A voir également:
- Redirections + nouveau virus
- Nouveau site coco chat - Accueil - Réseaux sociaux
- Nouveau outlook - Accueil - Mail
- Comment créer un nouveau groupe sur whatsapp - Guide
- Site coco, m'identifiez comme pays etranger - Forum Réseaux sociaux
- Message virus iphone site adulte - Forum iPhone
8 réponses
Utilisateur anonyme
9 avril 2011 à 20:54
9 avril 2011 à 20:54
Bonsoir
Inscris toi avant tout ,sinon je ne pourrais lire ce rapport demandé.
Pour de plus amples informations, fait ceci stp
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Serveur N°2
Ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
en bas de la page ZHP avec un numéro de version.
Une fois le téléchargement achevé, dé zippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.
Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit « exécuter en tant que administrateur »
Clique sur la loupe pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien :
http://www.cijoint.fr/index.php
http://pjjoint.malekal.com/
Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Merci
A+
Inscris toi avant tout ,sinon je ne pourrais lire ce rapport demandé.
Pour de plus amples informations, fait ceci stp
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Serveur N°2
Ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
en bas de la page ZHP avec un numéro de version.
Une fois le téléchargement achevé, dé zippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.
Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit « exécuter en tant que administrateur »
Clique sur la loupe pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien :
http://www.cijoint.fr/index.php
http://pjjoint.malekal.com/
Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Merci
A+
lebelou
Messages postés
4
Date d'inscription
samedi 9 avril 2011
Statut
Membre
Dernière intervention
10 avril 2011
9 avril 2011 à 21:03
9 avril 2011 à 21:03
Merci pour ton aide.
Voici le fichier : http://www.cijoint.fr/cjlink.php?file=cj201104/cijbEAQBmg.txt
Voici le fichier : http://www.cijoint.fr/cjlink.php?file=cj201104/cijbEAQBmg.txt
Utilisateur anonyme
9 avril 2011 à 21:20
9 avril 2011 à 21:20
Re
1)* Télécharge Ad-remover ( de C_XX ) sur ton bureau :
http://www.teamxscript.org/adremoverTelechargement.html
! Déconnecte toi et ferme toutes applications en cours !
* Double clique ou clic droit (exécuter en tant que admin...sur Vista et Windows7) sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut.
* Double-clique ou clic droit (exécuter en tant que admin...sur Vista et Windows 7) sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
* Au menu principal choisis l'option "Nettoyer"
et sur [entrée] .
* Laisse travailler l'outil et ne touche à rien ...
--> Poste le rapport qui apparaît à la fin , sur le forum ...
( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Les toolbars, c'est pas obligatoire ( par Malekal ) :https://forum.malekal.com/viewtopic.php?t=6173&start=
2)Télécharge Malwaresbytes anti malware ici
http://www.malwarebytes.org/mbam.php
Bouton »Download free version »
* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
(cela dis, il est très simple d'utilisation).
relance Malwaresbytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's. Sous Vista et Seven (clic droit de la souris « exécuter en tant que administrateur »)
Fais un examen dit "Complet"
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)
Poste les rapports au fur et à mesure;merci.
@+
1)* Télécharge Ad-remover ( de C_XX ) sur ton bureau :
http://www.teamxscript.org/adremoverTelechargement.html
! Déconnecte toi et ferme toutes applications en cours !
* Double clique ou clic droit (exécuter en tant que admin...sur Vista et Windows7) sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut.
* Double-clique ou clic droit (exécuter en tant que admin...sur Vista et Windows 7) sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
* Au menu principal choisis l'option "Nettoyer"
et sur [entrée] .
* Laisse travailler l'outil et ne touche à rien ...
--> Poste le rapport qui apparaît à la fin , sur le forum ...
( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Les toolbars, c'est pas obligatoire ( par Malekal ) :https://forum.malekal.com/viewtopic.php?t=6173&start=
2)Télécharge Malwaresbytes anti malware ici
http://www.malwarebytes.org/mbam.php
Bouton »Download free version »
* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
(cela dis, il est très simple d'utilisation).
relance Malwaresbytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's. Sous Vista et Seven (clic droit de la souris « exécuter en tant que administrateur »)
Fais un examen dit "Complet"
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)
Poste les rapports au fur et à mesure;merci.
@+
lebelou
Messages postés
4
Date d'inscription
samedi 9 avril 2011
Statut
Membre
Dernière intervention
10 avril 2011
9 avril 2011 à 22:10
9 avril 2011 à 22:10
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 08/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:06:27 le 09/04/2011, Mode normal
Microsoft Windows 7 Édition Intégrale (X86)
Didier@PC-DIDIER (Hewlett-Packard Compaq Presario CQ70 Notebook PC)
============== ACTION(S) ==============
Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everest Poker
Dossier supprimé: C:\Program Files\Everest Poker
Dossier supprimé: C:\Program Files\AutocompletePro
Dossier supprimé: C:\Users\Didier\AppData\LocalLow\Hotbar
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\Grand Virtual
Clé supprimée: HKCU\Software\AppDataLow\Software\Hotbar
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|Hotbar 11.0.175.0
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.6.16 (fr)] ****
Searchplugins\acpro.xml ( hxxp://search.autocompletepro.com?si=10203&q={searchTerms}/)
-- C:\Users\Didier\AppData\Roaming\Mozilla\FireFox\Profiles\ak9d41er.default --
Prefs.js - browser.download.lastDir, C:\\Users\\Didier\\Desktop
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{A7BC8449-F019-4C94-B549-CDC59F7669C5} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Web Search" (hxxp://search.autocompletepro.com/?si=10203&bi=400&q={searchTerms})
HKLM_SearchScopes\{A7BC8449-F019-4C94-B549-CDC59F7669C5} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
HKCU_ElevationPolicy\{974C34A4-7FB0-4F2F-AA02-655E0CCCA662} - C:\Users\Didier\AppData\Local\Yahoo!\BrowserPlus\2.6.0\BrowserPlusCore.exe (x)
HKCU_ElevationPolicy\{D09C464F-07DE-4C04-ABB4-88C30329C02D} - C:\Users\Didier\AppData\Local\Yahoo!\BrowserPlus\2.5.1\BrowserPlusCore.exe (x)
HKCU_ElevationPolicy\{F6406B2D-39A7-4566-A174-E19DDD818A95} - C:\Users\Didier\AppData\Local\Yahoo!\BrowserPlus\2.4.21\BrowserPlusCore.exe (x)
HKCU_ElevationPolicy\{FDBA56A8-8FA7-41A3-97F4-A094019C4178} - C:\Users\Didier\AppData\Local\Yahoo!\BrowserPlus\2.4.17\BrowserPlusCore.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\system32\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\system32\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
========================================
C:\Program Files\Ad-Remover\Quarantine: 247 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 09/04/2011 22:06:37 (3899 Octet(s))
Fin à: 22:07:32, 09/04/2011
============== E.O.F ==============
Mis à jour par TeamXscript le 08/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:06:27 le 09/04/2011, Mode normal
Microsoft Windows 7 Édition Intégrale (X86)
Didier@PC-DIDIER (Hewlett-Packard Compaq Presario CQ70 Notebook PC)
============== ACTION(S) ==============
Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everest Poker
Dossier supprimé: C:\Program Files\Everest Poker
Dossier supprimé: C:\Program Files\AutocompletePro
Dossier supprimé: C:\Users\Didier\AppData\LocalLow\Hotbar
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\Grand Virtual
Clé supprimée: HKCU\Software\AppDataLow\Software\Hotbar
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|Hotbar 11.0.175.0
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.6.16 (fr)] ****
Searchplugins\acpro.xml ( hxxp://search.autocompletepro.com?si=10203&q={searchTerms}/)
-- C:\Users\Didier\AppData\Roaming\Mozilla\FireFox\Profiles\ak9d41er.default --
Prefs.js - browser.download.lastDir, C:\\Users\\Didier\\Desktop
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{A7BC8449-F019-4C94-B549-CDC59F7669C5} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Web Search" (hxxp://search.autocompletepro.com/?si=10203&bi=400&q={searchTerms})
HKLM_SearchScopes\{A7BC8449-F019-4C94-B549-CDC59F7669C5} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
HKCU_ElevationPolicy\{974C34A4-7FB0-4F2F-AA02-655E0CCCA662} - C:\Users\Didier\AppData\Local\Yahoo!\BrowserPlus\2.6.0\BrowserPlusCore.exe (x)
HKCU_ElevationPolicy\{D09C464F-07DE-4C04-ABB4-88C30329C02D} - C:\Users\Didier\AppData\Local\Yahoo!\BrowserPlus\2.5.1\BrowserPlusCore.exe (x)
HKCU_ElevationPolicy\{F6406B2D-39A7-4566-A174-E19DDD818A95} - C:\Users\Didier\AppData\Local\Yahoo!\BrowserPlus\2.4.21\BrowserPlusCore.exe (x)
HKCU_ElevationPolicy\{FDBA56A8-8FA7-41A3-97F4-A094019C4178} - C:\Users\Didier\AppData\Local\Yahoo!\BrowserPlus\2.4.17\BrowserPlusCore.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\system32\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\system32\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
========================================
C:\Program Files\Ad-Remover\Quarantine: 247 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 09/04/2011 22:06:37 (3899 Octet(s))
Fin à: 22:07:32, 09/04/2011
============== E.O.F ==============
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
lebelou
Messages postés
4
Date d'inscription
samedi 9 avril 2011
Statut
Membre
Dernière intervention
10 avril 2011
9 avril 2011 à 23:11
9 avril 2011 à 23:11
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6320
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
09/04/2011 23:11:14
mbam-log-2011-04-09 (23-11-14).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 275925
Temps écoulé: 47 minute(s), 35 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\Windows\System32\C_8582.dll (Trojan.Agent) -> Quarantined and deleted successfully.
