Lenteur PC

[roland57]

Bonjour,

mon PC est devenu lent,la page d'accueil IE avait été changé sans que je le demande,je n'arrive pas à afficher. Si je veux afficher options des dossier un message me dit " cette opération a été annulée en raison de restrictions en viguer sur cet ordinateur "

Si vous pouviez me donner des indications , je vous remercie par avance de votre attention

 

Ci-dessous rapport HiackthisLogfile of Trend Micro HijackThis v2.0.4

Scan saved at 09:59:27, on 11/5/2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Mail\WinMail.exe

C:\ProgramData\FileOpen\Services\FileOpenBroker32.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\rundll32.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\Jérémy.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O1 - Hosts: ::1 localhost

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present

O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service de la passerelle de la couche Application (ALG) - Unknown owner - C:\Windows\System32\alg.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Informations d'application (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe

O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service de stratégie de diagnostic (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Protocole EAP (Extensible Authentication Protocol) (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: FileOpenManagerSvc - FileOpen Systems Inc. - C:\ProgramData\FileOpen\Services\FileOpenManagerSvc32.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: HsfXAudioService - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Modules de génération de clés IKE et AuthIP (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Énumérateur de bus IP PnP-X (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Assistance IP (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: Service KtmRm pour Distributed Transaction Coordinator (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Assistance NetBIOS sur TCP/IP (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: Connexions réseau (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: getPlus® Helper 3004 (nosGetPlusHelper) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Groupement de mise en réseau de pairs (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service de l’Assistant Compatibilité des programmes (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files\PC Tools Firewall Plus\FWService.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Agent de stratégie IPsec (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Emplacement protégé (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: Connectivité de l'appareil Windows Mobile (RapiMgr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Gestionnaire de connexion automatique d'accès distant (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Gestionnaire de connexions d'accès distant (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Configuration des services Terminal Server (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe

O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

O23 - Service: Découverte SSDP (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Acquisition d'image Windows (WIA) (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Téléphonie (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Services de base de module de plateforme sécurisée (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe

O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service hôte WDIServiceHost (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Hôte système de diagnostics (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Prise en charge de l’application Rapports et solutions aux problèmes du Panneau de configuration (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service de découverte automatique de Proxy Web pour les services HTTP Windows (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service de configuration automatique WLAN (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe

O23 - Service: @c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

O23 - Service: Centre de sécurité (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Windows Driver Foundation - Infrastructure de pilote mode-utilisateur (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 14968 bytes

[pear]

Bonjour,

 

Problème avec les options des dossiers

Faites d'abord un scan Antivirus

 

1)Copier /coller dans le bloc notes.(en vert)

Enregistrer sur le bureau sous explor.bat

Double clic sur le fichier .bat pour le lancer.

@echo off

regsvr32 /u shmedia.dll /s

regsvr32 /i browseui.dll /s

regsvr32 /i shell32.dll /s

 

 

2)Corriger les restrictions NoFolderOptions et NoSetFolders

Copier/coller ce qui suiten vertdans le bloc notes,

sans ligne blanche au début.mais une à la fin

Fichier ->Enregistrez sous..

Clic sur bureau à gauche

Dans type de fichier->Tous les fichiers

Dans Nom-> regis.reg.

Allez sur le bureau

Cliquez droit sur le fichier ->fusionner

Acceptez la modification du Régistre:

Windows Registry Editor Version 5.00

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]

"NoFolderOptions"=-

"NoSetFolders"=-

 

Si vous ne pouvez pas fusionner ou que vous avez un message du genre "n'est pas un fichier de régistre valide",

C'est parce que vous avez fait une erreur.

 

Les plus courantes:

 

Il faut une ligne blanche après Windows Registry Editor mais pas avant

Le fichier doit s'appeler regis.reg et non regis.reg.txt

Il faut une ligne blanche après le texte en vert

Dans la case Type vous devez choisir "Tous les Fichiers

 

 

Hijackthis ne vaut plus guère!

 

Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Double-cliquer sur ZHPDiag.exe pour installer l'outil

Sur le bureau ,il y aura 3 icônes

 

Sous XP, double clic sur l'icône ZhpDiag

Sous Vista/7, faire un clic droit et Exécuter en tant qu'administrateur

Cliquez sur le tounevis et choisissez Tous

En cas de blocage, sur O80 par exemple, cliquez sur le tournevis pour le décocher

 

Clic sur la Loupe pour lancer le scan

Postez le rapport ZhpDiag.txt qui apparait sur le bureau

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Autre solution:

Aller sur le site :Ci-Joint

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

 

[roland57]

Bonjour, merci de votre réponse, ci-dessous le rapport

 

Rapport de ZHPDiag v1.28.2221 par Nicolas Coolman, Update du 06/11/2011

Run by Jérémy at 11/6/2011 12:17:47

Web site : ZHPDiag Outil de diagnostic

State : Version à jour.

 

 

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421

MFIE: Mozilla Firefox 5.0 v5.0

GCIE: Google Chrome v14.0.835.202 (Defaut)

 

---\\ Windows Product Information

Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)

Windows Server License Manager Script : OK

~ Vista, OEM_SLP channel

System Locked Preinstallation (OEM_SLP) : OK

Windows ID Activation : OK

~ Windows Partial Key : HBTPB

Windows License : OK

Windows Automatic Updates : OK

 

---\\ System Information

~ Processor: x86 Family 6 Model 22 Stepping 1, GenuineIntel

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 2037.2 MB (60% free)

System Restore: Activé (Enable)

System drive C: has 14 GB (25%) free of 56 GB

 

---\\ Logged in mode

~ Computer Name: PC-DE-JÉRÉMY

~ User Name: Jérémy

~ All Users Names: SophosSAUPC-DE-JÉRÉ0, Jérémy, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82,O89

Logged in as Administrator

 

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\Jérémy\AppData\Roaming\

~ %Desktop% : C:\Users\Jérémy\Desktop\

~ %Favorites% : C:\Users\Jérémy\Favorites\

~ %LocalAppData% : C:\Users\Jérémy\AppData\Local\

~ %StartMenu% : C:\Users\Jérémy\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 14 Go of 56 Go)

E:\ Hard drive, Flash drive, Thumb drive (Free 8 Go of 55 Go)

F:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

~ Scan Security Center in 00mn 00s

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.9/16/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]

[MD5.4B555106290BD117334E9A08761C035A] - (....) (.11/2/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]

[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.1/21/2008 - 03:33:13.) -- C:\Windows\system32\Wininit.exe [96768]

[MD5.D3788D91530CFA005BD516189A4C676E] - (.Microsoft Corporation - Internet Extensions for Win32.) (.10/13/2011 - 03:28:15.) -- C:\Windows\system32\wininet.dll [1126912]

[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.9/16/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]

[MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.1/21/2008 - 08:20:47.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]

[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.6/16/2011 - 14:58:27.) -- C:\Windows\system32\drivers\AFD.sys [273408]

[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.9/16/2009 - 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]

[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.1/21/2008 - 03:33:23.) -- C:\Windows\system32\drivers\Cdfs.sys [70144]

[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.9/16/2009 - 05:39:17.) -- C:\Windows\system32\drivers\Cdrom.sys [67072]

[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.6/16/2011 - 15:59:03.) -- C:\Windows\system32\drivers\DfsC.sys [75264]

[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.9/16/2009 - 05:42:42.) -- C:\Windows\system32\drivers\HDAudBus.sys [561152]

[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.1/21/2008 - 03:32:45.) -- C:\Windows\system32\drivers\i8042prt.sys [54784]

[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.1/21/2008 - 03:34:06.) -- C:\Windows\system32\drivers\IpNat.sys [100864]

[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.6/16/2011 - 14:24:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [106496]

[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.9/16/2009 - 05:45:37.) -- C:\Windows\system32\drivers\netBT.sys [185856]

[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.9/16/2009 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]

[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.11/2/2006 - 09:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360]

[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.1/21/2008 - 03:34:44.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288]

[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.1/21/2008 - 03:32:22.) -- C:\Windows\system32\drivers\rdpdr.sys [248832]

[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.9/16/2009 - 05:45:22.) -- C:\Windows\system32\drivers\smb.sys [66560]

[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.9/16/2009 - 05:45:56.) -- C:\Windows\system32\drivers\tdx.sys [72192]

~ Scan Generic Processes in 00mn 00s

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 1/9

~ Mes musiques (My Musics) : 5/7

~ Mes Videos (My Video) : 0/0

~ Mes Favoris (My Favorites) : 4/855

~ Mes Documents (My Documents) : 4/252

~ Mon Bureau (My Desktop) : 1/76

~ Menu demarrer (Programs) : 7/41

~ Scan Hidden Files in 00mn 00s

 

 

 

---\\ Processus lancés

[MD5.6E240D6C2F0DB74BED13AD723D3AB0A1] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904] [PID.2316]

[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.2324]

[MD5.FFC7CF5E4DAEDC38A818E9890EF337D2] - (.PC Tools - PC Tools Firewall GUI.) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe [2676696] [PID.2332]

[MD5.4C1F26CFCA34E978CC1311F9F080F675] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.3996]

[MD5.7E9CC482832D7076D5F0418FBDAB3C6D] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [702464] [PID.3084]

[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.]

[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.]

[MD5.C0393EB99A6C72C6BEF9BFC4A72B33A6] - (.SUPERAntiSpyware.com - Core Service.) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608] [PID.]

[MD5.A1545B731579895D8CC44FC0481C1192] - (.Microsoft Corporation - Service de la passerelle de la couche Appli.) -- C:\Windows\System32\alg.exe [59392] [PID.]

[MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.]

[MD5.ACEDB7769F9043E869E252153487CC5C] - (.FileOpen Systems Inc. - FileOpen Manager Service (Hooker).) -- C:\ProgramData\FileOpen\Services\FileOpenManagerSvc32.exe [212352] [PID.]

[MD5.185DC440D18181D9FBB074C326A2D1D0] - (.PC Tools - PC Tools Firewall Plus service.) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe [287024] [PID.]

[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.]

[MD5.E47F35A87FF0DA38DEF37A0EB0C2D2DF] - (.TOSHIBA Corporation - TOSHIBA Navi Support Service.) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [83312] [PID.]

[MD5.C5AC715B65B01788ABC22D10749DDDD8] - (.TOSHIBA Corporation - TDCSrv Application.) -- C:\Windows\system32\TODDSrv.exe [129632] [PID.]

[MD5.DA6903958CBDC091FFCBBCA70CCFF34C] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [431456] [PID.]

[MD5.22690DFFC7F2A18279A7A0489AA02BAC] - (.TOSHIBA Corporation - TosIPCSrv.exe.) -- c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976] [PID.]

[MD5.CD5F291A1161F15896D1A4D63DAFF5DF] - (.Conexant Systems, Inc. - Modem Audio Service.) -- C:\Windows\system32\DRIVERS\xaudio.exe [386560] [PID.]

[MD5.94E920BE59B9AB65D95E582DBAA136AC] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [366152] [PID.]

[MD5.5DAF7081A4BB112FA3F1915819330A3E] - (...) -- C:\Program Files\ZHPDiag\pv.exe [61440] [PID.]

~ Scan Processes Running in 00mn 00s

 

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\Jérémy\AppData\Local\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] Google

~ Scan Google Browser in 00mn 00s

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\prefs.js

C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\user.js

M3 - MFPP: Plugins - [Jérémy] -- C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\searchplugins\aol-web-search.xml

M3 - MFPP: Plugins - [Jérémy] -- C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\searchplugins\SearchResults.xml

M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml

M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml

M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\SearchResults.xml

M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml

M2 - MFEP: prefs.js [Jérémy - 6u9moki1.default\[email protected]] [] Camfrog Web Plugin for Mozilla Firefox v2,0,6,81 (.Camshare Inc..)

P2 - FPN:Firefox Plugin Navigator . (.Ganymede Technologies - Ganymede Technologies.) -- C:\Program Files\Mozilla Firefox\Plugins\NPCARDS.dll

P2 - FPN:Firefox Plugin Navigator . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 1.9.0042.0.) -- C:\Program Files\Mozilla Firefox\Plugins\npLegitCheckPlugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Pando Networks - Pando Web Installer.) -- C:\Program Files\Mozilla Firefox\Plugins\npPandoWebInst.dll

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16297.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@canalplus.fr/Assistants VOD,version=1.0.0.0] - (.Canal+ Active - npCpVod.) -- C:\Program Files\Canal\Canal Widget\VOD\npcpvod.dll

P2 - FPN: [HKLM] [@checkpoint.com/FFApi] - (...) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll (.not file.)

P2 - FPN: [HKLM] [@glowria.fr/FireVMGate] - (. Glowria - npFireVMGate.) -- C:\Program Files\Common Files\Glowria\npFireVMGate.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation - Next Generation Java Plug-in 10.0.0 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@nosltd.com/getPlus+®,version=1.6.2.97] - (.NOS Microsystems Ltd. - getplusplusadobe16297.) -- C:\Program Files\NOS\bin\np_gp.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.10] - (.the VideoLAN Team - Version 1.1.10, copyright 1996-2011 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

P2 - FPN: [HKCU] [@megamedia/Megakey] - (...) -- C:\Users\Jérémy\AppData\Local\Megamedia\Megakey\npMegaPlugin.dll (.not file.)

~ Scan Firefox Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = MSN.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Bing

R3 - URLSearchHook: (no name) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (...) (No version) -- (.not file.)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

~ Scan IE Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

 

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

~ Scan Keys in 00mn 00s

 

 

 

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Run: [00PCTFW] . (.PC Tools - PC Tools Firewall GUI.) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

~ Scan Application in 00mn 00s

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe

O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

O4 - Global Startup: C:\Users\Jérémy\Desktop\CDisplay.lnk . (.David Ayton.) -- C:\Program Files\CDisplay\CDisplay.exe

O4 - Global Startup: C:\Users\Jérémy\Desktop\ClearProg.lnk . (.privat.) -- C:\Program Files\ClearProg\ClearProg.exe

O4 - Global Startup: C:\Users\Jérémy\Desktop\explorer - Raccourci.lnk . (.Microsoft Corporation.) -- C:\Windows\explorer.exe

O4 - Global Startup: C:\Users\Jérémy\Desktop\Format Factory.lnk . (.Free Time.) -- C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe

O4 - Global Startup: C:\Users\Jérémy\Desktop\Free Card Solitaire.lnk . (...) -- C:\Program Files\Free Card Solitaire\FreeCardSolitaire.exe (.not file.)

