

/!\ Laisse travailler l'outil et ne touche à rien /!\

Poste le rapport qui apparait à la fin .

( Le rapport est sauvegardé sous C:\Ad-report-clean-(date).log )

A+

tomtom95 · le 17 août 2011

Bonjour bocace

Plusieurs chose peuvent être a l'origine de cette erreur.

Tu as bien lancer en tant qu'administrateur.?

Désactiver l'UAC de Seven

vas dans Démarrer
Panneau de configuration
Comptes et protection utilisateurs
Comptes d’utilisateurs
Note : pour accéder plus rapidement au compte d'utilisateur
tu peux cliquer directement sur ton image en haut du menu démarrer.
Modifier les paramètres de contrôle du compte d'utilisateur
Une fois parvenu à cette étape une fenêtre pop-up apparaît descendre le curseur en bas sur :
ne jamais m'avertir
redémarre ton pc pour prendre en compte cette modification.

Demarrer >> executer puis tape la commande :

regsvr32 ntdll.dll >> valide avec OK. tu risque d'avoir un message d'erreur.ignore-le

Ensuite

Rétablir les paramètres d’Internet Explorer
Clique sur Démarrer Tape la commande suivante dans la zone Rechercher
inetcpl.cpl puis tape sur [Entrée] :
Dans les Options Internet de IE.
Clique sur l'onglet Avancé.
Dans Réinitialiser les paramètres d'Internet Explorer,
clique sur Réinitialiser.
Coche la case supprimer les paramétre personnels
Clique ensuite une nouvelle fois sur Réinitialiser.
Lorsqu'Internet Explorer a terminé de réinitialiser les paramètres,
clique sur Rétablir les paramétre avancés
Clique sur appliquer
Fermer d'Internet Explorer

Aprés reprend ce script et refait ZHPFix

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
M2 - MFEP: prefs.js [jp - q3va42e4.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.17 (.http://www.cacaoweb.org/.)

R3 - URLSearchHook: (no name) [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (...) (No version) -- (.not file.)

O2 - BHO: (no name) [64Bits] - {1d970ed5-3eda-438d-bffd-715931e2775b} Clé orpheline

[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{00D091AF-6896-4C64-93C6-3E8864FA9BD2}] (...) -- E:\INSTALL.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{30FEE51D-8347-47D6-8F19-D9F4BE8B4621}] (...) -- C:\Users\jp\Desktop\LB_v1.5.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{4A58CF47-4E0B-46D8-A116-1E288E7C593D}] (...) -- C:\Users\jp\Desktop\LB_v1.5.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{6B185A61-7740-4C18-8D8A-35F86C6AE038}] (...) -- E:\CEZANNE.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{6D1F8FA9-0EAE-4276-8A7F-B10A63054D19}] (...) -- E:\EINST31.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{7ABCF746-DEA2-4B10-901E-19B48FCF7FCC}] (...) -- E:\CEZANNE.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{85ACB3A3-8B12-46F5-BD7F-F8827EC9F5AF}] (...) -- E:\CEZANNE.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{B554FD16-8F93-4549-B108-FF2AC5FDDCC3}] (...) -- C:\Users\jp\Desktop\vlc-1.1.0-win32.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{B6768841-723E-45DD-B9B2-83CF730873FE}] (...) -- E:\EINST31.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{C6669194-B488-4DB9-8EDB-51F22D8895A1}] (...) -- C:\Users\jp\Desktop\vlc-1.1.0-win32.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{C6D6F35F-BDA7-48CA-9885-EECDBC76E8A3}] (...) -- C:\Users\jp\Desktop\vlc-1.1.0-win32.exe (.not file.)