www.malwarebytes.org
Version de la base de données: 6320
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
09/04/2011 23:11:14
mbam-log-2011-04-09 (23-11-14).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 275925
Temps écoulé: 47 minute(s), 35 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\Windows\System32\C_8582.dll (Trojan.Agent) -> Quarantined and deleted successfully.
Utilisateur anonyme
10 avril 2011 à 08:45
10 avril 2011 à 08:45
Bonjour
As tu encore des soucis?
Poste moi un nouveau rapport ZHPDiag;merci
@+
As tu encore des soucis?
Poste moi un nouveau rapport ZHPDiag;merci
@+
lebelou
Messages postés
4
Date d'inscription
samedi 9 avril 2011
Statut
Membre
Dernière intervention
10 avril 2011
10 avril 2011 à 21:16
10 avril 2011 à 21:16
Effectivement, ça a l'air de mieux fonctionner.
Je te joins le log ZHP.
Rapport de ZHPDiag v1.27.1864 par Nicolas Coolman, Update du 08/04/2011
Run by Didier at 10/04/2011 21:04:14
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox v3.6.16 (fr) (Defaut)
---\\ System Information
Windows 7 Ultimate Edition, 32-bit (Build 7600)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1979 MB (59% free)
System Restore: Désactivé (Disabled)
System drive C: has 82 GB (59%) free of 139 GB
---\\ Logged in mode
Computer Name: PC-DIDIER
User Name: Didier
All Users Names: HomeGroupUser$, Didier, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=C:\Users\Didier\AppData\Roaming
%LocalAppData%=C:\Users\Didier\AppData\Local
%StartMenu%=C:\Users\Didier\AppData\Roaming\Microsoft\Windows\Start Menu
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 82 Go of 139 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 10 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
---\\ Recherche particulière de fichiers génériques
[MD5.B95EEB0F4E5EFBF1038A35B3351CF047] - (.Microsoft Corporation - Explorateur Windows.) (.03/08/2009 06:35:50.) -- C:\Windows\Explorer.exe [2613248]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]
[MD5.0D874F3BC751CC2198AF2E6783FB8B35] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/07/2009 02:16:19.) -- C:\Windows\system32\wininet.dll [977920]
[MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Winlogon.exe [285696]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 02:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 02:20:44.) -- C:\Windows\system32\drivers\ntfs.sys [1210432]
---\\ Processus lancés
[MD5.AE567D261D281B51BE55E53A786E8574] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896]
[MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [54840]
[MD5.8CB896C573FD15AE8B13180DA53E93D2] - (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752]
[MD5.F7CF218E5CAA6FC0BB55791AD31E2B3F] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032]
[MD5.639B783F5BC546D8D9662881730AFF9B] - (.Adobe Systems Incorporated - AAM Updates Notifier Application.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe [310224]
[MD5.A8AD97956A0F4408CB3AA03EDD2B8BC1] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552]
[MD5.0CFBE2D135A73CA98381FC8CC8BC5A03] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]
[MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3451496]
[MD5.4A9295C9BE22739D030AB072E9A0B169] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392]
[MD5.6D0EF984DA630251AD18888D2449FEBB] - (.Pas de propriétaire - Lanceur pour Mods FreePlayer.) -- C:\Program Files\EasyBox\EasyBox.exe [499699]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe [255536]
[MD5.1EDC4865C8003A0251956835273904B1] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe [685360]
[MD5.08C5BDAC2038D7B3A450A45BD8ED43DC] - (...) -- C:\Program Files\EasyBox\VLC\VLC.exe [93184]
[MD5.FB784E1B24CD06EEC019F26EF79527AC] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [642560]
---\\ Opera, Plugins,Démarrage,Recherche (P1,B0,B1)
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin2.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin3.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin4.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin5.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin6.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin7.dll
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\acpro.xml
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.1".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.5] - (.the VideoLAN Team - Version 1.1.5, copyright 1996-2010 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
M0 - MFSP: prefs.js [Didier - ak9d41er.default] https://www.google.fr/?gws_rd=ssl
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-3086759580-2372390923-3361958748-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdatePDIRShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [LanceurEasyBox] . (.Pas de propriétaire - Lanceur pour Mods FreePlayer.) -- C:\Program Files\EasyBox\EasyBox.exe
O4 - HKCU\..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-3086759580-2372390923-3361958748-1000\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKUS\S-1-5-21-3086759580-2372390923-3361958748-1000\..\Run: [LanceurEasyBox] . (.Pas de propriétaire - Lanceur pour Mods FreePlayer.) -- C:\Program Files\EasyBox\EasyBox.exe
O4 - HKUS\S-1-5-21-3086759580-2372390923-3361958748-1000\..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (.not file.)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk . (.McAfee, Inc..) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Didier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Didier\Desktop\AD-R.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\Didier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Didier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype add-on for Internet Explorer - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B5A7D1F8-EF27-490C-A5B1-C9A9E14DC82A}: NameServer = 213.230.155.10 213.230.129.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{B5A7D1F8-EF27-490C-A5B1-C9A9E14DC82A}: NameServer = 213.230.155.10 213.230.129.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{B5A7D1F8-EF27-490C-A5B1-C9A9E14DC82A}: NameServer = 213.230.155.10 213.230.129.10
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E92F240-0E09-4CCE-9E31-EE8EBFEE2C1C}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\..\{B4436E77-722E-418D-8523-5DC61BC32EBA}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{5E92F240-0E09-4CCE-9E31-EE8EBFEE2C1C}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{B4436E77-722E-418D-8523-5DC61BC32EBA}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{5E92F240-0E09-4CCE-9E31-EE8EBFEE2C1C}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{B4436E77-722E-418D-8523-5DC61BC32EBA}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P. - Com for QLB application.) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: (EasyBoxApache) . (.Apache Software Foundation - Apache HTTP Server.) - C:\Program Files\EasyBox\Apache\Apache.exe
O23 - Service: (hpqwmiex) . (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: (McComponentHostService) . (.McAfee, Inc. - Component Host Service.) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) - Clé orpheline
O23 - Service: (Recovery Service for Windows) . (.Pas de propriétaire - STServices.) - C:\Program Files\SMINST\BLService.exe
O23 - Service: (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: (SwitchBoard) . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Ufgjssqv.job
[MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-PC-Didier-Didier] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
[MD5.47B88569510E8457DFDB6DE86707E7B9] [APT] [{466F7627-03A2-452C-B5CD-F43E29ADBEC8}] (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
[MD5.70B6D0C45256B688B7DBC10E922FB402] [APT] [{5E0205F7-D81E-476D-8D0C-D2E9C4223302}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {15FEDA5F-141C-4127-8D7E-B962D1742728}
O42 - Logiciel: Adobe Photoshop Lightroom 3 - (.Adobe.) [HKLM] -- {23DD8A17-65DB-4D49-A2E0-164C6F460E3F}
O42 - Logiciel: Adobe Reader 9.4.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- {AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKLM] -- BitTorrent
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8}