O4 - Global Startup: C:\Users\Jérémy\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\Jérémy\Desktop\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Jérémy\Desktop\MID 04112011 - Raccourci.lnk . (...) -- C:\Users\Jérémy\Documents\Downloads\Downloads\MID 04112011.pdf

O4 - Global Startup: C:\Users\Jérémy\Desktop\Notepad++.lnk . (.Don HO [email protected].) -- C:\Program Files\Notepad++\notepad++.exe

O4 - Global Startup: C:\Users\Jérémy\Desktop\SFR Video Manager.lnk . (.Glowria.) -- C:\Program Files\SFR\SFR.exe

O4 - Global Startup: C:\Users\Jérémy\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

O4 - Global Startup: C:\Users\Jérémy\Desktop\Toolbar Cleaner.lnk . (...) -- C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe

O4 - Global Startup: C:\Users\Jérémy\Desktop\Uniblue RegistryBooster.lnk . (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe

O4 - Global Startup: C:\Users\Jérémy\Desktop\Update Checker.lnk . (.FileHippo.com.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe

O4 - Global Startup: C:\Users\Jérémy\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - Global Startup: C:\Users\Jérémy\Desktop\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe

O4 - Global Startup: C:\Users\Jérémy\Desktop\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk . (...) -- C:\Windows\System32\rundll32.exe

O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Camfrog Video Chat 6.0.lnk . (.Camshare Inc..) -- C:\Program Files\Camfrog Video Chat\Camfrog Video Chat.exe

O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Restart MiniLyrics.lnk . (...) -- C:\Program Files\Minilyrics\MLStart.exe

O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk . (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\Launcher.exe

O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

~ Scan Global Startup in 00mn 00s

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Initex Software - Proxifier Namespace Service Provider.) -- C:\Windows\system32\PrxerNsp.dll

~ Scan Winsock in 00mn 00s

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{168D3F95-661C-4F32-A14F-E3CA8C44A73B}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{168D3F95-661C-4F32-A14F-E3CA8C44A73B}: DhcpNameServer = 192.168.1.1

~ Scan Domain in 00mn 00s

 

 

 

---\\ Protocole additionnel (O18)

O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} . (...) --

O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll

O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll

O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll

O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll

O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

~ Scan Protocole Additionnel in 00mn 00s

 

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

~ Scan Winlogon in 00mn 00s

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com - Core Service.) - C:\Program Files\SUPERAntiSpyware\SASCORE.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: FileOpenManagerSvc (FileOpenManagerSvc) . (.FileOpen Systems Inc. - FileOpen Manager Service (Hooker).) - C:\ProgramData\FileOpen\Services\FileOpenManagerSvc32.exe

O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) . (.PC Tools - PC Tools Firewall Plus service.) - C:\Program Files\PC Tools Firewall Plus\FWService.exe

O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) . (.TOSHIBA Corporation - TOSHIBA Navi Support Service.) - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe

O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA SMART Log Service (TOSHIBA SMART Log Service) . (.TOSHIBA Corporation - TosIPCSrv.exe.) - c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

O23 - Service: XAudioService (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe

~ Scan Services in 00mn 00s

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

 

 

 

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cc92a2347ffa26.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegistryBooster.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{53EA0F01-CCF3-49F5-9629-57C140689B59}.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{32C5F049-D596-49F1-8BB7-D09C3F529815}.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{A3E91B61-3BAE-408A-9CC2-5E4B09A99B67}.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{D96FE6C3-127C-47D4-B13B-E64A70DC9348}.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{F2C0A09A-CCD1-4F50-A560-CB4B2B98044C}.job

~ Scan Scheduled Task in 00mn 00s

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys

O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys

O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: (pctgntdi) . (.PC Tools - PC Tools Generic TDI Driver.) - C:\Windows\system32\drivers\pctgntdi.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys

O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: (RtlProt) . (.Windows ® Codename Longhorn DDK provider - Realtek Utility I/O Driver.) - C:\Windows\system32\DRIVERS\rtlprot.sys

O41 - Driver: (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys

O41 - Driver: (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys

O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}

O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Reader X (10.1.1) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AA1000000001}

O42 - Logiciel: Adobe Reader X (10.1.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: CDisplay 1.8 - (.dvd8n.) [HKLM] -- CDisplay_is1

O42 - Logiciel: Camera Assistant Software for Toshiba - (.Chicony Electronics Co.,Ltd..) [HKLM] -- {37C866E4-AA67-4725-9E95-A39968DD7960}

O42 - Logiciel: Camfrog Video Chat 6.0 - (.Camshare Inc..) [HKLM] -- Camfrog 6.0

O42 - Logiciel: Camfrog Web Advanced 2.0 ActiveX Plugin (remove only) - (.Pas de propriétaire.) [HKLM] -- CFWebAdvancedU2

O42 - Logiciel: CamfrogWEB Advanced ActiveX Plugin (remove only) - (.Pas de propriétaire.) [HKLM] -- CFWebAdvancedU

O42 - Logiciel: ClearProg 1.6.0 Final - (.Sven Hoffman.) [HKLM] -- ClearProg

O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}

O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: DVD MovieFactory for TOSHIBA - (.Ulead Systems, Inc..) [HKLM] -- {F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}

O42 - Logiciel: Desktop SMS - (.IDM.) [HKLM] -- {5980B928-1C95-4B3E-957B-B02D8147FF9E}

O42 - Logiciel: Désinstallation du SFR Video Manager - (.Pas de propriétaire.) [HKLM] -- SFR

O42 - Logiciel: Feedback Tool - (.Microsoft Corporation.) [HKLM] -- {13A5E785-5197-4EAD-8EE3-D660271E49BC}

O42 - Logiciel: FileHippo.com Update Checker - (.Pas de propriétaire.) [HKLM] -- FileHippo.com

O42 - Logiciel: FileOpen Client - (.FileOpen Systems, Inc..) [HKLM] -- {ABC082A6-A587-493C-83C1-5F2C60A8BAA8}

O42 - Logiciel: FormatFactory 2.70 - (.Free Time.) [HKLM] -- FormatFactory

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome

O42 - Logiciel: Google Désactivation du cookie publicitaire - (.Google Inc.) [HKLM] -- {F23785D1-8C3C-44A1-A765-13E1F4870223}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM] -- HPExtendedCapabilities

O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM] -- HP Imaging Device Functions

O42 - Logiciel: HP Photosmart Wireless B109n-z All-In-One Driver Software 13.0 Rel .6 - (.HP.) [HKLM] -- {722B4A13-F24D-43AE-8813-5DB82C0B23C2}

O42 - Logiciel: HP Print Projects 1.0 - (.HP.) [HKLM] -- HP Print Projects

O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing

O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools

O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {818ABC3C-635C-4651-8183-D0E9640B7DD1}

O42 - Logiciel: HTML Help Workshop - (.Pas de propriétaire.) [HKLM] -- HTML Help Workshop

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI

O42 - Logiciel: Intel® Matrix Storage Manager - (.Pas de propriétaire.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}

O42 - Logiciel: Java 6 Update 22 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216022F0}

O42 - Logiciel: Java 6 Update 26 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216026FF}

O42 - Logiciel: Java 7 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217000FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: Lecteur CANAL - (.CanalPlus.) [HKLM] -- {04DA096D-6236-4A5D-8FB6-3081E67009BA}

O42 - Logiciel: Lecteur CANALPLAY 2.4 - (.Canal+ Distribution.) [HKLM] -- {E9E37358-E3E1-47BA-9E21-375EF3616BC9}

O42 - Logiciel: Lyrics Plugin for Windows Media Player - (.Lyrics Plugin.) [HKLM] -- {43002AE2-4093-49E0-A03D-990EE184C568}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Manuels TOSHIBA - (.TOSHIBA.) [HKLM] -- {5B1DD5AA-FF34-4D6E-A912-CB46BB7378DC}

O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}

O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM] -- {50816F92-1652-4A7C-B9BC-48F682742C4B}

O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Minilyrics(remove only) - (.Pas de propriétaire.) [HKLM] -- MiniLyrics

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Moniteur neufbox - (.Pas de propriétaire.) [HKCU] -- Moniteur neufbox

O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr)

O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM] -- Notepad++

O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {05653DE1-6567-40C6-B930-39D399B64369}

O42 - Logiciel: PC Tools Firewall Plus 7.0 - (.PC Tools.) [HKLM] -- PC Tools Firewall Plus

O42 - Logiciel: Proxifier version 2.91 - (.Initex Software.) [HKLM] -- Proxifier_is1

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}

O42 - Logiciel: REALTEK RTL8187B Wireless LAN Driver - (.Pas de propriétaire.) [HKLM] -- {895722FE-25FE-4854-95AC-B0C42F9DBEDA}

O42 - Logiciel: Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}

O42 - Logiciel: Realtek WiFi Protected Setup Library - (.REALTEK Semiconductor Corp..) [HKLM] -- {02CA24DD-C8B0-4280-BE53-7862869C2EB1}

O42 - Logiciel: Réducteur de bruit du lecteur de CD/DVD - (.TOSHIBA.) [HKLM] -- {9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}

O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit

O42 - Logiciel: SFR - Mediacenter Evolution - (.SFR.) [HKLM] -- SFR_Mediacenter Evolution

O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870

O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}

O42 - Logiciel: Songbird 1.9.3 (Build 1959) - (.Pas de propriétaire.) [HKLM] -- Songbird-release-1959

O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 8 - (.Adobe Systems.) [HKLM] -- {AC76BA86-7AD7-5464-3428-800000000003}

O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA.) [HKLM] -- {12B3A009-A080-4619-9A2A-C6DB151D8D67}

O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.) [HKLM] -- {78C6A78A-8B03-48C8-A47C-78BA1FCA2307}

O42 - Logiciel: TOSHIBA DVD PLAYER - (.TOSHIBA Corporation.) [HKLM] -- {6C5F3BDC-0A1B-4436-A696-5939629D5C31}

O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0}

O42 - Logiciel: TOSHIBA Extended Tiles for Windows Mobility Center - (.Toshiba.) [HKLM] -- InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}

O42 - Logiciel: TOSHIBA Hardware Setup - (.Pas de propriétaire.) [HKLM] -- {2883F6F5-0509-43F3-868C-D50330DD9DD3}

O42 - Logiciel: TOSHIBA Recovery Disc Creator - (.TOSHIBA.) [HKLM] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}

O42 - Logiciel: TOSHIBA Supervisor Password - (.Pas de propriétaire.) [HKLM] -- {4B1E87C3-00DE-4898-8E39-E390AAEF2391}

O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}

O42 - Logiciel: TRDCReminder - (.TOSHIBA.) [HKLM] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}

O42 - Logiciel: TRORDCLauncher - (.TOSHIBA.) [HKLM] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}

O42 - Logiciel: Toolbar Cleaner 1.0 - (.Visicom Media Inc..) [HKLM] -- Toolbar Cleaner

O42 - Logiciel: Toshiba Online Product Information - (.TOSHIBA.) [HKLM] -- {2290A680-4083-410A-ADCC-7092C67FC052}

O42 - Logiciel: Uniblue DriverScanner - (.Uniblue Systems Ltd.) [HKLM] -- {C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1

O42 - Logiciel: Uniblue PowerSuite - (.Uniblue Systems Ltd.) [HKLM] -- {793A260C-CDBF-499C-ABBA-B51E8E076867}_is1

O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- Uniblue RegistryBooster

O42 - Logiciel: Uniblue SpeedUpMyPC - (.Uniblue Systems Ltd.) [HKLM] -- {E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523

O42 - Logiciel: VLC media player 1.1.10 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}

O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01

O42 - Logiciel: Visual IP Locator v1.4.0 - (.Pas de propriétaire.) [HKLM] -- Visual IP Locator v1.4.0

O42 - Logiciel: Webcam 1200 - (.Logitech.) [HKLM] -- {66D475AE-F18B-43A0-8BAF-61AF4403E339}

O42 - Logiciel: WinRAR 4.10 beta 1 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver

O42 - Logiciel: WinTask 3.7a - (.TaskWare.) [HKLM] -- {15A6D20D-E6A1-49AE-8BCA-CFBCF25DE5FD}

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {FE044230-9CA5-43F7-9B58-5AC5A28A1F33}

O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {759142E8-25B0-42AE-B408-4215065D3F4B}

O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}

O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {C861504E-2F57-4F95-AB0A-C7C7D8E46A4E}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {C66824E4-CBB3-4851-BB3F-E8CFD6350923}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {A0C91188-C88F-4E86-93E6-CD7C9A266649}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}

O42 - Logiciel: Windows Live Mesh ActiveX Control for Remote Connections - (.Microsoft Corporation.) [HKLM] -- {2902F983-B4C1-44BA-B85D-5C6D52E2C441}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11}

O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {19BA08F7-C728-469C-8A35-BFBD3633BE08}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}

O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- Windows Live OneCare safety scanner

O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- {FE0646A7-19D0-41B4-A2BB-2C35D644270D}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {D436F577-1695-4D2F-8B44-AC76C99E0002}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {34F4D9A4-42C2-4348-BEF4-E553C84549E7}

O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {464B3406-A4D0-4914-910F-7CA4380DCC13}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}

O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {17504ED4-DB08-40A8-81C2-27D8C01581DA}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AB93C51F-71F9-4A28-8134-FE1B5B9373E9}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAF454FC-82CA-4F29-AB31-6A109485E76E}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {DDC8BDEE-DCAC-404D-8257-3E8D4B782467}

O42 - Logiciel: Windows Mail Recovery v.1.1 - (.NSoftware.) [HKLM] -- Windows Mail Recovery_is1

O42 - Logiciel: Xvid 1.2.2 final uninstall - (.Xvid team (Koepi).) [HKLM] -- Xvid_is1

O42 - Logiciel: uTorrentBar_FR Toolbar - (.uTorrentBar_FR.) [HKLM] -- uTorrentBar_FR Toolbar

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ACP]

[HKCU\Software\ASProtect]

[HKCU\Software\AVS4YOU]

[HKCU\Software\Adobe]

[HKCU\Software\AhnLab]

[HKCU\Software\Ahusoft]

[HKCU\Software\Almaz Gaifullin]

[HKCU\Software\AnyBizSoft]

[HKCU\Software\AppDataLow\ISWVolatile]

[HKCU\Software\AppDataLow\Software\Adobe]

[HKCU\Software\AppDataLow\Software\DivXNetworks]

[HKCU\Software\AppDataLow\Software\Google]

[HKCU\Software\AppDataLow\Software\Macromedia]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Monitored]

[HKCU\Software\AppDataLow\Software\Yahoo]

[HKCU\Software\AppDataLow\Software\cooliris]

[HKCU\Software\AppDataLow\Software\settings]

[HKCU\Software\AppDataLow\Software\uTorrentBar_FR]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Applications WinDev]

[HKCU\Software\AutomateBuilder]

[HKCU\Software\Avira]

[HKCU\Software\Belarc]

[HKCU\Software\Binary Noise]

[HKCU\Software\BitDefender]

[HKCU\Software\BitTorrent]

[HKCU\Software\Borland]

[HKCU\Software\CDDB]

[HKCU\Software\CDisplay]

[HKCU\Software\CEC_CM_SW]

[HKCU\Software\CLSID]

[HKCU\Software\CTPW Data]

[HKCU\Software\CamfrogWEBAdvanced]

[HKCU\Software\CamfrogWeb]

[HKCU\Software\Camfrog]

[HKCU\Software\Canal+ Active]

[HKCU\Software\Classes.crx]

[HKCU\Software\Classes]

[HKCU\Software\ClearProg]

[HKCU\Software\Clementine]

[HKCU\Software\Clients]

[HKCU\Software\Convar]

[HKCU\Software\CoreAAC]

[HKCU\Software\CrystalIdea Software]

[HKCU\Software\DFX]

[HKCU\Software\DT Soft]

[HKCU\Software\Digital River]

[HKCU\Software\Ditto]

[HKCU\Software\DivXNetworks]

[HKCU\Software\Dx6.2]

[HKCU\Software\EA Sports]

[HKCU\Software\EASEUS]

[HKCU\Software\Electronic Arts]

[HKCU\Software\F-Secure]

[HKCU\Software\FileHippo.com]

[HKCU\Software\FileMaker]

[HKCU\Software\FileOpen]

[HKCU\Software\FreeTime]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\Gadwin Systems]

[HKCU\Software\GanymedeNet]

[HKCU\Software\Garmin]

[HKCU\Software\Google]

[HKCU\Software\Greatis]

[HKCU\Software\HP]

[HKCU\Software\Haali]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\IDM]

[HKCU\Software\IM Providers]

[HKCU\Software\Informer Technologies, Inc.]

[HKCU\Software\Initex Software]

[HKCU\Software\Intel]

[HKCU\Software\InterVideo]

[HKCU\Software\JavaSoft]

[HKCU\Software\Jjvkpcpg]

[HKCU\Software\Jouve]

[HKCU\Software\KC Softwares]

[HKCU\Software\Kommute]

[HKCU\Software\Lavalys]

[HKCU\Software\Licenses]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Lyrics Plugin]

[HKCU\Software\Macromedia]

[HKCU\Software\Macrovision]

[HKCU\Software\Magnet]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MimarSinan]

[HKCU\Software\MiniLyrics]

[HKCU\Software\Mirabilis]

[HKCU\Software\Mozilla Backup]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\Multi File Downloader]

[HKCU\Software\MyCompany]

[HKCU\Software\NASA]

[HKCU\Software\Netscape]

[HKCU\Software\Network Automation]

[HKCU\Software\Neuf]

[HKCU\Software\Nicolas Vannier]

[HKCU\Software\NoNonsense]

[HKCU\Software\ODBC]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\PC SOFT]

[HKCU\Software\PCTools]

[HKCU\Software\Permeo Technologies]

[HKCU\Software\Pinnacle Systems]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\RAD Game Tools]

[HKCU\Software\RapidSolution]

[HKCU\Software\RayV]

[HKCU\Software\RealNetworks]

[HKCU\Software\Recoveronix]

[HKCU\Software\Rep-Listing]

[HKCU\Software\SFR]

[HKCU\Software\SHOUTcast]

[HKCU\Software\SST Incorporated]

[HKCU\Software\SUPERAntiSpyware.com]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\SecuROM]

[HKCU\Software\Secunia]

[HKCU\Software\Siber Systems]

[HKCU\Software\Skype]

[HKCU\Software\SoftBulldog]

[HKCU\Software\Softonic]

[HKCU\Software\Songbird]

[HKCU\Software\StarSynergy]

[HKCU\Software\Stardock]

[HKCU\Software\Strius]

[HKCU\Software\Synaptics]

[HKCU\Software\Sysinternals]

[HKCU\Software\TOSHIBA]

[HKCU\Software\TVANTS]

[HKCU\Software\TaskWare]

[HKCU\Software\TeamViewer]

[HKCU\Software\ToolbarCleaner]

[HKCU\Software\Trolltech]

[HKCU\Software\TuneUp]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\Veoh]

[HKCU\Software\W3i, LLC]

[HKCU\Software\WideStream]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\WsAudio_DeviceS(1)]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Zone Labs]

[HKCU\Software\ej-technologies]

[HKCU\Software\geissplugin]

[HKCU\Software\keyhole.com]

[HKCU\Software\www.VictorGSM.net]

[HKCU\Software\xp-AntiSpy]

[HKLM\Software\AVS4YOU]

[HKLM\Software\Adobe]

[HKLM\Software\Ahnlab]

[HKLM\Software\America Online]

[HKLM\Software\AnyBizSoft]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\AviSynth]

[HKLM\Software\Avira]

[HKLM\Software\Belarc]

[HKLM\Software\Borland]

[HKLM\Software\CDDB]

[HKLM\Software\CUSTPDF Writer]

[HKLM\Software\CXT]

[HKLM\Software\Canal+ Active]

[HKLM\Software\CheckPoint]

[HKLM\Software\Chicony Electronics Co.,Ltd.]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Common Toolkit Suite]

[HKLM\Software\Conexant Systems]

[HKLM\Software\Conexant]

[HKLM\Software\DFX]

[HKLM\Software\DT Soft]

[HKLM\Software\Daniusoft]

[HKLM\Software\DivXNetworks]

[HKLM\Software\EA SPORTS]

[HKLM\Software\Electronic Arts]

[HKLM\Software\Elf_1.15]

[HKLM\Software\Eset]

[HKLM\Software\GNU]

[HKLM\Software\GPL Ghostscript]

[HKLM\Software\Google]

[HKLM\Software\Greatis]

[HKLM\Software\HaaliMkx]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\IDM]

[HKLM\Software\Initex Software]

[HKLM\Software\InstallShield]

[HKLM\Software\InstalledOptions]

[HKLM\Software\Intel]

[HKLM\Software\InterVideo]

[HKLM\Software\JavaSoft]

[HKLM\Software\Jjvkpcpg]

[HKLM\Software\Jouve]

[HKLM\Software\JreMetrics]

[HKLM\Software\KC Softwares]

[HKLM\Software\LG PC Suite2]

[HKLM\Software\Licenses]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\McAfee.com]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NOS]

[HKLM\Software\Network Automation]

[HKLM\Software\Neuf]

[HKLM\Software\Nullsoft]

[HKLM\Software\ODBC]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\PCTools]

[HKLM\Software\Panda Software]

[HKLM\Software\PegasusImaging]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\RAD Game Tools]

[HKLM\Software\RTLSetup]

[HKLM\Software\RapidSolution]

[HKLM\Software\RealNetworks]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek USB 2.0 Card Reader]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Returnil]

[HKLM\Software\RtWLan]

[HKLM\Software\S3R521]

[HKLM\Software\SRS Labs]

[HKLM\Software\SUPERAntiSpyware.com]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\ScanSoft]

[HKLM\Software\Secunia]

[HKLM\Software\SecureDigitalServices]

[HKLM\Software\Siber Systems]

[HKLM\Software\Songbird]

[HKLM\Software\Stardock]

[HKLM\Software\Suyin Optronics Corp]

[HKLM\Software\Swearware]

[HKLM\Software\Symantec]

[HKLM\Software\Synaptics]

[HKLM\Software\Sys Modules]

[HKLM\Software\TOSHIBA]

[HKLM\Software\TaskWare]

[HKLM\Software\TrendMicro]

[HKLM\Software\TuneUp]

[HKLM\Software\Ulead Systems]

[HKLM\Software\Uniblue]

[HKLM\Software\VictorGSM]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\W3i]

[HKLM\Software\WOW6432Node]

[HKLM\Software\Waves Audio]

[HKLM\Software\WinRAR]

[HKLM\Software\Windows]

[HKLM\Software\Wise Solutions]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Xing Technology Corp.]

[HKLM\Software\Zone Labs]

[HKLM\Software\afplanet]

[HKLM\Software\instinno]

[HKLM\Software\mozilla.org]

[HKLM\Software\uTorrentBar_FR]

[HKLM\Software\vectrics]

~ Scan Softwares in 00mn 00s

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 4/18/2011 - 17:37:20 - [217088358] ----D- C:\Program Files\Adobe

O43 - CFD: 1/19/2010 - 09:53:30 - [41648511] ----D- C:\Program Files\adslTV

O43 - CFD: 10/19/2009 - 07:33:00 - [60460859] ----D- C:\Program Files\AhnLab

O43 - CFD: 4/22/2011 - 09:45:08 - [0] ----D- C:\Program Files\AnglaisFacile.com

O43 - CFD: 8/7/2009 - 14:45:24 - [2221118] ----D- C:\Program Files\Apple Software Update

O43 - CFD: 11/14/2010 - 17:21:20 - [149951293] ----D- C:\Program Files\Avira

O43 - CFD: 10/11/2011 - 21:21:56 - [1123912] ----D- C:\Program Files\AVS4YOU

O43 - CFD: 11/17/2010 - 08:43:00 - [64838844] ----D- C:\Program Files\Camera Assistant Software for Toshiba

O43 - CFD: 4/7/2011 - 18:16:22 - [16773297] ----D- C:\Program Files\Camfrog Video Chat

O43 - CFD: 2/7/2009 - 15:24:40 - [4096215] ----D- C:\Program Files\Canal

O43 - CFD: 10/26/2011 - 11:18:08 - [4233624] ----D- C:\Program Files\CCleaner

O43 - CFD: 6/23/2011 - 23:48:48 - [2044187] ----D- C:\Program Files\CDisplay

O43 - CFD: 5/8/2011 - 08:28:20 - [16886518] ----D- C:\Program Files\CFWebAdvancedU2

O43 - CFD: 12/1/2010 - 08:50:26 - [402413] ----D- C:\Program Files\CheckPoint

O43 - CFD: 6/24/2011 - 17:30:58 - [647731] ----D- C:\Program Files\ClearProg

O43 - CFD: 7/28/2011 - 17:43:24 - [632824261] ----D- C:\Program Files\Common Files

O43 - CFD: 9/9/2010 - 08:14:50 - [304608] ----D- C:\Program Files\DIFX

O43 - CFD: 7/13/2009 - 17:51:58 - [406656] ----D- C:\Program Files\DNA

O43 - CFD: 3/21/2009 - 21:39:18 - [1748992] ----D- C:\Program Files\ELIXIS

O43 - CFD: 2/16/2011 - 17:35:36 - [2394144] ----D- C:\Program Files\Feedback Tool

O43 - CFD: 11/21/2008 - 15:12:38 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 7/13/2011 - 18:19:40 - [381086] ----D- C:\Program Files\FileHippo.com

O43 - CFD: 4/15/2011 - 08:39:58 - [886664] ----D- C:\Program Files\FileOpen

O43 - CFD: 7/27/2011 - 15:12:16 - [12612481] ----D- C:\Program Files\Free mp3 Wma Converter

O43 - CFD: 7/22/2011 - 11:09:54 - [105248707] ----D- C:\Program Files\FreeTime

O43 - CFD: 3/27/2011 - 22:20:14 - [376510474] ----D- C:\Program Files\Google

O43 - CFD: 8/5/2010 - 13:55:08 - [196439049] ----D- C:\Program Files\HP

O43 - CFD: 9/16/2009 - 19:51:54 - [3982892] ----D- C:\Program Files\HTML Help Workshop

O43 - CFD: 2/15/2008 - 15:29:10 - [15909978] ----D- C:\Program Files\IDM

O43 - CFD: 9/28/2009 - 16:04:32 - [842198] ----D- C:\Program Files\IEPro

O43 - CFD: 4/22/2011 - 17:35:20 - [141427916] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 11/21/2008 - 15:04:36 - [38935307] ----D- C:\Program Files\Intel

O43 - CFD: 10/13/2011 - 04:39:48 - [6490044] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 2/15/2008 - 15:14:16 - [23151528] ----D- C:\Program Files\InterVideo

O43 - CFD: 9/5/2011 - 12:57:02 - [280044672] ----D- C:\Program Files\Java

O43 - CFD: 10/22/2009 - 19:28:04 - [10254287] ----D- C:\Program Files\Lecteur CANALPLAY

O43 - CFD: 11/2/2011 - 09:22:40 - [7037566] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 4/7/2010 - 12:58:18 - [4666344] ----D- C:\Program Files\Messenger Plus! Live

O43 - CFD: 7/14/2011 - 08:19:36 - [0] ----D- C:\Program Files\Microsoft

O43 - CFD: 5/2/2010 - 05:05:02 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 11/2/2006 - 13:35:52 - [518] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 7/14/2011 - 08:21:54 - [0] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 4/10/2009 - 23:03:12 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 9/14/2010 - 02:02:22 - [15715] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 4/1/2011 - 14:14:08 - [5066434] ----D- C:\Program Files\Minilyrics

O43 - CFD: 5/26/2009 - 20:19:58 - [7702747] ----D- C:\Program Files\Moniteur neufbox

O43 - CFD: 8/12/2010 - 04:47:18 - [20470054] ----D- C:\Program Files\Movie Maker

O43 - CFD: 11/2/2011 - 18:44:20 - [38829354] ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 11/2/2006 - 13:35:52 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 7/12/2009 - 19:03:36 - [28077075] ----D- C:\Program Files\MSECache

O43 - CFD: 5/9/2009 - 10:34:08 - [18960593] ----D- C:\Program Files\Neuf

O43 - CFD: 1/19/2011 - 14:11:58 - [74336] ----D- C:\Program Files\NOS

O43 - CFD: 7/13/2011 - 18:23:38 - [14360284] ----D- C:\Program Files\Notepad++

O43 - CFD: 4/18/2011 - 18:49:24 - [408238496] ----D- C:\Program Files\OpenOffice.org 3

O43 - CFD: 8/22/2011 - 10:44:08 - [28394828] ----D- C:\Program Files\PC Tools Firewall Plus

O43 - CFD: 9/28/2009 - 15:58:14 - [1129788] ----D- C:\Program Files\Power IE

O43 - CFD: 4/8/2011 - 17:29:48 - [6416120] ----D- C:\Program Files\Prevx

O43 - CFD: 3/28/2011 - 14:01:30 - [2170290] ----D- C:\Program Files\Proxifier

O43 - CFD: 3/3/2011 - 16:49:18 - [76502779] ----D- C:\Program Files\QuickTime

O43 - CFD: 11/21/2008 - 15:21:34 - [24682747] ----D- C:\Program Files\Realtek

O43 - CFD: 11/21/2008 - 15:19:56 - [850757] ----D- C:\Program Files\REALTEK RTL8187B Wireless LAN Driver

O43 - CFD: 11/2/2006 - 13:35:52 - [38694657] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 10/26/2009 - 14:35:00 - [15697422] ----D- C:\Program Files\ScanSoft

O43 - CFD: 12/25/2010 - 16:37:02 - [3700971] ----D- C:\Program Files\Secunia

O43 - CFD: 11/5/2011 - 09:25:34 - [50850583] ----D- C:\Program Files\SFR

O43 - CFD: 3/15/2011 - 09:24:48 - [59818360] ----D- C:\Program Files\Songbird

O43 - CFD: 11/4/2011 - 16:41:42 - [54934124] ----D- C:\Program Files\Spybot - Search & Destroy

O43 - CFD: 10/26/2011 - 10:37:14 - [73902015] ----D- C:\Program Files\SUPERAntiSpyware

O43 - CFD: 2/15/2008 - 14:54:58 - [15544054] ----D- C:\Program Files\Synaptics

O43 - CFD: 4/28/2011 - 21:54:30 - [577148] ----D- C:\Program Files\Toolbar Cleaner

O43 - CFD: 10/15/2009 - 13:59:10 - [211292262] ----D- C:\Program Files\TOSHIBA

O43 - CFD: 12/20/2008 - 22:25:18 - [801] ----D- C:\Program Files\Toshiba TEMPRO

O43 - CFD: 11/5/2011 - 09:58:50 - [27642462] ----D- C:\Program Files\trend micro

O43 - CFD: 2/15/2008 - 15:10:18 - [421716899] ----D- C:\Program Files\Ulead Systems

O43 - CFD: 7/14/2011 - 05:45:34 - [81777644] ----D- C:\Program Files\Uniblue

O43 - CFD: 11/2/2006 - 13:58:20 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 4/14/2011 - 06:03:38 - [223469] ----D- C:\Program Files\uTorrentBar_FR

O43 - CFD: 11/26/2009 - 19:47:08 - [84966644] ----D- C:\Program Files\VideoLAN

O43 - CFD: 6/24/2011 - 17:38:20 - [599767] ----D- C:\Program Files\Visual IP Locator

O43 - CFD: 4/15/2011 - 12:51:22 - [0] ----D- C:\Program Files\VS Revo Group

O43 - CFD: 10/18/2009 - 17:34:04 - [6347732] ----D- C:\Program Files\Webcam 1200

O43 - CFD: 7/29/2011 - 12:38:20 - [17051426] ----D- C:\Program Files\Winamp

O43 - CFD: 9/16/2009 - 20:00:22 - [1016832] ----D- C:\Program Files\Windows Calendar

O43 - CFD: 9/16/2009 - 20:00:22 - [2737152] ----D- C:\Program Files\Windows Collaboration

O43 - CFD: 9/16/2009 - 20:00:20 - [4490624] ----D- C:\Program Files\Windows Defender

O43 - CFD: 7/14/2011 - 08:14:04 - [208340514] ----D- C:\Program Files\Windows Live

O43 - CFD: 8/26/2009 - 23:10:16 - [33023766] ----D- C:\Program Files\Windows Live Safety Center

O43 - CFD: 10/13/2011 - 04:39:48 - [8935608] ----D- C:\Program Files\Windows Mail

O43 - CFD: 3/5/2011 - 11:37:22 - [827801] ----D- C:\Program Files\Windows Mail Recovery

O43 - CFD: 3/15/2011 - 19:42:02 - [4766921] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 11/21/2008 - 15:12:38 - [7957544] ----D- C:\Program Files\Windows NT

O43 - CFD: 9/16/2009 - 20:00:22 - [8228002] ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD: 10/30/2009 - 11:56:30 - [134144] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 7/27/2011 - 15:13:40 - [1659488] ----D- C:\Program Files\Windows Searchqu Toolbar

O43 - CFD: 9/16/2009 - 20:00:22 - [6887473] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 10/12/2011 - 21:44:04 - [4064117] ----D- C:\Program Files\WinRAR

O43 - CFD: 8/22/2011 - 20:41:12 - [735304] ----D- C:\Program Files\Xvid

O43 - CFD: 11/6/2011 - 12:17:58 - [4289657] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 6/18/2011 - 19:56:36 - [3606170] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 10/19/2009 - 07:50:52 - [19444833] ----D- C:\Program Files\Common Files\AhnLab

O43 - CFD: 10/17/2009 - 12:01:50 - [93314306] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 7/13/2011 - 18:17:48 - [2975744] ----D- C:\Program Files\Common Files\AVSMedia

O43 - CFD: 5/5/2010 - 10:03:52 - [7675825] ----D- C:\Program Files\Common Files\Borland Shared

O43 - CFD: 9/29/2009 - 11:46:52 - [102997] ----D- C:\Program Files\Common Files\Cisco Systems

O43 - CFD: 11/22/2009 - 19:41:42 - [1417637] ----D- C:\Program Files\Common Files\DFX

O43 - CFD: 10/22/2009 - 19:08:28 - [90112] ----D- C:\Program Files\Common Files\Glowria

O43 - CFD: 9/15/2009 - 13:41:46 - [531477] ----D- C:\Program Files\Common Files\Hewlett-Packard

O43 - CFD: 9/16/2009 - 11:04:04 - [1804764] ----D- C:\Program Files\Common Files\HP

O43 - CFD: 10/26/2009 - 14:34:22 - [11756681] ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 9/5/2011 - 12:58:26 - [41686172] ----D- C:\Program Files\Common Files\Java

O43 - CFD: 4/7/2010 - 13:00:00 - [21733941] ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 1/22/2010 - 10:34:14 - [0] ----D- C:\Program Files\Common Files\NSV

O43 - CFD: 5/11/2011 - 07:14:00 - [4950450] ----D- C:\Program Files\Common Files\PC Tools

O43 - CFD: 8/22/2011 - 20:41:10 - [4405584] ----D- C:\Program Files\Common Files\PX Storage Engine

O43 - CFD: 8/23/2010 - 12:49:00 - [0] ----D- C:\Program Files\Common Files\Real

O43 - CFD: 11/2/2006 - 12:18:34 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 11/2/2006 - 12:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 9/16/2009 - 20:00:22 - [15066498] ----D- C:\Program Files\Common Files\System

O43 - CFD: 2/15/2008 - 15:16:44 - [1374029] ----D- C:\Program Files\Common Files\Toshiba Shared

O43 - CFD: 2/15/2008 - 15:14:04 - [21678602] ----D- C:\Program Files\Common Files\Ulead Systems

O43 - CFD: 1/27/2009 - 00:26:08 - [314230507] ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 11/24/2008 - 19:30:22 - [19087831] -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller

O43 - CFD: 1/14/2011 - 07:40:56 - [4785664] ----D- C:\Program Files\Common Files\Wise Installation Wizard

O43 - CFD: 2/27/2009 - 18:25:02 - [2242] ----D- C:\ProgramData\0320

O43 - CFD: 3/20/2009 - 12:45:18 - [2242] ----D- C:\ProgramData\1053

O43 - CFD: 3/7/2009 - 19:04:40 - [2242] ----D- C:\ProgramData\27E9

O43 - CFD: 2/27/2009 - 22:59:54 - [2242] ----D- C:\ProgramData\3418C

O43 - CFD: 3/10/2009 - 20:25:08 - [2242] ----D- C:\ProgramData\6186

O43 - CFD: 3/27/2009 - 20:11:26 - [787] ----D- C:\ProgramData\Acronis

O43 - CFD: 10/12/2011 - 21:37:18 - [138344334] ----D- C:\ProgramData\Adobe

O43 - CFD: 8/7/2009 - 14:44:26 - [60814336] ----D- C:\ProgramData\Apple

O43 - CFD: 10/17/2009 - 12:10:00 - [54790656] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 11/2/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 11/14/2010 - 17:21:20 - [3067838] ----D- C:\ProgramData\Avira

O43 - CFD: 2/16/2009 - 18:34:06 - [708] ----D- C:\ProgramData\Blizzard

O43 - CFD: 7/27/2011 - 15:46:58 - [24] ----D- C:\ProgramData\boost_interprocess

O43 - CFD: 11/21/2008 - 15:12:38 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 12/1/2010 - 08:48:14 - [4212] ----D- C:\ProgramData\CheckPoint

O43 - CFD: 11/2/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 11/22/2009 - 19:43:02 - [62] ----D- C:\ProgramData\DFX

O43 - CFD: 11/2/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 3/25/2010 - 10:33:04 - [7258112] ----D- C:\ProgramData\Downloaded Installations

O43 - CFD: 3/4/2009 - 23:00:16 - [2242] ----D- C:\ProgramData\E2CB

O43 - CFD: 9/14/2009 - 11:46:14 - [1708032] ----D- C:\ProgramData\EmailNotifier

O43 - CFD: 11/21/2008 - 15:12:38 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 11/2/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 9/13/2009 - 17:32:58 - [949670] ----D- C:\ProgramData\Fighters

O43 - CFD: 4/15/2011 - 08:39:56 - [1066560] ----D- C:\ProgramData\FileOpen

O43 - CFD: 3/27/2011 - 18:39:02 - [927968] ----D- C:\ProgramData\Google

O43 - CFD: 9/16/2009 - 11:10:58 - [17729086] ----D- C:\ProgramData\HP

O43 - CFD: 9/16/2009 - 11:10:48 - [8988] ----D- C:\ProgramData\HP Product Assistant

O43 - CFD: 12/20/2008 - 22:25:44 - [5677] ----D- C:\ProgramData\IsolatedStorage

O43 - CFD: 11/11/2009 - 14:29:30 - [17235209] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 12/2/2010 - 17:02:16 - [0] ----D- C:\ProgramData\McAfee

O43 - CFD: 11/21/2008 - 15:12:38 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 7/14/2011 - 08:19:36 - [76591900] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 3/27/2009 - 19:13:42 - [57030] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 11/21/2008 - 15:12:38 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 1/14/2011 - 07:36:34 - [1189517] ----D- C:\ProgramData\Network Automation

O43 - CFD: 1/19/2011 - 14:15:50 - [319618] ----D- C:\ProgramData\NOS

O43 - CFD: 11/30/2009 - 15:27:58 - [26316] ----D- C:\ProgramData\Pinnacle

O43 - CFD: 6/29/2011 - 16:51:54 - [219938] ----D- C:\ProgramData\PrevxCSI

O43 - CFD: 2/11/2011 - 14:55:56 - [57986048] ----D- C:\ProgramData\Readon

O43 - CFD: 6/1/2010 - 20:18:04 - [1157] ----D- C:\ProgramData\Real

O43 - CFD: 12/29/2008 - 11:19:24 - [24] ----D- C:\ProgramData\SFR

O43 - CFD: 6/30/2011 - 08:28:38 - [61178137] ----D- C:\ProgramData\Skype

O43 - CFD: 11/5/2011 - 20:38:18 - [8888] ----D- C:\ProgramData\Spybot - Search & Destroy

O43 - CFD: 11/2/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 5/10/2010 - 09:28:30 - [362] ----D- C:\ProgramData\Sun

O43 - CFD: 7/13/2011 - 18:45:24 - [97344802] ----D- C:\ProgramData\SUPERAntiSpyware.com

O43 - CFD: 3/24/2010 - 09:38:38 - [155] ----D- C:\ProgramData\Symantec

O43 - CFD: 11/6/2011 - 06:13:44 - [0] ---AD- C:\ProgramData\TEMP

O43 - CFD: 11/2/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 6/1/2010 - 20:18:04 - [1024] ----D- C:\ProgramData\TOSHIBA

O43 - CFD: 11/21/2008 - 15:16:44 - [774] ----D- C:\ProgramData\ToshibaEurope

O43 - CFD: 2/15/2008 - 15:13:14 - [220835] ----D- C:\ProgramData\Ulead Systems

O43 - CFD: 7/14/2011 - 07:30:18 - [0] ----D- C:\ProgramData\Uniblue

O43 - CFD: 9/16/2009 - 11:16:04 - [213] ----D- C:\ProgramData\WEBREG

O43 - CFD: 11/12/2009 - 22:59:50 - [2492] ----D- C:\ProgramData\Windows Genuine Advantage

O43 - CFD: 11/23/2009 - 10:11:24 - [50] ----D- C:\ProgramData\WinZip

O43 - CFD: 12/28/2008 - 13:55:42 - [570478] ----D- C:\ProgramData\WLInstaller

O43 - CFD: 10/26/2011 - 11:02:06 - [0] ----D- C:\ProgramData\ZA_PreservedFiles

O43 - CFD: 3/29/2011 - 15:46:48 - [18472960] -SH-D- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}

O43 - CFD: 10/23/2011 - 05:39:58 - [7938842] --H-D- C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}

O43 - CFD: 3/20/2009 - 18:39:00 - [17196032] -SH-D- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}

O43 - CFD: 8/7/2009 - 14:57:50 - [3350] ----D- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

O43 - CFD: 7/13/2011 - 18:11:36 - [8431268] --H-D- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}

O43 - CFD: 2/4/2010 - 21:16:28 - [17246208] -SH-D- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

O43 - CFD: 11/20/2010 - 13:55:14 - [19440542] ----D- C:\Users\Jérémy\AppData\Roaming\Adobe

O43 - CFD: 8/7/2009 - 15:02:20 - [1166298] ----D- C:\Users\Jérémy\AppData\Roaming\Apple Computer

O43 - CFD: 12/5/2010 - 12:55:14 - [1492700] ----D- C:\Users\Jérémy\AppData\Roaming\Auslogics

O43 - CFD: 11/14/2010 - 17:24:34 - [0] ----D- C:\Users\Jérémy\AppData\Roaming\Avira

O43 - CFD: 10/11/2011 - 21:26:56 - [154300] ----D- C:\Users\Jérémy\AppData\Roaming\Camfrog

O43 - CFD: 5/7/2011 - 13:09:52 - [4486440] ----D- C:\Users\Jérémy\AppData\Roaming\Camfrog Web

O43 - CFD: 5/7/2011 - 13:16:22 - [1393948] ----D- C:\Users\Jérémy\AppData\Roaming\CamfrogWEB

O43 - CFD: 12/1/2010 - 08:50:38 - [201352] ----D- C:\Users\Jérémy\AppData\Roaming\CheckPoint

O43 - CFD: 12/2/2008 - 23:40:24 - [1782] ----D- C:\Users\Jérémy\AppData\Roaming\DesktopSMS

O43 - CFD: 10/26/2011 - 10:57:24 - [33792] ----D- C:\Users\Jérémy\AppData\Roaming\Ditto

O43 - CFD: 10/8/2011 - 18:41:32 - [199] ----D- C:\Users\Jérémy\AppData\Roaming\dvdcss

O43 - CFD: 12/28/2010 - 10:20:08 - [540] ----D- C:\Users\Jérémy\AppData\Roaming\FileOpen

O43 - CFD: 8/25/2009 - 07:46:20 - [3106] ----D- C:\Users\Jérémy\AppData\Roaming\GoodSync

O43 - CFD: 11/22/2008 - 17:11:10 - [35709] ----D- C:\Users\Jérémy\AppData\Roaming\Google

O43 - CFD: 3/31/2011 - 19:58:48 - [270] ----D- C:\Users\Jérémy\AppData\Roaming\GrabIt

O43 - CFD: 9/16/2009 - 11:16:04 - [88150] ----D- C:\Users\Jérémy\AppData\Roaming\HP

O43 - CFD: 2/9/2010 - 17:00:44 - [2048] ----D- C:\Users\Jérémy\AppData\Roaming\HPAppData

O43 - CFD: 3/1/2010 - 10:13:32 - [37520] ----D- C:\Users\Jérémy\AppData\Roaming\HpUpdate

O43 - CFD: 1/23/2010 - 12:07:54 - [228] ----D- C:\Users\Jérémy\AppData\Roaming\HTML Executable