[HKCU\Software\AppDataLow\Software\uTorrentBar_FR]

[HKCU\Software\cacaoweb]

[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb]

[HKLM\Software\Conduit]

[HKLM\Software\Wow6432Node\Conduit]

[HKCU\Software\AppDataLow\Software\uTorrentBar_FR]

[HKLM\Software\Wow6432Node\Canneverbe Limited\OpenCandy]

O43 - CFD: 10/08/2011 - 09:44:56 - [3235044] ----D- C:\Users\jp\AppData\Roaming\cacaoweb

O43 - CFD: 16/06/2010 - 19:40:12 - [0] ----D- C:\Users\jp\AppData\Roaming\iWin

O43 - CFD: 18/12/2010 - 17:38:26 - [7626846] ----D- C:\Users\jp\AppData\Local\Ares

O47 - AAKE:Key Export SP - "C:\Users\jp\AppData\Roaming\cacaoweb\cacaoweb.exe" [Enabled] .(...) -- C:\Users\jp\AppData\Roaming\cacaoweb\cacaoweb.exe

O53 - SMSR:HKLM\...\startupreg\cacaoweb [Key] . (...) -- C:\Users\jp\AppData\Roaming\cacaoweb\cacaoweb.exe

HOSTFix

EmptyFlash

EmptyTemp

Si tu as toujour cette erreur lance AD-R

A+

bocace · le 18 août 2011

Bonjour Tomtom95,

J'ai bien lancé l'outil en tant qu'administrateur. Tu m'amènes sur des chemins que j'ignore totalement, car j'ai rencontré peu de problèmes de cette nature (débuté avec Windows 3.1, DD 850 MO, mémoire vive : j'ai oublié)

Je te remercie très sincèrement de ton aide

@+

Bonjour bocace

Plusieurs chose peuvent être a l'origine de cette erreur.

Tu as bien lancer en tant qu'administrateur.?

Désactiver l'UAC de Seven

vas dans Démarrer

Panneau de configuration

Comptes et protection utilisateurs

Comptes d'utilisateurs
Note : pour accéder plus rapidement au compte d'utilisateur
tu peux cliquer directement sur ton image en haut du menu démarrer.

Modifier les paramètres de contrôle du compte d'utilisateur
Une fois parvenu à cette étape une fenêtre pop-up apparaît descendre le curseur en bas sur :

ne jamais m'avertir
redémarre ton pc pour prendre en compte cette modification.

Demarrer >> executer puis tape la commande :

regsvr32 ntdll.dll >> valide avec OK. tu risque d'avoir un message d'erreur.ignore-le

Ensuite

Rétablir les paramètres d'Internet Explorer

Clique sur Démarrer Tape la commande suivante dans la zone Rechercher
inetcpl.cpl puis tape sur [Entrée] :
Dans les Options Internet de IE.

Clique sur l'onglet Avancé.

Dans Réinitialiser les paramètres d'Internet Explorer,

clique sur Réinitialiser.

Coche la case supprimer les paramétre personnels

Clique ensuite une nouvelle fois sur Réinitialiser.
Lorsqu'Internet Explorer a terminé de réinitialiser les paramètres,

clique sur Rétablir les paramétre avancés

Clique sur appliquer

Fermer d'Internet Explorer

Aprés reprend ce script et refait ZHPFix

Si tu as toujour cette erreur lance AD-R

A+

tomtom95 · le 18 août 2011

Bonjour bocace

Je comprends que ce n'est pas toujours facile, mais ton pc est infecté pour avancé, tu peux me posté les rapports stp.

Le rapport ZHPFixReport.txt est enregistré sur ton bureau ,ou sous C:\ZHP\ZHPFixReport.txt

Le rapport AD-R clean est sauvegardé sur ton bureau ,ou sous C:\Ad-report-clean-(date).log )

Quand tu me réponds il n'est pas nécessaire de remettre les indications. :grin6:

A+

bocace · le 19 août 2011

Bonjour Tomtom95,

Suite de mes tribulations. J'ai donc suivi tes instructions et repris ZHPFix, la barre de progression a avancé un peu plus loin que précédemment mais n'a pas terminé son parcours.