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Chiavetta Internet - (.Huawei Technologies Co.,Ltd.) [HKLM] -- Chiavetta Internet
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1
O42 - Logiciel: ESU for Microsoft Vista - (.Hewlett-Packard.) [HKLM] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}
O42 - Logiciel: EasyBox v4.0 - (.Pas de propriétaire.) [HKLM] -- {8CEF96CD-AC32-4DA7-A1B0-CD09BE9AF488}_is1
O42 - Logiciel: HP Doc Viewer - (.Hewlett-Packard.) [HKLM] -- {082702D5-5DD8-4600-BCE5-48B15174687F}
O42 - Logiciel: HP Help and Support - (.Hewlett-Packard Company.) [HKLM] -- {0054A0F6-00C9-4498-B821-B5C9578F433E}
O42 - Logiciel: HP Quick Launch Buttons 6.40 H2 - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
O42 - Logiciel: HP User Guides 0118 - (.Hewlett-Packard.) [HKLM] -- {B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}
O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {9ADABDDE-9644-461B-9E73-83FA3EFCAB50}
O42 - Logiciel: ImageMagick 6.6.7-1 Q16 (2011-01-15) - (.ImageMagick Studio LLC.) [HKLM] -- ImageMagick 6.6.7 Q16_is1
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Java(TM) 6 Update 23 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216023FF}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: LightScribe System Software 1.14.17.1 - (.LightScribe.) [HKLM] -- {0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher 2007 - (.Microsoft Corporation.) [HKLM] -- PUBLISHERR
O42 - Logiciel: Microsoft Office Publisher 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-0019-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft_VC80_ATL_x86 - (.Adobe.) [HKLM] -- {0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
O42 - Logiciel: Microsoft_VC80_CRT_x86 - (.Adobe.) [HKLM] -- {92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
O42 - Logiciel: Microsoft_VC80_MFCLOC_x86 - (.Adobe.) [HKLM] -- {D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
O42 - Logiciel: Microsoft_VC80_MFC_x86 - (.Adobe.) [HKLM] -- {D1A19B02-817E-4296-A45B-07853FD74D57}
O42 - Logiciel: Microsoft_VC90_ATL_x86 - (.Adobe.) [HKLM] -- {033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Adobe.) [HKLM] -- {08D2E121-7F6A-43EB-97FD-629B44903403}
O42 - Logiciel: Microsoft_VC90_MFC_x86 - (.Adobe.) [HKLM] -- {635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Movies2iPhone .74b - (.OK Prods Ltd.) [HKLM] -- Movies2iPhone
O42 - Logiciel: Mozilla Firefox (3.6.16) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.16)
O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] -- {0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}
O42 - Logiciel: Photomatix Pro version 3.0 - (.HDRsoft Sarl.) [HKLM] -- PhotomatixPro3_is1
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {981029E0-7FC9-4CF3-AB39-6F133621921A}
O42 - Logiciel: Skype(TM) 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {2A697B53-0DE3-42DA-B41D-C3F804B1C538}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AOL]
[HKCU\Software\AVAST Software]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe Lightroom]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BST]
[HKCU\Software\Big Fish Games, Inc]
[HKCU\Software\Big Fish Games]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DVD Shrink]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EasyBox]
[HKCU\Software\GNU]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\InstallShield]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\LightScribe]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Muvee)]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MimarSinan]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\MultimediaPhoto]
[HKCU\Software\NTCCEQWNQO]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Opera Software]
[HKCU\Software\Policies]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Research In Motion]
[HKCU\Software\Roxio]
[HKCU\Software\Skype]
[HKCU\Software\Sonic Solutions]
[HKCU\Software\Sonic]
[HKCU\Software\Synaptics]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKLM\Software\<company>]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Audible]
[HKLM\Software\Big Fish Games]
[HKLM\Software\CXT]
[HKLM\Software\Canneverbe Limited]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conexant Systems Inc ]
[HKLM\Software\Conexant]
[HKLM\Software\Cyberlink]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\EasyBits]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\HPQLOG]
[HKLM\Software\HPQ]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Huawei technologies]
[HKLM\Software\ImageMagick]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NTCCEQWNQO]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\P2G_Upgrade]
[HKLM\Software\PDR_Upgrade]
[HKLM\Software\Policies]
[HKLM\Software\QATestSystem]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek USB 2.0 Card Reader]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\UCAM_Upgrade]
[HKLM\Software\VideoLAN]
[HKLM\Software\WOW6432Node]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Yahoo]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/04/2011 - 22:06:28 - [96723541] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 22/11/2010 - 16:13:08 - [866142249] ----D- C:\Program Files\Adobe
O43 - CFD: 30/04/2010 - 15:37:32 - [1793179660] ----D- C:\Program Files\Adobe Photoshop CS5 Extended Edition
O43 - CFD: 20/03/2011 - 21:40:08 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 09/04/2011 - 23:08:58 - [151291056] ----D- C:\Program Files\AVAST Software
O43 - CFD: 05/04/2011 - 10:48:56 - [857521] ----D- C:\Program Files\BitTorrent
O43 - CFD: 20/03/2011 - 21:39:28 - [617126] ----D- C:\Program Files\Bonjour
O43 - CFD: 24/03/2011 - 21:49:28 - [14164882] ----D- C:\Program Files\CDBurnerXP
O43 - CFD: 25/02/2011 - 17:08:32 - [24620357] ----D- C:\Program Files\Chiavetta Internet
O43 - CFD: 02/02/2011 - 22:39:52 - [732002187] ----D- C:\Program Files\Common Files
O43 - CFD: 17/10/2009 - 00:59:08 - [8986455] ----D- C:\Program Files\CONEXANT
O43 - CFD: 10/11/2010 - 22:02:58 - [748090138] ----D- C:\Program Files\CyberLink
O43 - CFD: 16/06/2010 - 23:06:32 - [1373018] ----D- C:\Program Files\DivX
O43 - CFD: 14/07/2009 - 11:01:32 - [83226132] ----D- C:\Program Files\DVD Maker
O43 - CFD: 18/10/2009 - 12:13:04 - [979654] ----D- C:\Program Files\DVD Shrink
O43 - CFD: 17/10/2009 - 01:00:50 - [76061455] ----D- C:\Program Files\EasyBits For Kids
O43 - CFD: 29/11/2010 - 13:41:58 - [210092767] ----D- C:\Program Files\EasyBox
O43 - CFD: 17/10/2009 - 01:26:40 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 03/02/2011 - 00:13:06 - [0] ----D- C:\Program Files\Google
O43 - CFD: 10/11/2010 - 22:05:24 - [133488738] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 10/11/2010 - 22:06:46 - [3943129] ----D- C:\Program Files\HP
O43 - CFD: 21/01/2011 - 00:09:54 - [51826361] ----D- C:\Program Files\ImageMagick-6.6.7-Q16
O43 - CFD: 10/11/2010 - 22:06:46 - [119155750] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 17/10/2009 - 01:05:12 - [64745] ----D- C:\Program Files\Intel
O43 - CFD: 22/11/2010 - 16:06:56 - [5813167] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 20/03/2011 - 22:05:46 - [1856627] ----D- C:\Program Files\iPod
O43 - CFD: 20/03/2011 - 22:06:16 - [127660511] ----D- C:\Program Files\iTunes
O43 - CFD: 29/12/2010 - 17:41:00 - [173720709] ----D- C:\Program Files\Java
O43 - CFD: 17/10/2009 - 14:53:16 - [16664352] ----D- C:\Program Files\JRE
O43 - CFD: 09/04/2011 - 23:13:42 - [4931883] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 22/06/2010 - 18:03:42 - [9453898] ----D- C:\Program Files\McAfee Security Scan
O43 - CFD: 14/07/2009 - 11:01:22 - [147812402] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 29/01/2010 - 14:57:08 - [278511573] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 29/01/2010 - 14:57:20 - [3331792] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 29/01/2010 - 14:56:48 - [8152064] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 25/03/2010 - 01:36:50 - [10116620] ----D- C:\Program Files\Movies2iPhone
O43 - CFD: 23/03/2011 - 21:49:42 - [31518633] --H-D- C:\Program Files\Mozilla Firefox
O43 - CFD: 14/07/2009 - 06:52:32 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 16/10/2009 - 20:54:56 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 17/10/2009 - 01:05:22 - [18764189] R---D- C:\Program Files\Online Services
O43 - CFD: 17/10/2009 - 14:53:14 - [377841238] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 22/11/2010 - 14:38:52 - [1122625] ----D- C:\Program Files\Opera
O43 - CFD: 27/08/2010 - 19:55:52 - [8657112] ----D- C:\Program Files\PhotomatixPro3
O43 - CFD: 20/03/2011 - 21:41:06 - [76322555] ----D- C:\Program Files\QuickTime
O43 - CFD: 17/10/2009 - 01:05:22 - [1588785] ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 06:52:32 - [38593281] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 24/03/2010 - 21:25:02 - [0] ----D- C:\Program Files\Research In Motion
O43 - CFD: 30/08/2010 - 19:25:10 - [38378187] R---D- C:\Program Files\Skype
O43 - CFD: 17/10/2009 - 01:05:26 - [28360879] ----D- C:\Program Files\SMINST
O43 - CFD: 17/10/2009 - 00:55:02 - [14672316] ----D- C:\Program Files\Synaptics
O43 - CFD: 14/07/2009 - 06:53:24 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 26/11/2010 - 15:41:50 - [80691317] ----D- C:\Program Files\VideoLAN
O43 - CFD: 16/06/2010 - 23:04:36 - [0] ----D- C:\Program Files\Webteh
O43 - CFD: 17/10/2009 - 01:05:26 - [0] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 17/10/2009 - 01:05:26 - [0] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 14/07/2009 - 10:39:40 - [3049984] ----D- C:\Program Files\Windows Defender
O43 - CFD: 14/07/2009 - 11:01:30 - [7013496] ----D- C:\Program Files\Windows Journal
O43 - CFD: 14/07/2009 - 10:39:40 - [6180864] ----D- C:\Program Files\Windows Mail
O43 - CFD: 21/10/2009 - 22:31:26 - [6607787] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 17/10/2009 - 01:26:40 - [12194484] ----D- C:\Program Files\Windows NT
O43 - CFD: 17/10/2009 - 01:05:26 - [0] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 14/07/2009 - 10:39:40 - [4417800] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 06:52:34 - [189440] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 14/07/2009 - 10:39:40 - [10712014] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 02/02/2010 - 22:30:50 - [3724337] ----D- C:\Program Files\WinRAR
O43 - CFD: 10/04/2011 - 21:04:52 - [4779436] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 22/11/2010 - 16:13:10 - [320112360] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 20/03/2011 - 22:05:46 - [91350844] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 29/01/2010 - 14:57:08 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 10/11/2010 - 22:11:16 - [5145595] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 29/12/2010 - 16:39:28 - [39116381] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 17/10/2009 - 00:58:54 - [29200078] ----D- C:\Program Files\Common Files\LightScribe
O43 - CFD: 29/01/2010 - 14:57:18 - [182964465] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 22/08/2010 - 23:20:12 - [4346720] ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 14/07/2009 - 04:37:06 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 30/08/2010 - 19:24:58 - [2135336] ----D- C:\Program Files\Common Files\Skype
O43 - CFD: 14/07/2009 - 04:37:06 - [41103783] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 14/07/2009 - 10:39:40 - [16430947] ----D- C:\Program Files\Common Files\System
O43 - CFD: 22/11/2010 - 16:13:10 - [315770813] ----D- C:\ProgramData\Adobe
O43 - CFD: 25/03/2010 - 00:20:20 - [121606176] ----D- C:\ProgramData\Apple
O43 - CFD: 20/03/2011 - 21:40:52 - [65510435] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 17/10/2009 - 01:05:34 - [20957] ----D- C:\ProgramData\Atheros
O43 - CFD: 09/04/2011 - 23:08:58 - [4771878] ----D- C:\ProgramData\AVAST Software
O43 - CFD: 17/10/2009 - 01:26:40 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 18/10/2009 - 12:14:52 - [0] ----D- C:\ProgramData\Canneverbe Limited
O43 - CFD: 10/11/2010 - 22:06:46 - [31009] ----D- C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 16/06/2010 - 23:06:40 - [1514981] ----D- C:\ProgramData\DivX
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 07/12/2010 - 23:25:08 - [144] ----D- C:\ProgramData\Driver Whiz
O43 - CFD: 18/10/2009 - 23:05:24 - [17545] ----D- C:\ProgramData\DVD Shrink
O43 - CFD: 17/10/2009 - 01:26:40 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 16/06/2010 - 23:18:04 - [0] ----D- C:\ProgramData\Google
O43 - CFD: 17/10/2009 - 01:05:36 - [36446930] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 29/12/2009 - 19:02:44 - [391] ----D- C:\ProgramData\InstallShield
O43 - CFD: 07/11/2009 - 15:52:58 - [390] ----D- C:\ProgramData\LightScribe
O43 - CFD: 22/11/2010 - 15:16:44 - [6522791] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 19/10/2009 - 09:34:20 - [604061] ----D- C:\ProgramData\McAfee
O43 - CFD: 17/10/2009 - 01:56:20 - [853] ----D- C:\ProgramData\McAfee Security Scan
O43 - CFD: 17/10/2009 - 01:26:40 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 17/10/2009 - 01:26:32 - [169174506] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 29/01/2010 - 14:58:10 - [61992] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 17/10/2009 - 01:26:40 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 17/10/2009 - 01:05:38 - [12036] ----D- C:\ProgramData\Norton
O43 - CFD: 17/10/2009 - 01:05:38 - [4381526] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 11/10/2010 - 14:34:02 - [3422] ----D- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 24/03/2010 - 21:30:02 - [17597] ----D- C:\ProgramData\Roxio
O43 - CFD: 30/08/2010 - 19:24:56 - [27617664] ----D- C:\ProgramData\Skype
O43 - CFD: 29/12/2009 - 19:02:38 - [1081] ----D- C:\ProgramData\Sonic
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 16/06/2010 - 23:12:08 - [224] ----D- C:\ProgramData\Sun
O43 - CFD: 12/04/2010 - 15:30:00 - [487779] ---AD- C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 17/10/2009 - 01:05:38 - [13278999] ----D- C:\ProgramData\WildTangent
O43 - CFD: 01/12/2010 - 21:53:46 - [7696979] ----D- C:\Users\Didier\AppData\Roaming\Adobe
O43 - CFD: 09/11/2010 - 22:41:10 - [108] ----D- C:\Users\Didier\AppData\Roaming\Adobe Mini Bridge CS5
O43 - CFD: 25/03/2010 - 00:23:54 - [513267898] ----D- C:\Users\Didier\AppData\Roaming\Apple Computer
O43 - CFD: 08/04/2010 - 17:24:46 - [7460] ----D- C:\Users\Didier\AppData\Roaming\Big Fish Games
O43 - CFD: 07/04/2011 - 09:48:24 - [10055209] ----D- C:\Users\Didier\AppData\Roaming\BitTorrent
O43 - CFD: 13/11/2009 - 22:54:10 - [6292] ----D- C:\Users\Didier\AppData\Roaming\BSplayer Pro
O43 - CFD: 13/03/2011 - 20:11:52 - [1557] ----D- C:\Users\Didier\AppData\Roaming\Canneverbe Limited
O43 - CFD: 08/05/2010 - 16:09:00 - [141312] ----D- C:\Users\Didier\AppData\Roaming\DivX
O43 - CFD: 10/11/2010 - 22:05:40 - [188] ----D- C:\Users\Didier\AppData\Roaming\GTek
O43 - CFD: 13/10/2010 - 00:20:38 - [165] ----D- C:\Users\Didier\AppData\Roaming\gtk-2.0
O43 - CFD: 17/10/2009 - 01:09:34 - [303104] ----D- C:\Users\Didier\AppData\Roaming\Hewlett-Packard
O43 - CFD: 17/10/2009 - 01:09:34 - [42124] ----D- C:\Users\Didier\AppData\Roaming\HP TCS
O43 - CFD: 25/03/2010 - 01:35:18 - [0] ----D- C:\Users\Didier\AppData\Roaming\Identities
O43 - CFD: 10/11/2010 - 22:01:30 - [293] ----D- C:\Users\Didier\AppData\Roaming\InstallShield
O43 - CFD: 17/10/2009 - 01:09:34 - [66694] ----D- C:\Users\Didier\AppData\Roaming\Macromedia
O43 - CFD: 22/11/2010 - 15:16:52 - [8802234] ----D- C:\Users\Didier\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 11:00:34 - [0] ----D- C:\Users\Didier\AppData\Roaming\Media Center Programs
O43 - CFD: 13/03/2011 - 19:54:38 - [2213524] -S--D- C:\Users\Didier\AppData\Roaming\Microsoft
O43 - CFD: 12/11/2010 - 02:43:56 - [13243147] ----D- C:\Users\Didier\AppData\Roaming\Mozilla
O43 - CFD: 07/11/2009 - 15:52:58 - [119112] ----D- C:\Users\Didier\AppData\Roaming\Nero
O43 - CFD: 16/06/2010 - 23:07:50 - [54] ----D- C:\Users\Didier\AppData\Roaming\OfficeRecovery
O43 - CFD: 17/10/2009 - 14:45:20 - [2523740] ----D- C:\Users\Didier\AppData\Roaming\OpenOffice.org
O43 - CFD: 20/06/2010 - 13:25:44 - [203980] ----D- C:\Users\Didier\AppData\Roaming\Opera
O43 - CFD: 26/11/2010 - 15:24:06 - [2349] ----D- C:\Users\Didier\AppData\Roaming\PIFreePC
O43 - CFD: 29/12/2009 - 19:05:58 - [6002668] ----D- C:\Users\Didier\AppData\Roaming\Roxio