O43 - CFD: 11/21/2008 - 15:24:34 - [0] ----D- C:\Users\Jérémy\AppData\Roaming\Identities

O43 - CFD: 11/21/2008 - 15:19:36 - [0] ----D- C:\Users\Jérémy\AppData\Roaming\InstallShield

O43 - CFD: 11/16/2010 - 12:55:00 - [1493] ----D- C:\Users\Jérémy\AppData\Roaming\Macromedia

O43 - CFD: 6/16/2011 - 10:05:12 - [7373] ----D- C:\Users\Jérémy\AppData\Roaming\Malwarebytes

O43 - CFD: 11/20/2010 - 13:55:14 - [3344690] -S--D- C:\Users\Jérémy\AppData\Roaming\Microsoft

O43 - CFD: 8/22/2011 - 20:41:14 - [40032] ----D- C:\Users\Jérémy\AppData\Roaming\MiniLyrics

O43 - CFD: 3/30/2011 - 16:09:18 - [65536] ----D- C:\Users\Jérémy\AppData\Roaming\Miranda

O43 - CFD: 4/18/2011 - 18:07:18 - [25624420] ----D- C:\Users\Jérémy\AppData\Roaming\Mozilla

O43 - CFD: 11/30/2009 - 15:09:06 - [60] ----D- C:\Users\Jérémy\AppData\Roaming\MPEG Streamclip

O43 - CFD: 11/25/2008 - 23:13:30 - [16889548] ----D- C:\Users\Jérémy\AppData\Roaming\myphotobook

O43 - CFD: 10/12/2011 - 21:41:36 - [343779] ----D- C:\Users\Jérémy\AppData\Roaming\Notepad++

O43 - CFD: 12/3/2008 - 18:46:36 - [82798251] ----D- C:\Users\Jérémy\AppData\Roaming\OpenOffice.org

O43 - CFD: 5/11/2011 - 07:14:48 - [1588] ----D- C:\Users\Jérémy\AppData\Roaming\PCToolsFirewallPlus

O43 - CFD: 12/14/2010 - 17:02:30 - [160] ----D- C:\Users\Jérémy\AppData\Roaming\PMS

O43 - CFD: 3/8/2011 - 17:43:16 - [20108301] ----D- C:\Users\Jérémy\AppData\Roaming\PPStream

O43 - CFD: 12/21/2010 - 17:00:28 - [64089] ----D- C:\Users\Jérémy\AppData\Roaming\QuickScan

O43 - CFD: 10/10/2011 - 16:23:22 - [0] ----D- C:\Users\Jérémy\AppData\Roaming\RegistryKeys

O43 - CFD: 5/12/2009 - 14:58:48 - [15600] R-H-D- C:\Users\Jérémy\AppData\Roaming\SecuROM

O43 - CFD: 6/27/2011 - 21:45:44 - [2230878] ----D- C:\Users\Jérémy\AppData\Roaming\Skype

O43 - CFD: 4/18/2011 - 15:02:04 - [30240] ----D- C:\Users\Jérémy\AppData\Roaming\skypePM

O43 - CFD: 3/15/2011 - 09:24:58 - [48660221] ----D- C:\Users\Jérémy\AppData\Roaming\Songbird2

O43 - CFD: 5/1/2009 - 21:42:52 - [0] ----D- C:\Users\Jérémy\AppData\Roaming\Sports Interactive

O43 - CFD: 12/26/2010 - 07:50:08 - [9470] ----D- C:\Users\Jérémy\AppData\Roaming\Stardock

O43 - CFD: 7/31/2011 - 14:48:22 - [89356957] ----D- C:\Users\Jérémy\AppData\Roaming\SUPERAntiSpyware(144).com

O43 - CFD: 10/12/2011 - 21:28:04 - [118784] ----D- C:\Users\Jérémy\AppData\Roaming\SUPERAntiSpyware.com

O43 - CFD: 1/25/2010 - 19:46:22 - [2400] ----D- C:\Users\Jérémy\AppData\Roaming\TeamViewer

O43 - CFD: 12/1/2008 - 18:13:52 - [13824] ----D- C:\Users\Jérémy\AppData\Roaming\Template

O43 - CFD: 7/29/2011 - 12:36:56 - [150111] ----D- C:\Users\Jérémy\AppData\Roaming\Todae

O43 - CFD: 12/26/2008 - 20:03:04 - [14911] ----D- C:\Users\Jérémy\AppData\Roaming\Toshiba

O43 - CFD: 11/25/2009 - 11:16:32 - [7021348] ----D- C:\Users\Jérémy\AppData\Roaming\U3

O43 - CFD: 7/14/2011 - 05:48:54 - [7263822] ----D- C:\Users\Jérémy\AppData\Roaming\Uniblue

O43 - CFD: 8/22/2011 - 20:41:14 - [84447] ----D- C:\Users\Jérémy\AppData\Roaming\vlc

O43 - CFD: 7/30/2011 - 08:07:42 - [4300265] ----D- C:\Users\Jérémy\AppData\Roaming\Winamp

O43 - CFD: 12/30/2010 - 14:39:28 - [0] ----D- C:\Users\Jérémy\AppData\Roaming\Windows Live Writer

O43 - CFD: 11/22/2009 - 19:32:34 - [12] ----D- C:\Users\Jérémy\AppData\Roaming\WinRAR

O43 - CFD: 10/12/2011 - 09:20:34 - [15133018] ----D- C:\Users\Jérémy\AppData\Local\Adobe

O43 - CFD: 10/12/2011 - 17:44:04 - [143078622] ----D- C:\Users\Jérémy\AppData\Local\Google

O43 - CFD: 10/26/2011 - 12:33:06 - [10741385020] R---D- C:\Users\Jérémy\AppData\Local\Microsoft

O43 - CFD: 6/20/2009 - 19:07:40 - [1405297] ----D- C:\Users\Jérémy\AppData\Local\Microsoft Games

O43 - CFD: 11/12/2010 - 19:49:34 - [200328] ----D- C:\Users\Jérémy\AppData\Local\Microsoft Help

O43 - CFD: 11/5/2009 - 18:21:42 - [51781794] ----D- C:\Users\Jérémy\AppData\Local\Mozilla

O43 - CFD: 11/29/2008 - 14:27:44 - [4233] ----D- C:\Users\Jérémy\AppData\Local\Neuf

O43 - CFD: 12/26/2010 - 07:59:00 - [0] ----D- C:\Users\Jérémy\AppData\Local\PackageAware

O43 - CFD: 1/27/2009 - 20:58:52 - [285696] ----D- C:\Users\Jérémy\AppData\Local\Seven Zip

O43 - CFD: 12/29/2008 - 11:19:14 - [8536055] ----D- C:\Users\Jérémy\AppData\Local\SFR

O43 - CFD: 3/15/2011 - 09:44:20 - [13766303] ----D- C:\Users\Jérémy\AppData\Local\Songbird2

O43 - CFD: 11/6/2011 - 12:17:00 - [63249] ----D- C:\Users\Jérémy\AppData\Local\temp

O43 - CFD: 11/21/2008 - 15:25:28 - [0] ----D- C:\Users\Jérémy\AppData\Local\Toshiba

O43 - CFD: 10/12/2009 - 11:39:16 - [70720920] ----D- C:\Users\Jérémy\AppData\Local\VirtualStore

O43 - CFD: 1/23/2011 - 08:42:36 - [0] ----D- C:\Users\Jérémy\AppData\Local\WDSetup

O43 - CFD: 1/4/2011 - 07:57:58 - [177274] ----D- C:\Users\Jérémy\AppData\Local\widestream6 Air

O43 - CFD: 11/6/2011 - 08:07:56 - [180224] ----D- C:\Users\Jérémy\AppData\Local\Windows Live

O43 - CFD: 5/15/2009 - 15:32:22 - [374842] ----D- C:\Users\Jérémy\AppData\Local\Windows Live Writer

O43 - CFD: 10/29/2011 - 08:05:44 - [0] ----D- C:\Users\Jérémy\AppData\Local\{249A57F6-A965-45D7-B11B-BFA01264D33A}

O43 - CFD: 10/29/2011 - 08:06:26 - [0] ----D- C:\Users\Jérémy\AppData\Local\{460FF1F7-6BDA-4867-AFE4-49C2B1A27209}

O43 - CFD: 11/6/2011 - 08:06:30 - [0] ----D- C:\Users\Jérémy\AppData\Local\{51B2141F-A333-4DEB-908C-7705521E1ED0}

O43 - CFD: 11/4/2011 - 22:42:20 - [0] ----D- C:\Users\Jérémy\AppData\Local\{6819E529-B0B2-4374-851D-28814B2FDE1C}

O43 - CFD: 11/6/2011 - 08:07:08 - [0] ----D- C:\Users\Jérémy\AppData\Local\{757800B1-D54B-4846-9F24-F8549DB7E435}

~ Scan Program Folder in 00mn 03s

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.7A1746B3B50074915725A0BAC2B70A7F] - 11/5/2011 - 21:26:59 ---A- . (...) -- C:\Windows\PFRO.log [578]

O44 - LFC:[MD5.61E97751636706CEEBAA8F4DC50AF7A8] - 11/6/2011 - 06:13:19 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.7E17F9F5BF4B30FF0EF4EDD415A0FBD8] - 11/6/2011 - 06:18:10 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.TMP [5468]

O44 - LFC:[MD5.F781F389DC9A4FDA72E5BCFDE60D8276] - 11/6/2011 - 09:46:25 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1397295]

O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 11/6/2011 - 11:24:24 R-HA- . (...) -- C:\Windows\WindowsShell.Manifest [749]

O44 - LFC:[MD5.D43CFF620718416E9FE2FA7742F0A9F9] - 11/6/2011 - 11:34:18 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.825204F181A08A65262B33A06C421C81] - 10/13/2011 - 04:42:57 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [373632]

O44 - LFC:[MD5.2C536D41DCE213E1D449F18B3D41EA55] - 10/12/2011 - 21:38:00 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\system32\FlashPlayerCPLApp.cpl [414368]

~ Scan Files in 00mn 01s

 

 

 

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\system32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\system32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\system32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\system32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\system32\tspkg.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\procexp90.Sys . (...) -- C:\Windows\system32\Drivers\procexp90.Sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\procexp90.Sys . (...) -- C:\Windows\system32\Drivers\procexp90.Sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll

O52 - TDSD: \Drivers32\"msacm.voxacm160"="vct3216.acm" . (.Voxware, Inc. - Voxware Audio Compression Manager Driver.) -- C:\Windows\system32\vct3216.acm

O52 - TDSD: \Drivers32\"msacm.scg726"="scg726.acm" . (.SHARP Corporation - SHARP G.726 ACM Audio Decoder.) -- C:\Windows\system32\scg726.acm

O52 - TDSD: \Drivers32\"msacm.ac3acm"="AC3ACM.acm" . (.fccHandler - AC-3 ACM Decompressor.) -- C:\Windows\system32\AC3ACM.acm

O52 - TDSD: \Drivers32\"vidc.dvsd"="mcdvd_32.dll" . (.MainConcept - MainConcept DV Codec.) -- C:\Windows\system32\mcdvd_32.dll

O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivXNetworks, Inc. - DivX Video for Windows Codec.) -- C:\Windows\system32\DivX.dll

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\system32\ir50_32.dll

O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\Windows\system32\xvidvfw.dll

O52 - TDSD: \drivers.desc\"vct3216.acm"="Voxware Compression Toolkit" . (.Voxware, Inc. - Voxware Audio Compression Manager Driver.) -- C:\Windows\system32\vct3216.acm

O52 - TDSD: \drivers.desc\"AC3ACM.acm"="AC-3 ACM Decompressor" . (.fccHandler - AC-3 ACM Decompressor.) -- C:\Windows\system32\AC3ACM.acm

O52 - TDSD: \drivers.desc\"mcdvd_32.dll"="mcdvd_32.dll" . (.MainConcept - MainConcept DV Codec.) -- C:\Windows\system32\mcdvd_32.dll

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® Video 5,10" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\system32\ir50_32.dll

O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (...) -- C:\Windows\system32\xvidvfw.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\ThreatFire [Key] . (...) -- C:\Program Files\ThreatFire\TFTray.exe (.not file.)

~ Scan SMSR Keys in 00mn 00s

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2

O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsHistory"=1

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMMyDocs"=1

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsMenu"=1

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMHelp"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 1/21/2008 - 03:32:46 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]

O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 1/21/2008 - 03:32:51 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]

O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 1/21/2008 - 03:32:52 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]

O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 1/21/2008 - 03:32:53 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]

O58 - SDL:[MD5.1E9F5F30EF41D4D433B36113E776518B] - 10/19/2009 - 09:14:00 ---A- . (.AhnLab, Inc. - AhnLab SpyZero Engine Driver.) -- C:\Windows\system32\drivers\ahnsze.sys [1302232]

O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 1/21/2008 - 03:32:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]

O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 1/21/2008 - 03:32:49 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]

O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 1/21/2008 - 03:32:50 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]

O58 - SDL:[MD5.E54E27976E2C5A6465D44C10B1D87AC0] - 8/2/2009 - 14:20:32 ---A- . (.Adaptec - ASPI for WIN32 Kernel Driver.) -- C:\Windows\system32\drivers\ASPI32.SYS [84832]

O58 - SDL:[MD5.6046A55F79DE9C581B8D5E9C1366CC81] - 11/2/2006 - 08:30:52 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [467456]

O58 - SDL:[MD5.1E4114685DE1FFA9675E09C6A1FB3F4B] - 11/14/2010 - 08:42:37 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [66616]

O58 - SDL:[MD5.0F78D3DAE6DEDD99AE54C9491C62ADF2] - 11/14/2010 - 08:42:37 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [138192]

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 11/2/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 11/2/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]

O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 11/2/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 11/2/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 11/2/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 11/2/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]

O58 - SDL:[MD5.2C41CD49D82D5FD85C72D57B6CA25471] - 2/15/2008 - 03:42:42 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdralw2k.sys [2560]

O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 1/21/2008 - 03:32:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]

O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 11/2/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]

O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 1/21/2008 - 03:32:50 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]

O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 1/21/2008 - 03:32:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]

O58 - SDL:[MD5.CBC22823628544735625B280665E434E] - 2/15/2008 - 14:11:14 ---A- . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 32-bit Driver.) -- C:\Windows\system32\drivers\FwLnk.sys [7168]

O58 - SDL:[MD5.4AC51459805264AFFD5F6FDFB9D9235F] - 8/7/2009 - 12:06:50 ---A- . (.GEAR Software Inc. - CD/DVD Class Filter Driver.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [15664]

O58 - SDL:[MD5.24049179C60BBF64A9261DA943993440] - 10/5/2009 - 05:30:50 ---A- . (.Hexago, Inc. - Hexago Virtual Tunnel Driver.) -- C:\Windows\system32\drivers\hextun.sys [22176]

O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 1/21/2008 - 03:32:52 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]

O58 - SDL:[MD5.C2EB8396C46E13F76037D70EAE8820A9] - 10/15/2008 - 08:30:04 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\HSXHWAZL.sys [207360]

O58 - SDL:[MD5.D0116C473EF3C381A42BB55036A1ADB1] - 10/15/2008 - 08:29:16 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\HSX_CNXT.sys [661504]

O58 - SDL:[MD5.EFED6BD9B9D5F407ADCA918BBE2D410D] - 10/15/2008 - 08:32:08 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\HSX_DPV.sys [980992]

O58 - SDL:[MD5.E5A0034847537EAEE3C00349D5C34C5F] - 11/21/2008 - 23:03:12 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [308248]

O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 1/21/2008 - 03:32:49 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]

O58 - SDL:[MD5.038815297078D236D8CC064C295A74C6] - 2/15/2008 - 14:23:50 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [1925632]

O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 11/2/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]

O58 - SDL:[MD5.98D303CCB3415E9202E82043B37D66DC] - 2/15/2008 - 15:21:32 ---A- . (.Intel® Corporation - Intel® High Definition Audio HDMI.) -- C:\Windows\system32\drivers\IntcHdmi.sys [111616]

O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 11/2/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]

O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 11/2/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]

O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 1/21/2008 - 03:32:49 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]

O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 1/21/2008 - 03:32:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]

O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 1/21/2008 - 03:32:48 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]

O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 6/16/2011 - 17:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22216]

O58 - SDL:[MD5.0CEA2D0D3FA284B85ED5B68365114F76] - 2/15/2008 - 21:26:58 ---A- . (.Conexant - Diagnostic Interface x86 Driver.) -- C:\Windows\system32\drivers\mdmxsdk.sys [12672]

O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 1/21/2008 - 03:32:53 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]

O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 1/21/2008 - 03:32:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]

O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 11/2/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]

O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 11/2/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]

O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 11/2/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]

O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 1/21/2008 - 03:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]

O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 1/21/2008 - 03:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]

O58 - SDL:[MD5.F767F3B35C3ECF8A60B2A65BEEC50EF5] - 5/11/2011 - 09:53:58 ---A- . (.PC Tools - PC Tools App Monitor Driver.) -- C:\Windows\system32\drivers\PCTAppEvent.sys [160448]

O58 - SDL:[MD5.807FF1DD6E1BDF8E7D2062FCA0DAECAF] - 5/11/2011 - 10:06:14 ---A- . (.PC Tools - PC Tools KDS Core Driver.) -- C:\Windows\system32\drivers\PCTCore.sys [218592]

O58 - SDL:[MD5.B76C829F00B9B534405B4ED5F58B8F52] - 5/11/2011 - 09:19:50 ---A- . (.PC Tools - PC Tools Generic TDI Driver.) -- C:\Windows\system32\drivers\pctgntdi.sys [249616]

O58 - SDL:[MD5.2D9BF28D68BE7B9823C9C567505F613B] - 5/11/2011 - 08:26:50 ---A- . (.PC Tools - PC Tools NDIS - DNS.) -- C:\Windows\system32\drivers\pctNdis-DNS.sys [32808]

O58 - SDL:[MD5.58DB891CA76A2D49E33BA9FA13B86C89] - 5/11/2011 - 08:18:16 ---A- . (.PC Tools - PC Tools NDIS - Packet Filter.) -- C:\Windows\system32\drivers\pctNdis-PacketFilter.sys [89192]

O58 - SDL:[MD5.3EC79CFB2E0E74AADA8B561ED8904577] - 5/11/2011 - 08:49:10 ---A- . (.PC Tools - PC Tools NDIS Driver.) -- C:\Windows\system32\drivers\pctNdis.sys [57536]

O58 - SDL:[MD5.78D871114E7CB3115E058D1F85751C7F] - 5/11/2011 - 09:42:10 ---A- . (.PC Tools - PC Tools FW Plugin Driver.) -- C:\Windows\system32\drivers\pctplfw.sys [124992]

O58 - SDL:[MD5.1FAF62EAC7AE6FCF82F30DB1F2F920B6] - 5/11/2011 - 09:19:50 ---A- . (.PC Tools - PC Tools WFP kernel DLL.) -- C:\Windows\system32\drivers\pctwfpfilter.sys [102184]

O58 - SDL:[MD5.04D1C97A0818F9378EEAA793A09F8202] - 4/8/2011 - 17:29:54 ---A- . (.Prevx - Prevx Realtime Security.) -- C:\Windows\system32\drivers\pxrts.sys [76696]

O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 1/21/2008 - 03:32:50 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]

O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 11/2/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]

O58 - SDL:[MD5.B9CBD3DEA7CA02868621173BF7A2AF9F] - 11/16/2010 - 14:23:44 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2095512]

O58 - SDL:[MD5.B71D269B9AB5417963E986126C12B9FC] - 11/21/2008 - 10:20:32 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\system32\drivers\rtl8187B.sys [290304]

O58 - SDL:[MD5.8CCA591019216E9523E3CB385CE643E6] - 2/15/2008 - 19:21:54 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [104448]

O58 - SDL:[MD5.0D60B8C10A2C5E8DD620B3FDEB1CDA64] - 11/21/2008 - 10:50:50 ---A- . (.Windows ® Codename Longhorn DDK provider - Realtek Utility I/O Driver.) -- C:\Windows\system32\drivers\RtlProt.sys [25896]

O58 - SDL:[MD5.01C64783DB1F40E1E3DF67DD36199B35] - 2/22/2008 - 22:01:08 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for Vista.) -- C:\Windows\system32\drivers\RTSTOR.sys [60416]

O58 - SDL:[MD5.127E21305C1880B550BEA4B0ADFD9D94] - 9/29/2009 - 10:50:37 ---A- . (.Sophos Plc - SAV On-Access and HIPS for Windows Vista (x86).) -- C:\Windows\system32\drivers\savonaccess.sys [85312]

O58 - SDL:[MD5.20B2751CD4C8F3FD989739CA661B9F30] - 11/7/2010 - 09:44:34 ---A- . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\Windows\system32\drivers\scdemu.sys [59388]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 11/2/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 1/21/2008 - 03:32:52 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]

O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 11/14/2010 - 15:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520]

O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 11/2/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]

O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 11/2/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]

O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 11/2/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]

O58 - SDL:[MD5.70534D1E4F9AC990536D5FB5B550B3DE] - 8/14/2008 - 10:40:40 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [203312]

O58 - SDL:[MD5.5D8C820E2D885C25FFC6BBC5D4FE073C] - 8/3/2009 - 08:52:12 ---A- . (.RapidSolution Software AG - Tunebite High-Speed Dubbing.) -- C:\Windows\system32\drivers\tbhsd.sys [26784]

O58 - SDL:[MD5.1825BCEB47BF41C5A9F0E44DE82FC27A] - 2/15/2008 - 11:50:04 ---A- . (.TOSHIBA Corporation. - Toshiba ODD Writing Driver For x86..) -- C:\Windows\system32\drivers\tdcmdpst.sys [16128]

O58 - SDL:[MD5.D953F161177DAB3C8440844A9AB6E5A2] - 3/27/2009 - 19:09:30 ---A- . (.Acronis - Acronis Try&Decide Volume Filter Driver.) -- C:\Windows\system32\drivers\tdrpm174.sys [971552]

O58 - SDL:[MD5.6DCB8DDB481CD3C40FA68593723B4D89] - 3/27/2009 - 19:09:26 ---A- . (.Acronis - Acronis True Image File System Filter.) -- C:\Windows\system32\drivers\tifsfilt.sys [44704]

O58 - SDL:[MD5.394FC70B88B7958FA85798BBC76D140A] - 3/27/2009 - 19:09:26 ---A- . (.Acronis - Acronis True Image Backup Archive Explorer.) -- C:\Windows\system32\drivers\timntr.sys [540000]

O58 - SDL:[MD5.1EA5F27C29405BF49799FECA77186DA9] - 2/15/2008 - 15:42:24 ---A- . (.TOSHIBA Corporation - tos_sps2.) -- C:\Windows\system32\drivers\tos_sps32.sys [285184]

O58 - SDL:[MD5.792A8B80F8188ABA4B2BE271583F3E46] - 11/21/2008 - 14:00:52 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\system32\drivers\TVALZ_O.SYS [23640]

O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 1/21/2008 - 03:32:45 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]

O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 11/2/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]

O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 1/21/2008 - 03:32:49 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]

O58 - SDL:[MD5.237C444FBD1C697A2E3FA60F02C61F22] - 11/17/2010 - 19:59:06 ---A- . (.Chicony Electronics Co., Ltd. - UVCFTR_S.sys.) -- C:\Windows\system32\drivers\UVCFTR_S.SYS [17960]

O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 1/21/2008 - 03:32:21 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]

O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 1/21/2008 - 03:32:49 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]

O58 - SDL:[MD5.46D67209550973257601A533E2AC5785] - 1/21/2008 - 03:32:48 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL3.SYS [200704]

O58 - SDL:[MD5.5C7BDCF5864DB00323FE2D90FA26A8A2] - 1/21/2008 - 03:32:48 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT3.SYS [654336]

O58 - SDL:[MD5.EC36F1D542ED4252390D446BF6D4DFD0] - 1/21/2008 - 03:32:48 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV3.SYS [987648]

O58 - SDL:[MD5.A75DC063C9F0B787CCE296C8CCAD9C30] - 8/3/2009 - 15:51:18 ---A- . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys [16640]

O58 - SDL:[MD5.DAB33CFA9DD24251AAA389FF36B64D4B] - 2/15/2008 - 22:36:54 ---A- . (.Conexant Systems, Inc. - Modem Audio Device Driver.) -- C:\Windows\system32\drivers\XAudio.sys [8704]

O58 - SDL:[MD5.22A08B9FAECD6A306868F59B7F03F188] - 11/4/2008 - 03:32:20 ---A- . (.Conexant Systems, Inc. - Modem Audio Device Driver.) -- C:\Windows\system32\drivers\XAudio32.sys [8704]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 11/2/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 11/2/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.DC8FCBD7E98FE7BE4E7CA9780835FAB7] - 3/4/2011 - 16:35:00 ---A- . (.EldoS Corporation - RawDisk Driver. Allows write-access to raw disk sectors for use.) -- C:\Windows\system32\elrawdsk.sys [12800]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 11/2/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 11/2/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 11/2/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 11/2/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 11/2/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 11/2/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 11/2/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 11/2/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 11/2/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 11/2/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 11/2/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 11/2/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 11/2/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

~ Scan Drivers in 00mn 01s

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 6/6/2011 - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - Adobe Acrobat Update Service(AdobeARMservice) .(.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - LEGACY_ADOBEARMSERVICE

O64 - Services: CurCS - 9/1/2011 - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - 9/1/2011 - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB

O64 - Services: CurCS - 7/6/2010 - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe - CanalPlus.VOD(CanalPlus.VOD) .(.Canal+ Active - CanalPlus.VOD.Service.) - LEGACY_CANALPLUS.VOD

O64 - Services: CurCS - 2/25/2010 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE

O64 - Services: CurCS - 2/25/2010 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdatem)(gupdatem) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATEM

O64 - Services: CurCS - 8/31/2011 - C:\Windows\system32\drivers\mbam.sys - MBAMProtector(MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR

O64 - Services: CurCS - 8/31/2011 - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - MBAMService(MBAMService) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSERVICE

O64 - Services: CurCS - 12/30/1899 - C:\Users\JRMY~1\AppData\Local\Temp\mbr.sys (.not file.) - mbr (mbr) .(...) - LEGACY_MBR

O64 - Services: CurCS - 11/25/2010 - C:\Windows\system32\drivers\PCTAppEvent.sys - PCTAppEvent Driver(PCTAppEvent) .(.PC Tools - PC Tools App Monitor Driver.) - LEGACY_PCTAPPEVENT

O64 - Services: CurCS - 11/24/2010 - C:\Windows\system32\drivers\pctNdis-PacketFilter.sys - PCTools Firewall - Packet filter driver(PCTFW-PacketFilter) .(.PC Tools - PC Tools NDIS - Packet Filter.) - LEGACY_PCTFW-PACKETFILTER

O64 - Services: CurCS - 11/17/2010 - C:\Windows\system32\drivers\pctgntdi.sys - pctgntdi(pctgntdi) .(.PC Tools - PC Tools Generic TDI Driver.) - LEGACY_PCTGNTDI

O64 - Services: CurCS - 11/25/2010 - C:\Windows\system32\drivers\pctplfw.sys - pctplfw(pctplfw) .(.PC Tools - PC Tools FW Plugin Driver.) - LEGACY_PCTPLFW

O64 - Services: CurCS - 4/23/2007 - C:\Windows\system32\DRIVERS\rtlprot.sys - Realtke RtlProt WLAN Utility Protocol Driver(RtlProt) .(.Windows ® Codename Longhorn DDK provider - Realtek Utility I/O Driver.) - LEGACY_RTLPROT

O64 - Services: CurCS - 7/22/2011 - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys - SASDIFSV(SASDIFSV) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - LEGACY_SASDIFSV

O64 - Services: CurCS - 7/12/2011 - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys - SASKUTIL(SASKUTIL) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - LEGACY_SASKUTIL

O64 - Services: CurCS - 12/30/1899 - C:\Windows\system32\Drivers\sptd.sys (.not file.) - sptd (sptd) .(...) - LEGACY_SPTD

O64 - Services: CurCS - 6/17/2010 - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

O64 - Services: CurCS - 6/17/2011 - C:\Windows\System32\TUProgSt.exe (TuneUp.ProgramStatisticsSvc) .(...) - LEGACY_TUNEUP.PROGRAMSTATISTICSSVC

O64 - Services: CurCS - 8/23/2006 - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe - Ulead Burning Helper(UleadBurningHelper) .(.Ulead Systems, Inc. - ULCDRSvr.) - LEGACY_ULEADBURNINGHELPER

O64 - Services: CurCS - 3/28/2011 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe - Windows Live ID Sign-in Assistant(wlidsvc) .(.Microsoft Corp. - Microsoft® Windows Live ID Service.) - LEGACY_WLIDSVC

O64 - Services: CurCS - 11/4/2008 - C:\Windows\system32\DRIVERS\XAudio32.sys - XAudio(XAudio) .(.Conexant Systems, Inc. - Modem Audio Device Driver.) - LEGACY_XAUDIO

O64 - Services: CurCS - 10/17/2007 - C:\Windows\system32\DRIVERS\xaudio.exe - XAudioService(XAudioService) .(.Conexant Systems, Inc. - Modem Audio Service.) - LEGACY_XAUDIOSERVICE

~ Scan Services in 00mn 07s

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\system32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.exe> <exefile>[HKU\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\system32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {40439b93-f815-4122-8073-d03bed94c303} [DefaultScope] - (Winamp Web Search) - http://slirsredirect.search.aol.com

O69 - SBI: SearchScopes [HKCU] {90A5840A-BCF9-4C01-A55E-F0BB6ABDEA10} - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} - (Google) - Google

~ Scan Keys in 00mn 00s

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.E3759D2F4166E8EDB981890053235823] [sPRF][11/6/2011] (...) -- C:\Users\Jérémy\Desktop\explor.bat [96]

[MD5.B8CB9448B6E80867375A4B570221F3B2] [sPRF][11/6/2011] (...) -- C:\Users\Jérémy\Desktop\regis.reg [158]

[MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][12/7/2004] (...) -- C:\Windows\Downloaded Program Files\bdcore.dll [32]

[MD5.298068536300DA6DC163E394797A7C50] [sPRF][5/25/2006] (...) -- C:\Windows\Downloaded Program Files\bdupd.dll [118784]

[MD5.880CC977F4643B01B1A05B5C5F8FEF40] [sPRF][10/19/2007] (.Microsoft Corporation - Windows Live Photo Download Control.) -- C:\Windows\Downloaded Program Files\DigWXMSN.dll [267312]

[MD5.632E0CE38FBCADEAAE28077F4C9C45D5] [sPRF][10/21/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r102.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2827728]

[MD5.1CAB87DE6638846FBF51F32B5D95E482] [sPRF][5/25/2006] (...) -- C:\Windows\Downloaded Program Files\ipsupd.dll [53248]

[MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][12/7/2004] (...) -- C:\Windows\Downloaded Program Files\libfn.dll [32]

~ Scan Files in 00mn 00s

 

 

 

---\\ Recherche d'infection Rogue (O86)

C:\ProgramData\0320

C:\ProgramData\1053

C:\ProgramData\27E9

C:\ProgramData\3418C

C:\ProgramData\6186

C:\ProgramData\E2CB

~ Scan Files in 00mn 00s

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 8818 - (06/11/2011)

Clés trouvées (Keys found) : 15

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 5

Fichiers trouvés (Files found) : 0

 

[HKLM\Software\Classes\AppID\WMHelper.DLL] =>PUP.BearShare

[HKLM\Software\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}] =>PUP.BearShare

[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent

[HKLM\Software\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}] =>Adware.SocialSkinz

[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{31CF6C0E-51F0-41D2-B088-A6A143C4303C}] =>Toolbar.SweetIM

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}] =>Toolbar.Agent

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}] =>Toolbar.Agent

[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz

[HKLM\Software\Classes\CLSID\{76985346-BDA2-4B2E-A727-956D7B8B012E}] =>Adware.IMBooster

[HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}] =>PUP.iMesh

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit

[HKLM\Software\Elf_1.15] =>Toolbar.Conduit

[HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>Toolbar.Conduit

[HKLM\Software\uTorrentBar_FR] =>Toolbar.Conduit

[HKCU\Software\WideStream] =>Adware.SPointer

C:\Program Files\uTorrentBar_FR =>Toolbar.Conduit

C:\Program Files\Windows Searchqu Toolbar =>Adware.Bandoo

C:\Program Files\Mozilla Firefox\Extensions\[email protected] =>PUP.Dealio

C:\Users\Jérémy\AppData\Local\widestream6 Air =>Adware.SPointer

~ Scan Additionnel in 00mn 10s

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 8/12/2011 116608 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE.exe

SS - | Disabled 6/18/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

SR - | Auto 11/14/2010 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

SR - | Auto 11/14/2010 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

SS - | Disabled 8/7/2009 144712 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

SS - | Disabled 7/6/2010 188416 | CanalPlus.VOD (CanalPlus.VOD) . (.Canal+ Active.) - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe

SS - | Demand 2/15/2008 40960 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

SR - | Auto 4/15/2011 212352 | (FileOpenManagerSvc) . (.FileOpen Systems Inc..) - C:\ProgramData\FileOpen\Services\FileOpenManagerSvc32.exe

SS - | Disabled 2/25/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Disabled 2/25/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 10/26/2009 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

SR - | Auto 11/2/2011 366152 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

SR - | Auto 5/11/2011 287024 | (PCToolsFirewallPlus) . (.PC Tools.) - C:\Program Files\PC Tools Firewall Plus\FWService.exe

SS - | Disabled 10/22/2009 436096 | (Service CANALPLAY) . (.Canal+ Distribution.) - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe

SR - | Auto 2/15/2008 83312 | (TNaviSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe

SR - | Auto 2/15/2008 129632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe

SR - | Auto 11/21/2008 431456 | (TosCoSrv) . (.TOSHIBA Corporation.) - c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

SR - | Auto 11/21/2008 126976 | (TOSHIBA SMART Log Service) . (.TOSHIBA Corporation.) - c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

SS - | Disabled 2/15/2008 49152 | (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

SR - | Auto 2/15/2008 386560 | (XAudioService) . (.Conexant Systems, Inc..) - C:\Windows\system32\DRIVERS\xaudio.exe

~ Scan Services in 00mn 11s

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by Jérémy at 11/6/2011 12:18:34

 

device: opened successfully

user: MBR read successfully

 

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll

C:\Windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver

1 ntkrnlpa!IofCallDriver[0x82462912] -> \Device\Harddisk0\DR0[0x85E67030]

3 CLASSPNP[0x885108B3] -> ntkrnlpa!IofCallDriver[0x82462912] -> \Device\Ide\IAAStorageDevice-0[0x84A58028]

kernel: MBR read successfully

user & kernel MBR OK

~ Scan MBR in 00mn 14s

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by Jérémy at 11/6/2011 12:18:36

 

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 00mn 16s

 

 

 

End of the scan (1558 lines in 00mn 48s)(0)

[pear]

Bonjour,

 

Téléchargez AD-Remover sur le bureau

 

Déconnectez-vous et fermez toutes les applications en cours

Cliquer sur "Ad-R.exe" pour lancer l'installation et laisser les paramètres par défaut .

Une fenêtre s'affichera Vous prévenant des risques de l'utilisation de ce logiciel

Cliquez sur "OUI"

Double cliquer sur l'icône Ad-remover sur le bureau

Au menu principal choisir l'optionScanner et Validez

 

Patientez pendant le travail de l'outil.

Poster le rapport qui apparait à la fin .

Il est sauvegardé aussi sous C:\Ad-report.log

 

Ensuite

 

Relancer Ad- remover , choisir l'option Nettoyer

 

Il y aura 2 rapports à poster après :Scanner et Nettoyer

 

Pour les rapports qui sont courts (ex. Malwarebytes, AD-R, USBFix, etc.), copiez/collez sur votre sujet

Une fois la désinfection terminée, mais pas avant:

désinstaller AD-Remover, lancez avec l'option D puis supprimer l'icône du bureau.

 

 

 

Télécharger AdwCleaner

Sous Vista et Windows 7-> Exécuter en tant qu'administrateur

 

Cliquez sur Recherche et postez le rapport généré C:\AdwCleaner[R1].txt

 

Nettoyage

Relancez AdwCleaner avec droits administrateur

Cliquez sur Suppression et postez le rapport C:\AdwCleaner[s1].txt

 

 

Télécharger Rogue Killer par Tigzy sur le bureau

Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur

Si le programme bloque, cliquez droit sur le lien ci-dessus->Enregistrer sous..

Dans la fenêtre qui s'ouvre renommez Roguekiller ->Winlogon.exe

Quittez tous tes programmes en cours et lancez le

Quand on vous le demande, tapez 1 et valider

Un rapport (RKreport.txt) apparait sur le bureau

montrant les processus infectieux

Copier/Coller le contenu dans la réponse

 

 

Relancez Rogue Killer

Nettoyage du registre Passer en Mode 2

Téléchargez MBAM

ICI

ou LA

Avant de lancer Mbam

Vous devez d'abord désactiver vos protections mais vous ne savez pas comment faire

Cliquer ici

Branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)

Exécuter avec droits d'administrateur.

Sous Vista , désactiver l'Uac

 

Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.

Enregistrez le sur le bureau .

Fermer toutes les fenêtres et programmes

Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)

N'apportez aucune modification aux réglages par défaut et, en fin d'installation,

Vérifiez que les options Update et Launch soient cochées

MBAM démarrera automatiquement et enverra un message demandant de mettre à jour le programme avant de lancer une analyse.

cliquer sur OK pour fermer la boîte de dialogue..

Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:

Si le pare-feu demande l'autorisation de connecter MBAM, acceptez.

Une fois la mise à jour terminée, allez dans l'onglet Recherche.

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

.L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Et un fichier Mbam.log apparaitra

 

 

Nettoyage

Relancez Mbam(Malewares'Bytes)

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

Copiez-collez ce rapport dans la prochaine réponse.

[roland57]

Ci dessous rapports Ad remover et Ad remover clean

 

 

====== RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF

 

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 21:20:31 le 06/11/2011, Mode normal

 

Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86)

Jérémy@PC-DE-JÉRÉMY (TOSHIBA Satellite L350)

 

============== RECHERCHE ==============

 

 

Dossier trouvé: C:\Program Files\Windows Searchqu Toolbar

 

Clé trouvée: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

 

 

============== SCAN ADDITIONNEL ==============

 

**** Mozilla Firefox Version [5.0 (fr)] ****

 

Plugins\NPCARDS.dll (Ganymede Technologies)

Plugins\npdeployJava1.dll (Oracle Corporation)

Plugins\npPandoWebInst.dll (Pando Networks)

HKLM_MozillaPlugins\@canalplus.fr/Assistants VOD,version=1.0.0.0 (x)

HKLM_MozillaPlugins\@checkpoint.com/FFApi (x)

HKLM_MozillaPlugins\@glowria.fr/FireVMGate (x)

HKLM_MozillaPlugins\Adobe Reader (x)

HKCU_MozillaPlugins\@megamedia/Megakey (x)

Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms})

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/)

Components\browsercomps.dll (Mozilla Foundation)

Extensions - "[email protected]" (?)

Extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} (Java Console)

 

-- C:\Users\Jérémy\AppData\Roaming\Mozilla\FireFox\Profiles\6u9moki1.default --

Extensions\[email protected] (Camfrog Web Plugin for Mozilla Firefox)

Searchplugins\aol-web-search.xml (?)

Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/)

Prefs.js - browser.download.lastDir, C:\\Users\\Jérémy\\Desktop

Prefs.js - browser.startup.homepage_override.buildID, 20110615151330

Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

 

========================================

 

**** Internet Explorer Version [9.0.8112.16421] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search Page - hxxp://home.microsoft.com/access/allinone.asp

HKCU_Main|Start Page - hxxp://www.google.fr/

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://www.msn.com/

HKLM_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (x)

HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "?" (?)

HKCU_SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} - "?" (?)

HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (x)

HKCU_Toolbar\WebBrowser|{B80F591E-FE9A-46CF-A13E-180377240586} (x)

HKCU_ElevationPolicy\{2A9B0B51-9E0B-4502-89FD-D236FBC71115} - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (x)

HKCU_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x)

HKCU_ElevationPolicy\{FB63194D-A154-41D1-BF8B-7A2875209630} - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (x)

HKLM_ElevationPolicy\056f5f46-afde-4006-b6f6-d554a9c716ee - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x)

HKLM_ElevationPolicy\47279b91-3041-4097-96c7-417e66908d73 - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x)

HKLM_ElevationPolicy\665d3d8b-875d-42f4-94a1-0e5f91cac1cd - C:\Program Files\ZoneAlarm_Security\ZoneAlarm_SecurityToolbarHelper.exe (x)

HKLM_ElevationPolicy\a1028f19-97e6-4d95-affe-07cbf22e3b7d - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x)

HKLM_ElevationPolicy\d876a5c4-ba0e-4564-b737-8fbe594196cc - C:\Program Files\DVDVideoSoft\DVDVideoSoftToolbarHelper.exe (x)

HKLM_ElevationPolicy\{0C5365B7-358F-402d-A440-F1270AEF1175} - C:\ProgramData\EmailNotifier\EmailNotifier.exe (?)

HKLM_ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1} - C:\Program Files\Java\jre7\bin\unpack200.exe (Oracle Corporation)

HKLM_ElevationPolicy\{44295CB8-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (?)

HKLM_ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} - C:\Program Files\Java\jre7\bin\jp2launcher.exe (Oracle Corporation)

HKLM_ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} - C:\Program Files\Java\jre7\bin\javaws.exe (Oracle Corporation)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x)

HKLM_ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} - C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe (?)

HKLM_ElevationPolicy\{BC9A3E0D-0FBC-4CEA-A1E4-80646404A8E5} - C:\Program Files\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?)

HKLM_ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} - C:\Program Files\Java\jre7\bin\ssvagent.exe (Oracle Corporation)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 0 Fichier(s)

 

C:\Ad-Report-SCAN[1].txt - 06/11/2011 21:20:52 (5497 Octet(s))

 

Fin à: 21:22:39, 06/11/2011

 

============== E.O.F ==============

 

====== RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF

 

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 21:23:23 le 06/11/2011, Mode normal

 

Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86)

Jérémy@PC-DE-JÉRÉMY (TOSHIBA Satellite L350)

 

============== ACTION(S) ==============

 

 

Dossier supprimé: C:\Program Files\Windows Searchqu Toolbar

 

(!) -- Fichiers temporaires supprimés.

 

 

Erreur suppression clé: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

 

 

============== SCAN ADDITIONNEL ==============

 

**** Mozilla Firefox Version [5.0 (fr)] ****

 

Plugins\NPCARDS.dll (Ganymede Technologies)

Plugins\npdeployJava1.dll (Oracle Corporation)

Plugins\npPandoWebInst.dll (Pando Networks)

HKLM_MozillaPlugins\@canalplus.fr/Assistants VOD,version=1.0.0.0 (x)

HKLM_MozillaPlugins\@checkpoint.com/FFApi (x)

HKLM_MozillaPlugins\@glowria.fr/FireVMGate (x)

HKLM_MozillaPlugins\Adobe Reader (x)

HKCU_MozillaPlugins\@megamedia/Megakey (x)

Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms})

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/)

Components\browsercomps.dll (Mozilla Foundation)

Extensions - "[email protected]" (?)

Extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} (Java Console)

 

-- C:\Users\Jérémy\AppData\Roaming\Mozilla\FireFox\Profiles\6u9moki1.default --

Extensions\[email protected] (Camfrog Web Plugin for Mozilla Firefox)

Searchplugins\aol-web-search.xml (?)

Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/)

Prefs.js - browser.download.lastDir, C:\\Users\\Jérémy\\Desktop

Prefs.js - browser.startup.homepage_override.buildID, 20110615151330

Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

 

========================================

 

**** Internet Explorer Version [9.0.8112.16421] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKLM_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (x)

HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "?" (?)

HKCU_SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} - "?" (?)

HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (x)

HKCU_Toolbar\WebBrowser|{B80F591E-FE9A-46CF-A13E-180377240586} (x)

HKCU_ElevationPolicy\{2A9B0B51-9E0B-4502-89FD-D236FBC71115} - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (x)

HKCU_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x)

HKCU_ElevationPolicy\{FB63194D-A154-41D1-BF8B-7A2875209630} - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (x)

HKLM_ElevationPolicy\056f5f46-afde-4006-b6f6-d554a9c716ee - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x)

HKLM_ElevationPolicy\47279b91-3041-4097-96c7-417e66908d73 - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x)

HKLM_ElevationPolicy\665d3d8b-875d-42f4-94a1-0e5f91cac1cd - C:\Program Files\ZoneAlarm_Security\ZoneAlarm_SecurityToolbarHelper.exe (x)

HKLM_ElevationPolicy\a1028f19-97e6-4d95-affe-07cbf22e3b7d - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x)

HKLM_ElevationPolicy\d876a5c4-ba0e-4564-b737-8fbe594196cc - C:\Program Files\DVDVideoSoft\DVDVideoSoftToolbarHelper.exe (x)

HKLM_ElevationPolicy\{0C5365B7-358F-402d-A440-F1270AEF1175} - C:\ProgramData\EmailNotifier\EmailNotifier.exe (?)

HKLM_ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1} - C:\Program Files\Java\jre7\bin\unpack200.exe (Oracle Corporation)

HKLM_ElevationPolicy\{44295CB8-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (?)

HKLM_ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} - C:\Program Files\Java\jre7\bin\jp2launcher.exe (Oracle Corporation)

HKLM_ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} - C:\Program Files\Java\jre7\bin\javaws.exe (Oracle Corporation)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x)

HKLM_ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} - C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe (?)

HKLM_ElevationPolicy\{BC9A3E0D-0FBC-4CEA-A1E4-80646404A8E5} - C:\Program Files\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?)

HKLM_ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} - C:\Program Files\Java\jre7\bin\ssvagent.exe (Oracle Corporation)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 517 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

 

C:\Ad-Report-CLEAN[1].txt - 06/11/2011 21:23:26 (5627 Octet(s))

C:\Ad-Report-SCAN[1].txt - 06/11/2011 21:20:52 (5635 Octet(s))

 

Fin à: 21:26:12, 06/11/2011

 

============== E.O.F ===========

[roland57]

Ci dessous rapports Ad remover et Ad remover clean

 

 

====== RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF

 

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 21:20:31 le 06/11/2011, Mode normal

 

Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86)

Jérémy@PC-DE-JÉRÉMY (TOSHIBA Satellite L350)

 

============== RECHERCHE ==============

 

 

Dossier trouvé: C:\Program Files\Windows Searchqu Toolbar

 

Clé trouvée: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

 

 

============== SCAN ADDITIONNEL ==============

 

**** Mozilla Firefox Version [5.0 (fr)] ****

 

Plugins\NPCARDS.dll (Ganymede Technologies)

Plugins\npdeployJava1.dll (Oracle Corporation)

Plugins\npPandoWebInst.dll (Pando Networks)

HKLM_MozillaPlugins\@canalplus.fr/Assistants VOD,version=1.0.0.0 (x)

HKLM_MozillaPlugins\@checkpoint.com/FFApi (x)

HKLM_MozillaPlugins\@glowria.fr/FireVMGate (x)

HKLM_MozillaPlugins\Adobe Reader (x)

HKCU_MozillaPlugins\@megamedia/Megakey (x)

Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms})

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/)

Components\browsercomps.dll (Mozilla Foundation)

Extensions - "[email protected]" (?)

Extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} (Java Console)

 

-- C:\Users\Jérémy\AppData\Roaming\Mozilla\FireFox\Profiles\6u9moki1.default --

Extensions\[email protected] (Camfrog Web Plugin for Mozilla Firefox)

Searchplugins\aol-web-search.xml (?)

Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/)

Prefs.js - browser.download.lastDir, C:\\Users\\Jérémy\\Desktop

Prefs.js - browser.startup.homepage_override.buildID, 20110615151330

Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

 

========================================

 

**** Internet Explorer Version [9.0.8112.16421] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search Page - hxxp://home.microsoft.com/access/allinone.asp

HKCU_Main|Start Page - hxxp://www.google.fr/

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://www.msn.com/

HKLM_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (x)

HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "?" (?)

HKCU_SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} - "?" (?)

HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (x)

HKCU_Toolbar\WebBrowser|{B80F591E-FE9A-46CF-A13E-180377240586} (x)

HKCU_ElevationPolicy\{2A9B0B51-9E0B-4502-89FD-D236FBC71115} - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (x)

HKCU_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x)

HKCU_ElevationPolicy\{FB63194D-A154-41D1-BF8B-7A2875209630} - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (x)

HKLM_ElevationPolicy\056f5f46-afde-4006-b6f6-d554a9c716ee - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x)

HKLM_ElevationPolicy\47279b91-3041-4097-96c7-417e66908d73 - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x)

HKLM_ElevationPolicy\665d3d8b-875d-42f4-94a1-0e5f91cac1cd - C:\Program Files\ZoneAlarm_Security\ZoneAlarm_SecurityToolbarHelper.exe (x)

HKLM_ElevationPolicy\a1028f19-97e6-4d95-affe-07cbf22e3b7d - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x)

HKLM_ElevationPolicy\d876a5c4-ba0e-4564-b737-8fbe594196cc - C:\Program Files\DVDVideoSoft\DVDVideoSoftToolbarHelper.exe (x)

HKLM_ElevationPolicy\{0C5365B7-358F-402d-A440-F1270AEF1175} - C:\ProgramData\EmailNotifier\EmailNotifier.exe (?)

HKLM_ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1} - C:\Program Files\Java\jre7\bin\unpack200.exe (Oracle Corporation)

HKLM_ElevationPolicy\{44295CB8-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (?)

HKLM_ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} - C:\Program Files\Java\jre7\bin\jp2launcher.exe (Oracle Corporation)

HKLM_ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} - C:\Program Files\Java\jre7\bin\javaws.exe (Oracle Corporation)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x)

HKLM_ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} - C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe (?)

HKLM_ElevationPolicy\{BC9A3E0D-0FBC-4CEA-A1E4-80646404A8E5} - C:\Program Files\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?)

HKLM_ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} - C:\Program Files\Java\jre7\bin\ssvagent.exe (Oracle Corporation)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 0 Fichier(s)

 

C:\Ad-Report-SCAN[1].txt - 06/11/2011 21:20:52 (5497 Octet(s))

 

Fin à: 21:22:39, 06/11/2011

 

============== E.O.F ==============

 

====== RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF

 

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 21:23:23 le 06/11/2011, Mode normal

 

Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86)

Jérémy@PC-DE-JÉRÉMY (TOSHIBA Satellite L350)

 

============== ACTION(S) ==============

 

 

Dossier supprimé: C:\Program Files\Windows Searchqu Toolbar

 

(!) -- Fichiers temporaires supprimés.

 

 

Erreur suppression clé: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

 

 

============== SCAN ADDITIONNEL ==============

 

**** Mozilla Firefox Version [5.0 (fr)] ****

 

Plugins\NPCARDS.dll (Ganymede Technologies)

Plugins\npdeployJava1.dll (Oracle Corporation)

Plugins\npPandoWebInst.dll (Pando Networks)

HKLM_MozillaPlugins\@canalplus.fr/Assistants VOD,version=1.0.0.0 (x)

HKLM_MozillaPlugins\@checkpoint.com/FFApi (x)

HKLM_MozillaPlugins\@glowria.fr/FireVMGate (x)

HKLM_MozillaPlugins\Adobe Reader (x)

HKCU_MozillaPlugins\@megamedia/Megakey (x)

Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms})

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/)

Components\browsercomps.dll (Mozilla Foundation)

Extensions - "[email protected]" (?)

Extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} (Java Console)

 

-- C:\Users\Jérémy\AppData\Roaming\Mozilla\FireFox\Profiles\6u9moki1.default --

Extensions\[email protected] (Camfrog Web Plugin for Mozilla Firefox)

Searchplugins\aol-web-search.xml (?)

Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/)

Prefs.js - browser.download.lastDir, C:\\Users\\Jérémy\\Desktop

Prefs.js - browser.startup.homepage_override.buildID, 20110615151330

Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

 

========================================

 

**** Internet Explorer Version [9.0.8112.16421] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKLM_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (x)

HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "?" (?)

HKCU_SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} - "?" (?)

HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (x)

HKCU_Toolbar\WebBrowser|{B80F591E-FE9A-46CF-A13E-180377240586} (x)

HKCU_ElevationPolicy\{2A9B0B51-9E0B-4502-89FD-D236FBC71115} - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (x)

HKCU_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x)

HKCU_ElevationPolicy\{FB63194D-A154-41D1-BF8B-7A2875209630} - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (x)

HKLM_ElevationPolicy\056f5f46-afde-4006-b6f6-d554a9c716ee - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x)

HKLM_ElevationPolicy\47279b91-3041-4097-96c7-417e66908d73 - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x)

HKLM_ElevationPolicy\665d3d8b-875d-42f4-94a1-0e5f91cac1cd - C:\Program Files\ZoneAlarm_Security\ZoneAlarm_SecurityToolbarHelper.exe (x)

HKLM_ElevationPolicy\a1028f19-97e6-4d95-affe-07cbf22e3b7d - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x)

HKLM_ElevationPolicy\d876a5c4-ba0e-4564-b737-8fbe594196cc - C:\Program Files\DVDVideoSoft\DVDVideoSoftToolbarHelper.exe (x)

HKLM_ElevationPolicy\{0C5365B7-358F-402d-A440-F1270AEF1175} - C:\ProgramData\EmailNotifier\EmailNotifier.exe (?)

HKLM_ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1} - C:\Program Files\Java\jre7\bin\unpack200.exe (Oracle Corporation)

HKLM_ElevationPolicy\{44295CB8-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (?)

HKLM_ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} - C:\Program Files\Java\jre7\bin\jp2launcher.exe (Oracle Corporation)

HKLM_ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} - C:\Program Files\Java\jre7\bin\javaws.exe (Oracle Corporation)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x)

HKLM_ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} - C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe (?)

HKLM_ElevationPolicy\{BC9A3E0D-0FBC-4CEA-A1E4-80646404A8E5} - C:\Program Files\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?)

HKLM_ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} - C:\Program Files\Java\jre7\bin\ssvagent.exe (Oracle Corporation)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 517 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

 

C:\Ad-Report-CLEAN[1].txt - 06/11/2011 21:23:26 (5627 Octet(s))

C:\Ad-Report-SCAN[1].txt - 06/11/2011 21:20:52 (5635 Octet(s))

 

Fin à: 21:26:12, 06/11/2011

 

============== E.O.F ===========

[roland57]

Les fichiers AdwCleaner

 

 

# AdwCleaner v1.317 - Rapport créé le 06/11/2011 à 21:34:15

# Mis à jour le 06/11/11 à 14h par Xplode

# Système d'exploitation : Windows Vista Home Basic Service Pack 2 (32 bits)

# Nom d'utilisateur : Jérémy - PC-DE-JÉRÉMY (Administrateur)

# Exécuté depuis : C:\Users\Jérémy\Documents\Downloads\Downloads\adwcleaner0.exe

# Option [Recherche]

 

 

***** [services] *****

 

 

***** [Fichiers / Dossiers] *****

 

Dossier Présent : C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\searchqutoolbar

Fichier Présent : C:\Program Files\Mozilla Firefox\extensions\[email protected]

Fichier Présent : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

Fichier Présent : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml

Fichier Présent : C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\searchplugins\SearchResults.xml

 

***** [Registre] *****

 

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.DllInfo

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.Tools

Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}

Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

Clé Présente : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

 

***** [Navigateurs] *****

 

-\\ Internet Explorer v9.0.8112.16421

 

[OK] Le registre ne contient aucune entrée illégitime.

 

-\\ Mozilla Firefox v5.0 (fr)

 

Profil : 6u9moki1.default

Fichier : C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\prefs.js

 

[OK] Le fichier ne contient aucune entrée illégitime.

 

-\\ Google Chrome v [impossible d'obtenir la version]

 

Fichier : C:\Users\Jérémy\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] Le fichier ne contient aucune entrée illégitime.

 

*************************

 

AdwCleaner[R1].txt - [2381 octets] - [06/11/2011 21:34:15]

 

########## EOF - C:\AdwCleaner[R1].txt - [2509 octets] ##########

 

# AdwCleaner v1.317 - Rapport créé le 06/11/2011 à 21:35:49

# Mis à jour le 06/11/11 à 14h par Xplode

# Système d'exploitation : Windows Vista Home Basic Service Pack 2 (32 bits)

# Nom d'utilisateur : Jérémy - PC-DE-JÉRÉMY (Administrateur)

# Exécuté depuis : C:\Users\Jérémy\Documents\Downloads\Downloads\adwcleaner0.exe

# Option [suppression]

 

 

***** [services] *****

 

 

***** [Fichiers / Dossiers] *****

 

Dossier Supprimé : C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\searchqutoolbar

Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml

Fichier Supprimé : C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\searchplugins\SearchResults.xml

 

***** [Registre] *****

 

Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.DllInfo

Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF

Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor

Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine

Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText

Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.Tools

Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}

Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

 

***** [Navigateurs] *****

 

-\\ Internet Explorer v9.0.8112.16421

 

[OK] Le registre ne contient aucune entrée illégitime.

 

-\\ Mozilla Firefox v5.0 (fr)

 

Profil : 6u9moki1.default

Fichier : C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\prefs.js

 

C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\user.js ... Supprimé !

 

[OK] Le fichier ne contient aucune entrée illégitime.

 

-\\ Google Chrome v [impossible d'obtenir la version]

 

Fichier : C:\Users\Jérémy\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] Le fichier ne contient aucune entrée illégitime.

 

*************************

 

AdwCleaner[R1].txt - [2510 octets] - [06/11/2011 21:34:15]

AdwCleaner[s1].txt - [2346 octets] - [06/11/2011 21:35:49]

 

*************************

 

Dossier Temporaire : 4 dossier(s)et 2 fichier(s) supprimés

 

########## EOF - C:\AdwCleaner[s1].txt - [2565 octets] ##########

[roland57]

Le rapport RogueKiller

 

RogueKiller V6.1.7 [05/11/2011] par Tigzy

mail: tigzyRK<at>gmail<dot>com

Remontees: [RogueKiller] Remontées (1/37)

Blog: tigzy-RK

 

Systeme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 32 bits version

Demarrage : Mode normal

Utilisateur: Jérémy [Droits d'admin]

Mode: Recherche -- Date : 06/11/2011 21:47:28

 

¤¤¤ Processus malicieux: 0 ¤¤¤

 

¤¤¤ Entrees de registre: 3 ¤¤¤

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

 

¤¤¤ Driver: [LOADED] ¤¤¤

 

¤¤¤ Infection : ¤¤¤

 

¤¤¤ Fichier HOSTS: ¤¤¤

127.0.0.1 localhost

::1 localhost

 

 

Termine : << RKreport[1].txt >>

RKreport[1].txt

[pear]

Bonjour,

 

Ca parait bon.

 

Encore quelque chose ?

[roland57]

Bonjour

 

Oui fonctionnne mieux sauf que je n'ai pas accès à options des dossiers.

Merci de votre intervention