En désespoir de cause, j'ai lancé AD-R comme indiqué

Si tu as toujour cette erreur lance AD-R

voici le rapport :

(!) -- Fichiers temporaires supprimés.

Clé supprimée: HKLM\Software\Classes\SearchBar.Client

============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [5.0 (fr)] ****

HKLM_MozillaPlugins\Adobe Reader (x)

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Components\browsercomps.dll (Mozilla Foundation)

HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

-- C:\Users\jp\AppData\Roaming\Mozilla\FireFox\Profiles\q3va42e4.default --

Prefs.js - browser.download.dir, C:\\Users\\jp\\Desktop

Prefs.js - browser.search.selectedEngine, Wikipédia (fr)

Prefs.js - browser.startup.homepage, hxxp://www.google.fr/

Prefs.js - browser.startup.homepage_override.buildID, 20110615151330

Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

Prefs.js - keyword.URL, hxxp://www.bing.com/search?mkt=fr-FR&form=MIAWB2&q=

========================================

**** Internet Explorer Version [9.0.8112.16421] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_ElevationPolicy\{30E4B230-AC56-4D52-B19E-36E2C3A2804D} - C:\Users\jp\AppData\Local\Hook Network\Raccourcis Internet Explorer 9\2.0.0.1\IE9PinnedSitesHelper.exe (Hook Network)

HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)

HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)

BHO\{1d970ed5-3eda-438d-bffd-715931e2775b} (?)

BHO\{2E03C0FD-4C48-43A7-9A54-00240C70FF16} - "ECarteBleueBrowserHelper Class" (C:\Windows\SysWow64\BhoECart.dll)

BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files (x86)\Ad-Remover\Backup: 13 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 19/08/2011 09:28:28 (3354 Octet(s))

Fin à: 09:29:30, 19/08/2011

============== E.O.F ==============

Merci pour ta patience

@+

tomtom95 · le 19 août 2011

Bonjour bocace

Il manque le haut du rapport AD-R difficile pour moi de t'aider si j'ai que des bouts d'analyse de rapport

Télécharge la dernier version MalwareByte's sur ton Bureau.

Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées :
Branche tes supports externes sur le pc (Clé USB,Disque Dur,etc..)
Sans les ouvrirs
Exécute maintenant MalwareByte's Anti-Malware.Clique droit sur l'icône et "Exécuter en tant qu'administrateur"
sélectionne "Exécuter un examen complet".
Coche toutes les cases des lecteurs
Afin de lancer la recherche clique sur"Rechercher".
Une fois le scan terminé une fenêtre s'ouvre clique sur OK.
Si des infections sont présentes
clique sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
poste le rapport dans ta prochaine réponse.

REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression accepte en cliquant sur Ok.

A+

bocace · le 20 août 2011

Bonjour Tomtom95,

Imbécile que je suis, toutes mes excuses. :outch:

Je t'adresse le rapport complet + celui du nettoyage fait aujourd'hui.

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamx s cript.org

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 09:27:25 le 19/08/2011, Mode normal

Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)

jp@JP4PC (HP-Pavilion WC960AA-ABF p6335fr)

============== ACTION(S) ==============

(!) -- Fichiers temporaires supprimés.

Clé supprimée: HKLM\Software\Classes\SearchBar.Client

============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [5.0 (fr)] ****

HKLM_MozillaPlugins\Adobe Reader (x)

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Components\browsercomps.dll (Mozilla Foundation)

HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

-- C:\Users\jp\AppData\Roaming\Mozilla\FireFox\Profiles\q3va42e4.default --

Prefs.js - browser.download.dir, C:\\Users\\jp\\Desktop

Prefs.js - browser.search.selectedEngine, Wikipédia (fr)

Prefs.js - browser.startup.homepage, hxxp://www.google.fr/

Prefs.js - browser.startup.homepage_override.buildID, 20110615151330

Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

Prefs.js - keyword.URL, hxxp://www.bing.com/search?mkt=fr-FR&form=MIAWB2&q=

========================================

**** Internet Explorer Version [9.0.8112.16421] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_ElevationPolicy\{30E4B230-AC56-4D52-B19E-36E2C3A2804D} - C:\Users\jp\AppData\Local\Hook Network\Raccourcis Internet Explorer 9\2.0.0.1\IE9PinnedSitesHelper.exe (Hook Network)

HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)

HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)

BHO\{1d970ed5-3eda-438d-bffd-715931e2775b} (?)