O43 - CFD: 07/04/2011 - 09:49:04 - [3107528] ----D- C:\Users\Didier\AppData\Roaming\Skype
O43 - CFD: 07/04/2011 - 09:48:32 - [8456] ----D- C:\Users\Didier\AppData\Roaming\skypePM
O43 - CFD: 29/08/2010 - 16:28:38 - [0] ----D- C:\Users\Didier\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 06/12/2010 - 17:32:44 - [2027463] ----D- C:\Users\Didier\AppData\Roaming\vlc
O43 - CFD: 02/02/2010 - 22:31:00 - [12] ----D- C:\Users\Didier\AppData\Roaming\WinRAR
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8FFDB4B2DFB7D57B130CF1E89F426408] - 10/04/2011 - 20:03:23 ---A- . (...) -- C:\Windows\setupact.log [5617015]
O44 - LFC:[MD5.1A0000000000000000000000FCEF1200] - 10/04/2011 - 19:59:45 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1834636]
O44 - LFC:[MD5.5ECF4A26C9B197B98B0169B413AA14A5] - 10/04/2011 - 19:59:36 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D31499016327AD7AEEE8777CB16E58CF] - 10/04/2011 - 12:48:04 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [10288]
O44 - LFC:[MD5.D31499016327AD7AEEE8777CB16E58CF] - 10/04/2011 - 12:48:04 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [10288]
O44 - LFC:[MD5.2107323DDCA34951DDB60574E248296D] - 10/04/2011 - 12:46:37 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1524562]
O44 - LFC:[MD5.5C44FF27BD6075D8847862E56B3E6281] - 10/04/2011 - 12:46:37 ---A- . (...) -- C:\Windows\System32\perfc009.dat [103568]
O44 - LFC:[MD5.4327925F3AD67F7EB99D03E05451D205] - 10/04/2011 - 12:46:37 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [127684]
O44 - LFC:[MD5.444C7A1B32839A2454353F3F1342DB5D] - 10/04/2011 - 12:46:37 ---A- . (...) -- C:\Windows\System32\perfh009.dat [607190]
O44 - LFC:[MD5.5F5002850F434DAB6071C335B69FBEA6] - 10/04/2011 - 12:46:37 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [695004]
O44 - LFC:[MD5.1C2E6BB4FE8621B1B863855B02BC33EB] - 09/04/2011 - 22:10:09 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\System32\drivers\aswFsBlk.sys [19544]
O44 - LFC:[MD5.4B1A54BA2BC5873A774DF6B70AB8B0B3] - 09/04/2011 - 22:10:09 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [301528]
O44 - LFC:[MD5.C7F1CEA32766184911293F4E1EE653F5] - 09/04/2011 - 22:10:07 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\drivers\aswTdi.sys [49240]
O44 - LFC:[MD5.B6A9373619D851BE80FB5F1B5EED0D4E] - 09/04/2011 - 22:10:07 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\System32\drivers\aswRdr.sys [25432]
O44 - LFC:[MD5.9BE41C1AE8BC481EB662D85C98D979C2] - 09/04/2011 - 22:10:06 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys [371544]
O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 09/04/2011 - 22:10:02 ---A- . (...) -- C:\Windows\System32\config.nt [2577]
O44 - LFC:[MD5.B0F137F664F10829CD2380B0E20E7C29] - 09/04/2011 - 22:10:02 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [53592]
O44 - LFC:[MD5.0439C6170F7F6355BB5275C9CAA6050F] - 09/04/2011 - 22:09:03 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [40648]
O44 - LFC:[MD5.C6E1D434F1F3A5226B0DDFDF84B12677] - 09/04/2011 - 22:09:03 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [190016]
O44 - LFC:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 09/04/2011 - 21:19:59 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 09/04/2011 - 21:19:55 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]
O44 - LFC:[MD5.02BB51AF5FBD0DAF324F64F5F0FE181F] - 09/04/2011 - 21:07:33 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [4038]
O44 - LFC:[MD5.DBCA25990F2A3ADF4BD350E6EC4ABB11] - 09/04/2011 - 19:59:03 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.7D437A206DF2652FEC9CEFA5B0B1CD6C] - 25/03/2011 - 09:01:16 ---A- . (...) -- C:\Windows\PFRO.log [3856]
O44 - LFC:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 20/03/2011 - 21:06:16 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [26600]
O44 - LFC:[MD5.005EE82BABF1D2D32188A75BEDF500A4] - 20/03/2011 - 21:06:16 ---A- . (.GEAR Software Inc. - GEARAspi (x86).) -- C:\Windows\System32\GEARAspi.dll [107368]
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{b2127e5e-40f0-11e0-a976-001f166136bf}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{b2127e6d-40f0-11e0-a976-001f166136bf}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\AutoRun.exe (.not file.)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM"="CyberLink MP3 Encoder" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwit
Je te joins le log ZHP.
Rapport de ZHPDiag v1.27.1864 par Nicolas Coolman, Update du 08/04/2011
Run by Didier at 10/04/2011 21:04:14
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox v3.6.16 (fr) (Defaut)
---\\ System Information
Windows 7 Ultimate Edition, 32-bit (Build 7600)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1979 MB (59% free)
System Restore: Désactivé (Disabled)
System drive C: has 82 GB (59%) free of 139 GB
---\\ Logged in mode
Computer Name: PC-DIDIER
User Name: Didier
All Users Names: HomeGroupUser$, Didier, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=C:\Users\Didier\AppData\Roaming
%LocalAppData%=C:\Users\Didier\AppData\Local
%StartMenu%=C:\Users\Didier\AppData\Roaming\Microsoft\Windows\Start Menu
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 82 Go of 139 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 10 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
---\\ Recherche particulière de fichiers génériques
[MD5.B95EEB0F4E5EFBF1038A35B3351CF047] - (.Microsoft Corporation - Explorateur Windows.) (.03/08/2009 06:35:50.) -- C:\Windows\Explorer.exe [2613248]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]
[MD5.0D874F3BC751CC2198AF2E6783FB8B35] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/07/2009 02:16:19.) -- C:\Windows\system32\wininet.dll [977920]
[MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Winlogon.exe [285696]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 02:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 02:20:44.) -- C:\Windows\system32\drivers\ntfs.sys [1210432]
---\\ Processus lancés
[MD5.AE567D261D281B51BE55E53A786E8574] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896]
[MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [54840]
[MD5.8CB896C573FD15AE8B13180DA53E93D2] - (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752]
[MD5.F7CF218E5CAA6FC0BB55791AD31E2B3F] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032]
[MD5.639B783F5BC546D8D9662881730AFF9B] - (.Adobe Systems Incorporated - AAM Updates Notifier Application.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe [310224]
[MD5.A8AD97956A0F4408CB3AA03EDD2B8BC1] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552]
[MD5.0CFBE2D135A73CA98381FC8CC8BC5A03] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]
[MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3451496]
[MD5.4A9295C9BE22739D030AB072E9A0B169] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392]
[MD5.6D0EF984DA630251AD18888D2449FEBB] - (.Pas de propriétaire - Lanceur pour Mods FreePlayer.) -- C:\Program Files\EasyBox\EasyBox.exe [499699]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe [255536]
[MD5.1EDC4865C8003A0251956835273904B1] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe [685360]
[MD5.08C5BDAC2038D7B3A450A45BD8ED43DC] - (...) -- C:\Program Files\EasyBox\VLC\VLC.exe [93184]
[MD5.FB784E1B24CD06EEC019F26EF79527AC] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [642560]
---\\ Opera, Plugins,Démarrage,Recherche (P1,B0,B1)
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin2.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin3.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin4.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin5.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin6.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin7.dll
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\acpro.xml
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.1".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.5] - (.the VideoLAN Team - Version 1.1.5, copyright 1996-2010 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
M0 - MFSP: prefs.js [Didier - ak9d41er.default] https://www.google.fr/?gws_rd=ssl
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-3086759580-2372390923-3361958748-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdatePDIRShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [LanceurEasyBox] . (.Pas de propriétaire - Lanceur pour Mods FreePlayer.) -- C:\Program Files\EasyBox\EasyBox.exe
O4 - HKCU\..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-3086759580-2372390923-3361958748-1000\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKUS\S-1-5-21-3086759580-2372390923-3361958748-1000\..\Run: [LanceurEasyBox] . (.Pas de propriétaire - Lanceur pour Mods FreePlayer.) -- C:\Program Files\EasyBox\EasyBox.exe
O4 - HKUS\S-1-5-21-3086759580-2372390923-3361958748-1000\..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (.not file.)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk . (.McAfee, Inc..) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Didier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Didier\Desktop\AD-R.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\Didier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Didier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype add-on for Internet Explorer - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B5A7D1F8-EF27-490C-A5B1-C9A9E14DC82A}: NameServer = 213.230.155.10 213.230.129.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{B5A7D1F8-EF27-490C-A5B1-C9A9E14DC82A}: NameServer = 213.230.155.10 213.230.129.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{B5A7D1F8-EF27-490C-A5B1-C9A9E14DC82A}: NameServer = 213.230.155.10 213.230.129.10
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E92F240-0E09-4CCE-9E31-EE8EBFEE2C1C}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\..\{B4436E77-722E-418D-8523-5DC61BC32EBA}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{5E92F240-0E09-4CCE-9E31-EE8EBFEE2C1C}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{B4436E77-722E-418D-8523-5DC61BC32EBA}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{5E92F240-0E09-4CCE-9E31-EE8EBFEE2C1C}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{B4436E77-722E-418D-8523-5DC61BC32EBA}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P. - Com for QLB application.) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: (EasyBoxApache) . (.Apache Software Foundation - Apache HTTP Server.) - C:\Program Files\EasyBox\Apache\Apache.exe
O23 - Service: (hpqwmiex) . (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: (McComponentHostService) . (.McAfee, Inc. - Component Host Service.) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) - Clé orpheline
O23 - Service: (Recovery Service for Windows) . (.Pas de propriétaire - STServices.) - C:\Program Files\SMINST\BLService.exe
O23 - Service: (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: (SwitchBoard) . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Ufgjssqv.job
[MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-PC-Didier-Didier] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
[MD5.47B88569510E8457DFDB6DE86707E7B9] [APT] [{466F7627-03A2-452C-B5CD-F43E29ADBEC8}] (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
[MD5.70B6D0C45256B688B7DBC10E922FB402] [APT] [{5E0205F7-D81E-476D-8D0C-D2E9C4223302}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {15FEDA5F-141C-4127-8D7E-B962D1742728}
O42 - Logiciel: Adobe Photoshop Lightroom 3 - (.Adobe.) [HKLM] -- {23DD8A17-65DB-4D49-A2E0-164C6F460E3F}
O42 - Logiciel: Adobe Reader 9.4.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- {AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKLM] -- BitTorrent
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8}
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Chiavetta Internet - (.Huawei Technologies Co.,Ltd.) [HKLM] -- Chiavetta Internet
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1
O42 - Logiciel: ESU for Microsoft Vista - (.Hewlett-Packard.) [HKLM] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}
O42 - Logiciel: EasyBox v4.0 - (.Pas de propriétaire.) [HKLM] -- {8CEF96CD-AC32-4DA7-A1B0-CD09BE9AF488}_is1
O42 - Logiciel: HP Doc Viewer - (.Hewlett-Packard.) [HKLM] -- {082702D5-5DD8-4600-BCE5-48B15174687F}
O42 - Logiciel: HP Help and Support - (.Hewlett-Packard Company.) [HKLM] -- {0054A0F6-00C9-4498-B821-B5C9578F433E}
O42 - Logiciel: HP Quick Launch Buttons 6.40 H2 - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
O42 - Logiciel: HP User Guides 0118 - (.Hewlett-Packard.) [HKLM] -- {B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}
O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {9ADABDDE-9644-461B-9E73-83FA3EFCAB50}
O42 - Logiciel: ImageMagick 6.6.7-1 Q16 (2011-01-15) - (.ImageMagick Studio LLC.) [HKLM] -- ImageMagick 6.6.7 Q16_is1
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Java(TM) 6 Update 23 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216023FF}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: LightScribe System Software 1.14.17.1 - (.LightScribe.) [HKLM] -- {0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher 2007 - (.Microsoft Corporation.) [HKLM] -- PUBLISHERR
O42 - Logiciel: Microsoft Office Publisher 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-0019-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft_VC80_ATL_x86 - (.Adobe.) [HKLM] -- {0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
O42 - Logiciel: Microsoft_VC80_CRT_x86 - (.Adobe.) [HKLM] -- {92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
O42 - Logiciel: Microsoft_VC80_MFCLOC_x86 - (.Adobe.) [HKLM] -- {D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
O42 - Logiciel: Microsoft_VC80_MFC_x86 - (.Adobe.) [HKLM] -- {D1A19B02-817E-4296-A45B-07853FD74D57}
O42 - Logiciel: Microsoft_VC90_ATL_x86 - (.Adobe.) [HKLM] -- {033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Adobe.) [HKLM] -- {08D2E121-7F6A-43EB-97FD-629B44903403}
O42 - Logiciel: Microsoft_VC90_MFC_x86 - (.Adobe.) [HKLM] -- {635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Movies2iPhone .74b - (.OK Prods Ltd.) [HKLM] -- Movies2iPhone
O42 - Logiciel: Mozilla Firefox (3.6.16) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.16)
O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] -- {0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}
O42 - Logiciel: Photomatix Pro version 3.0 - (.HDRsoft Sarl.) [HKLM] -- PhotomatixPro3_is1
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {981029E0-7FC9-4CF3-AB39-6F133621921A}
O42 - Logiciel: Skype(TM) 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {2A697B53-0DE3-42DA-B41D-C3F804B1C538}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AOL]
[HKCU\Software\AVAST Software]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe Lightroom]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BST]
[HKCU\Software\Big Fish Games, Inc]
[HKCU\Software\Big Fish Games]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DVD Shrink]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EasyBox]
[HKCU\Software\GNU]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\InstallShield]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\LightScribe]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Muvee)]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MimarSinan]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\MultimediaPhoto]
[HKCU\Software\NTCCEQWNQO]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Opera Software]
[HKCU\Software\Policies]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Research In Motion]
[HKCU\Software\Roxio]
[HKCU\Software\Skype]
[HKCU\Software\Sonic Solutions]
[HKCU\Software\Sonic]
[HKCU\Software\Synaptics]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKLM\Software\<company>]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Audible]
[HKLM\Software\Big Fish Games]
[HKLM\Software\CXT]
[HKLM\Software\Canneverbe Limited]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conexant Systems Inc ]
[HKLM\Software\Conexant]
[HKLM\Software\Cyberlink]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\EasyBits]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\HPQLOG]
[HKLM\Software\HPQ]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Huawei technologies]
[HKLM\Software\ImageMagick]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NTCCEQWNQO]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\P2G_Upgrade]
[HKLM\Software\PDR_Upgrade]
[HKLM\Software\Policies]
[HKLM\Software\QATestSystem]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek USB 2.0 Card Reader]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\UCAM_Upgrade]
[HKLM\Software\VideoLAN]
[HKLM\Software\WOW6432Node]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Yahoo]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/04/2011 - 22:06:28 - [96723541] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 22/11/2010 - 16:13:08 - [866142249] ----D- C:\Program Files\Adobe
O43 - CFD: 30/04/2010 - 15:37:32 - [1793179660] ----D- C:\Program Files\Adobe Photoshop CS5 Extended Edition
O43 - CFD: 20/03/2011 - 21:40:08 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 09/04/2011 - 23:08:58 - [151291056] ----D- C:\Program Files\AVAST Software
O43 - CFD: 05/04/2011 - 10:48:56 - [857521] ----D- C:\Program Files\BitTorrent
O43 - CFD: 20/03/2011 - 21:39:28 - [617126] ----D- C:\Program Files\Bonjour
O43 - CFD: 24/03/2011 - 21:49:28 - [14164882] ----D- C:\Program Files\CDBurnerXP
O43 - CFD: 25/02/2011 - 17:08:32 - [24620357] ----D- C:\Program Files\Chiavetta Internet
O43 - CFD: 02/02/2011 - 22:39:52 - [732002187] ----D- C:\Program Files\Common Files
O43 - CFD: 17/10/2009 - 00:59:08 - [8986455] ----D- C:\Program Files\CONEXANT
O43 - CFD: 10/11/2010 - 22:02:58 - [748090138] ----D- C:\Program Files\CyberLink
O43 - CFD: 16/06/2010 - 23:06:32 - [1373018] ----D- C:\Program Files\DivX
O43 - CFD: 14/07/2009 - 11:01:32 - [83226132] ----D- C:\Program Files\DVD Maker
O43 - CFD: 18/10/2009 - 12:13:04 - [979654] ----D- C:\Program Files\DVD Shrink
O43 - CFD: 17/10/2009 - 01:00:50 - [76061455] ----D- C:\Program Files\EasyBits For Kids
O43 - CFD: 29/11/2010 - 13:41:58 - [210092767] ----D- C:\Program Files\EasyBox
O43 - CFD: 17/10/2009 - 01:26:40 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 03/02/2011 - 00:13:06 - [0] ----D- C:\Program Files\Google
O43 - CFD: 10/11/2010 - 22:05:24 - [133488738] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 10/11/2010 - 22:06:46 - [3943129] ----D- C:\Program Files\HP
O43 - CFD: 21/01/2011 - 00:09:54 - [51826361] ----D- C:\Program Files\ImageMagick-6.6.7-Q16
O43 - CFD: 10/11/2010 - 22:06:46 - [119155750] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 17/10/2009 - 01:05:12 - [64745] ----D- C:\Program Files\Intel
O43 - CFD: 22/11/2010 - 16:06:56 - [5813167] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 20/03/2011 - 22:05:46 - [1856627] ----D- C:\Program Files\iPod
O43 - CFD: 20/03/2011 - 22:06:16 - [127660511] ----D- C:\Program Files\iTunes
O43 - CFD: 29/12/2010 - 17:41:00 - [173720709] ----D- C:\Program Files\Java
O43 - CFD: 17/10/2009 - 14:53:16 - [16664352] ----D- C:\Program Files\JRE
O43 - CFD: 09/04/2011 - 23:13:42 - [4931883] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 22/06/2010 - 18:03:42 - [9453898] ----D- C:\Program Files\McAfee Security Scan
O43 - CFD: 14/07/2009 - 11:01:22 - [147812402] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 29/01/2010 - 14:57:08 - [278511573] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 29/01/2010 - 14:57:20 - [3331792] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 29/01/2010 - 14:56:48 - [8152064] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 25/03/2010 - 01:36:50 - [10116620] ----D- C:\Program Files\Movies2iPhone
O43 - CFD: 23/03/2011 - 21:49:42 - [31518633] --H-D- C:\Program Files\Mozilla Firefox
O43 - CFD: 14/07/2009 - 06:52:32 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 16/10/2009 - 20:54:56 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 17/10/2009 - 01:05:22 - [18764189] R---D- C:\Program Files\Online Services
O43 - CFD: 17/10/2009 - 14:53:14 - [377841238] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 22/11/2010 - 14:38:52 - [1122625] ----D- C:\Program Files\Opera
O43 - CFD: 27/08/2010 - 19:55:52 - [8657112] ----D- C:\Program Files\PhotomatixPro3
O43 - CFD: 20/03/2011 - 21:41:06 - [76322555] ----D- C:\Program Files\QuickTime
O43 - CFD: 17/10/2009 - 01:05:22 - [1588785] ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 06:52:32 - [38593281] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 24/03/2010 - 21:25:02 - [0] ----D- C:\Program Files\Research In Motion
O43 - CFD: 30/08/2010 - 19:25:10 - [38378187] R---D- C:\Program Files\Skype
O43 - CFD: 17/10/2009 - 01:05:26 - [28360879] ----D- C:\Program Files\SMINST
O43 - CFD: 17/10/2009 - 00:55:02 - [14672316] ----D- C:\Program Files\Synaptics
O43 - CFD: 14/07/2009 - 06:53:24 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 26/11/2010 - 15:41:50 - [80691317] ----D- C:\Program Files\VideoLAN
O43 - CFD: 16/06/2010 - 23:04:36 - [0] ----D- C:\Program Files\Webteh
O43 - CFD: 17/10/2009 - 01:05:26 - [0] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 17/10/2009 - 01:05:26 - [0] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 14/07/2009 - 10:39:40 - [3049984] ----D- C:\Program Files\Windows Defender
O43 - CFD: 14/07/2009 - 11:01:30 - [7013496] ----D- C:\Program Files\Windows Journal
O43 - CFD: 14/07/2009 - 10:39:40 - [6180864] ----D- C:\Program Files\Windows Mail
O43 - CFD: 21/10/2009 - 22:31:26 - [6607787] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 17/10/2009 - 01:26:40 - [12194484] ----D- C:\Program Files\Windows NT
O43 - CFD: 17/10/2009 - 01:05:26 - [0] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 14/07/2009 - 10:39:40 - [4417800] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 06:52:34 - [189440] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 14/07/2009 - 10:39:40 - [10712014] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 02/02/2010 - 22:30:50 - [3724337] ----D- C:\Program Files\WinRAR
O43 - CFD: 10/04/2011 - 21:04:52 - [4779436] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 22/11/2010 - 16:13:10 - [320112360] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 20/03/2011 - 22:05:46 - [91350844] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 29/01/2010 - 14:57:08 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 10/11/2010 - 22:11:16 - [5145595] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 29/12/2010 - 16:39:28 - [39116381] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 17/10/2009 - 00:58:54 - [29200078] ----D- C:\Program Files\Common Files\LightScribe
O43 - CFD: 29/01/2010 - 14:57:18 - [182964465] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 22/08/2010 - 23:20:12 - [4346720] ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 14/07/2009 - 04:37:06 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 30/08/2010 - 19:24:58 - [2135336] ----D- C:\Program Files\Common Files\Skype
O43 - CFD: 14/07/2009 - 04:37:06 - [41103783] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 14/07/2009 - 10:39:40 - [16430947] ----D- C:\Program Files\Common Files\System
O43 - CFD: 22/11/2010 - 16:13:10 - [315770813] ----D- C:\ProgramData\Adobe
O43 - CFD: 25/03/2010 - 00:20:20 - [121606176] ----D- C:\ProgramData\Apple
O43 - CFD: 20/03/2011 - 21:40:52 - [65510435] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 17/10/2009 - 01:05:34 - [20957] ----D- C:\ProgramData\Atheros
O43 - CFD: 09/04/2011 - 23:08:58 - [4771878] ----D- C:\ProgramData\AVAST Software
O43 - CFD: 17/10/2009 - 01:26:40 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 18/10/2009 - 12:14:52 - [0] ----D- C:\ProgramData\Canneverbe Limited
O43 - CFD: 10/11/2010 - 22:06:46 - [31009] ----D- C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 16/06/2010 - 23:06:40 - [1514981] ----D- C:\ProgramData\DivX
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 07/12/2010 - 23:25:08 - [144] ----D- C:\ProgramData\Driver Whiz
O43 - CFD: 18/10/2009 - 23:05:24 - [17545] ----D- C:\ProgramData\DVD Shrink
O43 - CFD: 17/10/2009 - 01:26:40 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 16/06/2010 - 23:18:04 - [0] ----D- C:\ProgramData\Google
O43 - CFD: 17/10/2009 - 01:05:36 - [36446930] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 29/12/2009 - 19:02:44 - [391] ----D- C:\ProgramData\InstallShield
O43 - CFD: 07/11/2009 - 15:52:58 - [390] ----D- C:\ProgramData\LightScribe
O43 - CFD: 22/11/2010 - 15:16:44 - [6522791] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 19/10/2009 - 09:34:20 - [604061] ----D- C:\ProgramData\McAfee
O43 - CFD: 17/10/2009 - 01:56:20 - [853] ----D- C:\ProgramData\McAfee Security Scan
O43 - CFD: 17/10/2009 - 01:26:40 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 17/10/2009 - 01:26:32 - [169174506] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 29/01/2010 - 14:58:10 - [61992] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 17/10/2009 - 01:26:40 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 17/10/2009 - 01:05:38 - [12036] ----D- C:\ProgramData\Norton
O43 - CFD: 17/10/2009 - 01:05:38 - [4381526] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 11/10/2010 - 14:34:02 - [3422] ----D- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 24/03/2010 - 21:30:02 - [17597] ----D- C:\ProgramData\Roxio
O43 - CFD: 30/08/2010 - 19:24:56 - [27617664] ----D- C:\ProgramData\Skype
O43 - CFD: 29/12/2009 - 19:02:38 - [1081] ----D- C:\ProgramData\Sonic
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 16/06/2010 - 23:12:08 - [224] ----D- C:\ProgramData\Sun
O43 - CFD: 12/04/2010 - 15:30:00 - [487779] ---AD- C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 17/10/2009 - 01:05:38 - [13278999] ----D- C:\ProgramData\WildTangent
O43 - CFD: 01/12/2010 - 21:53:46 - [7696979] ----D- C:\Users\Didier\AppData\Roaming\Adobe
O43 - CFD: 09/11/2010 - 22:41:10 - [108] ----D- C:\Users\Didier\AppData\Roaming\Adobe Mini Bridge CS5
O43 - CFD: 25/03/2010 - 00:23:54 - [513267898] ----D- C:\Users\Didier\AppData\Roaming\Apple Computer
O43 - CFD: 08/04/2010 - 17:24:46 - [7460] ----D- C:\Users\Didier\AppData\Roaming\Big Fish Games
O43 - CFD: 07/04/2011 - 09:48:24 - [10055209] ----D- C:\Users\Didier\AppData\Roaming\BitTorrent
O43 - CFD: 13/11/2009 - 22:54:10 - [6292] ----D- C:\Users\Didier\AppData\Roaming\BSplayer Pro
O43 - CFD: 13/03/2011 - 20:11:52 - [1557] ----D- C:\Users\Didier\AppData\Roaming\Canneverbe Limited
O43 - CFD: 08/05/2010 - 16:09:00 - [141312] ----D- C:\Users\Didier\AppData\Roaming\DivX
O43 - CFD: 10/11/2010 - 22:05:40 - [188] ----D- C:\Users\Didier\AppData\Roaming\GTek
O43 - CFD: 13/10/2010 - 00:20:38 - [165] ----D- C:\Users\Didier\AppData\Roaming\gtk-2.0
O43 - CFD: 17/10/2009 - 01:09:34 - [303104] ----D- C:\Users\Didier\AppData\Roaming\Hewlett-Packard
O43 - CFD: 17/10/2009 - 01:09:34 - [42124] ----D- C:\Users\Didier\AppData\Roaming\HP TCS
O43 - CFD: 25/03/2010 - 01:35:18 - [0] ----D- C:\Users\Didier\AppData\Roaming\Identities
O43 - CFD: 10/11/2010 - 22:01:30 - [293] ----D- C:\Users\Didier\AppData\Roaming\InstallShield
O43 - CFD: 17/10/2009 - 01:09:34 - [66694] ----D- C:\Users\Didier\AppData\Roaming\Macromedia
O43 - CFD: 22/11/2010 - 15:16:52 - [8802234] ----D- C:\Users\Didier\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 11:00:34 - [0] ----D- C:\Users\Didier\AppData\Roaming\Media Center Programs
O43 - CFD: 13/03/2011 - 19:54:38 - [2213524] -S--D- C:\Users\Didier\AppData\Roaming\Microsoft
O43 - CFD: 12/11/2010 - 02:43:56 - [13243147] ----D- C:\Users\Didier\AppData\Roaming\Mozilla
O43 - CFD: 07/11/2009 - 15:52:58 - [119112] ----D- C:\Users\Didier\AppData\Roaming\Nero
O43 - CFD: 16/06/2010 - 23:07:50 - [54] ----D- C:\Users\Didier\AppData\Roaming\OfficeRecovery
O43 - CFD: 17/10/2009 - 14:45:20 - [2523740] ----D- C:\Users\Didier\AppData\Roaming\OpenOffice.org
O43 - CFD: 20/06/2010 - 13:25:44 - [203980] ----D- C:\Users\Didier\AppData\Roaming\Opera
O43 - CFD: 26/11/2010 - 15:24:06 - [2349] ----D- C:\Users\Didier\AppData\Roaming\PIFreePC
O43 - CFD: 29/12/2009 - 19:05:58 - [6002668] ----D- C:\Users\Didier\AppData\Roaming\Roxio
O43 - CFD: 07/04/2011 - 09:49:04 - [3107528] ----D- C:\Users\Didier\AppData\Roaming\Skype
O43 - CFD: 07/04/2011 - 09:48:32 - [8456] ----D- C:\Users\Didier\AppData\Roaming\skypePM
O43 - CFD: 29/08/2010 - 16:28:38 - [0] ----D- C:\Users\Didier\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 06/12/2010 - 17:32:44 - [2027463] ----D- C:\Users\Didier\AppData\Roaming\vlc
O43 - CFD: 02/02/2010 - 22:31:00 - [12] ----D- C:\Users\Didier\AppData\Roaming\WinRAR
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8FFDB4B2DFB7D57B130CF1E89F426408] - 10/04/2011 - 20:03:23 ---A- . (...) -- C:\Windows\setupact.log [5617015]
O44 - LFC:[MD5.1A0000000000000000000000FCEF1200] - 10/04/2011 - 19:59:45 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1834636]
O44 - LFC:[MD5.5ECF4A26C9B197B98B0169B413AA14A5] - 10/04/2011 - 19:59:36 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D31499016327AD7AEEE8777CB16E58CF] - 10/04/2011 - 12:48:04 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [10288]
O44 - LFC:[MD5.D31499016327AD7AEEE8777CB16E58CF] - 10/04/2011 - 12:48:04 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [10288]
O44 - LFC:[MD5.2107323DDCA34951DDB60574E248296D] - 10/04/2011 - 12:46:37 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1524562]
O44 - LFC:[MD5.5C44FF27BD6075D8847862E56B3E6281] - 10/04/2011 - 12:46:37 ---A- . (...) -- C:\Windows\System32\perfc009.dat [103568]
O44 - LFC:[MD5.4327925F3AD67F7EB99D03E05451D205] - 10/04/2011 - 12:46:37 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [127684]
O44 - LFC:[MD5.444C7A1B32839A2454353F3F1342DB5D] - 10/04/2011 - 12:46:37 ---A- . (...) -- C:\Windows\System32\perfh009.dat [607190]
O44 - LFC:[MD5.5F5002850F434DAB6071C335B69FBEA6] - 10/04/2011 - 12:46:37 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [695004]
O44 - LFC:[MD5.1C2E6BB4FE8621B1B863855B02BC33EB] - 09/04/2011 - 22:10:09 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\System32\drivers\aswFsBlk.sys [19544]
O44 - LFC:[MD5.4B1A54BA2BC5873A774DF6B70AB8B0B3] - 09/04/2011 - 22:10:09 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [301528]
O44 - LFC:[MD5.C7F1CEA32766184911293F4E1EE653F5] - 09/04/2011 - 22:10:07 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\drivers\aswTdi.sys [49240]
O44 - LFC:[MD5.B6A9373619D851BE80FB5F1B5EED0D4E] - 09/04/2011 - 22:10:07 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\System32\drivers\aswRdr.sys [25432]
O44 - LFC:[MD5.9BE41C1AE8BC481EB662D85C98D979C2] - 09/04/2011 - 22:10:06 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys [371544]
O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 09/04/2011 - 22:10:02 ---A- . (...) -- C:\Windows\System32\config.nt [2577]
O44 - LFC:[MD5.B0F137F664F10829CD2380B0E20E7C29] - 09/04/2011 - 22:10:02 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [53592]
O44 - LFC:[MD5.0439C6170F7F6355BB5275C9CAA6050F] - 09/04/2011 - 22:09:03 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [40648]
O44 - LFC:[MD5.C6E1D434F1F3A5226B0DDFDF84B12677] - 09/04/2011 - 22:09:03 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [190016]
O44 - LFC:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 09/04/2011 - 21:19:59 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 09/04/2011 - 21:19:55 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]
O44 - LFC:[MD5.02BB51AF5FBD0DAF324F64F5F0FE181F] - 09/04/2011 - 21:07:33 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [4038]
O44 - LFC:[MD5.DBCA25990F2A3ADF4BD350E6EC4ABB11] - 09/04/2011 - 19:59:03 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.7D437A206DF2652FEC9CEFA5B0B1CD6C] - 25/03/2011 - 09:01:16 ---A- . (...) -- C:\Windows\PFRO.log [3856]
O44 - LFC:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 20/03/2011 - 21:06:16 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [26600]
O44 - LFC:[MD5.005EE82BABF1D2D32188A75BEDF500A4] - 20/03/2011 - 21:06:16 ---A- . (.GEAR Software Inc. - GEARAspi (x86).) -- C:\Windows\System32\GEARAspi.dll [107368]
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{b2127e5e-40f0-11e0-a976-001f166136bf}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{b2127e6d-40f0-11e0-a976-001f166136bf}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\AutoRun.exe (.not file.)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM"="CyberLink MP3 Encoder" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwit
Utilisateur anonyme
11 avril 2011 à 19:01
11 avril 2011 à 19:01
Bonsoir
Le rapport n'est pas complet.
Merci d'utiliser ci-joint pour poster ce rapport.
@+
Le rapport n'est pas complet.
Merci d'utiliser ci-joint pour poster ce rapport.
@+