BHO\{2E03C0FD-4C48-43A7-9A54-00240C70FF16} - "ECarteBleueBrowserHelper Class" (C:\Windows\SysWow64\BhoECart.dll)

BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files (x86)\Ad-Remover\Backup: 13 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 19/08/2011 09:28:28 (3354 Octet(s))

Fin à: 09:29:30, 19/08/2011

============== E.O.F ==============

Celui de ce jour :

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamx s cript.org

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 09:18:37 le 20/08/2011, Mode normal

Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)

jp@JP4PC (HP-Pavilion WC960AA-ABF p6335fr)

============== ACTION(S) ==============

(!) -- Fichiers temporaires supprimés.

============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [5.0 (fr)] ****

HKLM_MozillaPlugins\Adobe Reader (x)

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Components\browsercomps.dll (Mozilla Foundation)

HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

-- C:\Users\jp\AppData\Roaming\Mozilla\FireFox\Profiles\q3va42e4.default --

Prefs.js - browser.download.dir, C:\\Users\\jp\\Desktop

Prefs.js - browser.search.selectedEngine, Wikipédia (fr)

Prefs.js - browser.startup.homepage, hxxp://www.google.fr/

Prefs.js - browser.startup.homepage_override.buildID, 20110615151330

Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

Prefs.js - keyword.URL, hxxp://www.bing.com/search?mkt=fr-FR&form=MIAWB2&q=

========================================

**** Internet Explorer Version [9.0.8112.16421] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_ElevationPolicy\{30E4B230-AC56-4D52-B19E-36E2C3A2804D} - C:\Users\jp\AppData\Local\Hook Network\Raccourcis Internet Explorer 9\2.0.0.1\IE9PinnedSitesHelper.exe (Hook Network)

HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)

HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)

BHO\{1d970ed5-3eda-438d-bffd-715931e2775b} (?)

BHO\{2E03C0FD-4C48-43A7-9A54-00240C70FF16} - "ECarteBleueBrowserHelper Class" (C:\Windows\SysWow64\BhoECart.dll)

BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files (x86)\Ad-Remover\Backup: 28 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 19/08/2011 09:28:28 (3493 Octet(s))

C:\Ad-Report-CLEAN[2].txt - 20/08/2011 09:18:45 (3365 Octet(s))

Fin à: 09:19:51, 20/08/2011

============== E.O.F ==============

J'utilise malwaresByte's mis à jour régulièrement, lors des examens rapides pratiqués, les rapports indiquent 0 infection. Je vais donc m'empresser d' exécuter un examen complet.

Pour info je t'adresse le dernier pratiqué, si cela peut être utile :

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Version de la base de données: 7476

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

16/08/2011 08:45:01

mbam-log-2011-08-16 (08-45-01).txt

Type d'examen: Examen rapide

Elément(s) analysé(s): 170376

Temps écoulé: 3 minute(s), 1 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

@+

bocace · le 20 août 2011

Re

J'ai donc exécuté un examen complet avec MalwareByte's, dont voici le rapport :

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Version de la base de données: 7515

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

20/08/2011 10:59:10

mbam-log-2011-08-20 (10-59-10).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|)

Elément(s) analysé(s): 371450

Temps écoulé: 45 minute(s), 46 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

Merci et @+

Connexion

Pas encore inscrit ?

[Résolu] Adobe AIR

Messages recommandés

bocace

tomtom95

bocace

tomtom95

bocace

tomtom95

bocace

tomtom95

bocace

bocace

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer