Redirections + nouveau virus

lebelou -  
 Utilisateur anonyme -
Bonjour,

Je sollicite votre aide car cela devient de plus en plus compliqué d'utiliser mon navigateur (Firefox).
1/ Nombreuses redirections
2/ Un nouveau virus qui est assez surprenant, drôle au début mais devient vite un calvaire. En fait, toutes les pages web que je visite, si elles contiennent un mot qui commence par "co" sont systématiquement modifiées et deviennent "oc". (exemple : le mot "commencer" est affiché "ocmmencer").

Si quelqu'un peut m'aider car je craque !

Merci

8 réponses

  1. Utilisateur anonyme
     
    Bonsoir

    Inscris toi avant tout ,sinon je ne pourrais lire ce rapport demandé.

    Pour de plus amples informations, fait ceci stp

    Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :

    https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

    Ou

    https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

    Serveur N°2

    Ou

    http://www.premiumorange.com/zeb-help-process/zhpdiag.html
    en bas de la page ZHP avec un numéro de version.

    Une fois le téléchargement achevé, dé zippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.

    Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit « exécuter en tant que administrateur »

    Clique sur la loupe pour lancer l'analyse.

    Laisse l'outil travailler, il peut être assez long.

    Ferme ZHPDiag en fin d'analyse.

    Pour transmettre le rapport clique sur ce lien :

    http://www.cijoint.fr/index.php

    http://pjjoint.malekal.com/

    Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).

    Sélectionne le fichier ZHPDiag.txt.

    Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

    est ajouté dans la page.

    Copie ce lien dans ta réponse.

    Merci

    A+

    1
  2. lebelou Messages postés 4 Date d'inscription   Statut Membre Dernière intervention  
     
    Merci pour ton aide.

    Voici le fichier : http://www.cijoint.fr/cjlink.php?file=cj201104/cijbEAQBmg.txt
    0
  3. Utilisateur anonyme
     
    Re

    1)* Télécharge Ad-remover ( de C_XX ) sur ton bureau :

    http://www.teamxscript.org/adremoverTelechargement.html

    ! Déconnecte toi et ferme toutes applications en cours !

    * Double clique ou clic droit (exécuter en tant que admin...sur Vista et Windows7) sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut.

    * Double-clique ou clic droit (exécuter en tant que admin...sur Vista et Windows 7) sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

    * Au menu principal choisis l'option "Nettoyer"
    et sur [entrée] .

    * Laisse travailler l'outil et ne touche à rien ...

    --> Poste le rapport qui apparaît à la fin , sur le forum ...

    ( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
    ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    Les toolbars, c'est pas obligatoire ( par Malekal ) :https://forum.malekal.com/viewtopic.php?t=6173&start=


    2)
    Télécharge Malwaresbytes anti malware ici
    http://www.malwarebytes.org/mbam.php

    Bouton »Download free version »

    * Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

    (NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/

    * Potasse le tuto pour te familiariser avec le prg :

    https://forum.pcastuces.com/sujet.asp?f=31&s=3

    (cela dis, il est très simple d'utilisation).

    relance Malwaresbytes en suivant scrupuleusement ces consignes :

    ! Déconnecte toi et ferme toutes applications en cours !

    * Lance Malwarebyte's. Sous Vista et Seven (clic droit de la souris « exécuter en tant que administrateur »)

    Fais un examen dit "Complet"

    --> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
    --> à la fin tu cliques sur "Afficher les résultats" " .
    --> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .

    Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !

    Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)

    Poste les rapports au fur et à mesure;merci.

    @+
    0
  4. lebelou Messages postés 4 Date d'inscription   Statut Membre Dernière intervention  
     
    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 08/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:06:27 le 09/04/2011, Mode normal

    Microsoft Windows 7 Édition Intégrale (X86)
    Didier@PC-DIDIER (Hewlett-Packard Compaq Presario CQ70 Notebook PC)

    ============== ACTION(S) ==============

    Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everest Poker
    Dossier supprimé: C:\Program Files\Everest Poker
    Dossier supprimé: C:\Program Files\AutocompletePro
    Dossier supprimé: C:\Users\Didier\AppData\LocalLow\Hotbar

    (!) -- Fichiers temporaires supprimés.

    Clé supprimée: HKLM\Software\Conduit
    Clé supprimée: HKCU\Software\Conduit
    Clé supprimée: HKCU\Software\Grand Virtual
    Clé supprimée: HKCU\Software\AppDataLow\Software\Hotbar
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker

    Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|Hotbar 11.0.175.0

    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [3.6.16 (fr)] ****

    Searchplugins\acpro.xml ( hxxp://search.autocompletepro.com?si=10203&q={searchTerms}/)

    -- C:\Users\Didier\AppData\Roaming\Mozilla\FireFox\Profiles\ak9d41er.default --
    Prefs.js - browser.download.lastDir, C:\\Users\\Didier\\Desktop
    Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16

    ========================================

    **** Internet Explorer Version [8.0.7600.16385] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_SearchScopes\{A7BC8449-F019-4C94-B549-CDC59F7669C5} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
    HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Web Search" (hxxp://search.autocompletepro.com/?si=10203&bi=400&q={searchTerms})
    HKLM_SearchScopes\{A7BC8449-F019-4C94-B549-CDC59F7669C5} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
    HKCU_ElevationPolicy\{974C34A4-7FB0-4F2F-AA02-655E0CCCA662} - C:\Users\Didier\AppData\Local\Yahoo!\BrowserPlus\2.6.0\BrowserPlusCore.exe (x)
    HKCU_ElevationPolicy\{D09C464F-07DE-4C04-ABB4-88C30329C02D} - C:\Users\Didier\AppData\Local\Yahoo!\BrowserPlus\2.5.1\BrowserPlusCore.exe (x)
    HKCU_ElevationPolicy\{F6406B2D-39A7-4566-A174-E19DDD818A95} - C:\Users\Didier\AppData\Local\Yahoo!\BrowserPlus\2.4.21\BrowserPlusCore.exe (x)
    HKCU_ElevationPolicy\{FDBA56A8-8FA7-41A3-97F4-A094019C4178} - C:\Users\Didier\AppData\Local\Yahoo!\BrowserPlus\2.4.17\BrowserPlusCore.exe (x)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\system32\wpcer.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\system32\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 247 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 09/04/2011 22:06:37 (3899 Octet(s))

    Fin à: 22:07:32, 09/04/2011

    ============== E.O.F ==============
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. lebelou Messages postés 4 Date d'inscription   Statut Membre Dernière intervention  
     
    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Version de la base de données: 6320

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    09/04/2011 23:11:14
    mbam-log-2011-04-09 (23-11-14).txt

    Type d'examen: Examen complet (C:\|D:\|)
    Elément(s) analysé(s): 275925
    Temps écoulé: 47 minute(s), 35 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    c:\Windows\System32\C_8582.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    0
  7. Utilisateur anonyme
     
    Bonjour

    As tu encore des soucis?

    Poste moi un nouveau rapport ZHPDiag;merci

    @+
    0
  8. lebelou Messages postés 4 Date d'inscription   Statut Membre Dernière intervention  
     
    Effectivement, ça a l'air de mieux fonctionner.

    Je te joins le log ZHP.
    Rapport de ZHPDiag v1.27.1864 par Nicolas Coolman, Update du 08/04/2011
    Run by Didier at 10/04/2011 21:04:14
    Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

    ---\\ Web Browser
    MSIE: Internet Explorer v8.0.7600.16385
    MFIE: Mozilla Firefox v3.6.16 (fr) (Defaut)

    ---\\ System Information
    Windows 7 Ultimate Edition, 32-bit (Build 7600)
    Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
    Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 1979 MB (59% free)
    System Restore: Désactivé (Disabled)
    System drive C: has 82 GB (59%) free of 139 GB

    ---\\ Logged in mode
    Computer Name: PC-DIDIER
    User Name: Didier
    All Users Names: HomeGroupUser$, Didier, Administrateur,
    Unselected Option: O45,O61,O62,O65,O66,O82
    Logged in as Administrator

    ---\\ Environnement Variables
    %AppData%=C:\Users\Didier\AppData\Roaming
    %LocalAppData%=C:\Users\Didier\AppData\Local
    %StartMenu%=C:\Users\Didier\AppData\Roaming\Microsoft\Windows\Start Menu

    ---\\ DOS/Devices
    C:\ Hard drive, Flash drive, Thumb drive (Free 82 Go of 139 Go)
    D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 10 Go)
    E:\ CD-ROM drive (Not Inserted)

    ---\\ Security Center & Tools Informations
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

    ---\\ Recherche particulière de fichiers génériques
    [MD5.B95EEB0F4E5EFBF1038A35B3351CF047] - (.Microsoft Corporation - Explorateur Windows.) (.03/08/2009 06:35:50.) -- C:\Windows\Explorer.exe [2613248]
    [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]
    [MD5.0D874F3BC751CC2198AF2E6783FB8B35] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/07/2009 02:16:19.) -- C:\Windows\system32\wininet.dll [977920]
    [MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Winlogon.exe [285696]
    [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 02:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584]
    [MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 02:20:44.) -- C:\Windows\system32\drivers\ntfs.sys [1210432]

    ---\\ Processus lancés
    [MD5.AE567D261D281B51BE55E53A786E8574] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896]
    [MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [54840]
    [MD5.8CB896C573FD15AE8B13180DA53E93D2] - (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752]
    [MD5.F7CF218E5CAA6FC0BB55791AD31E2B3F] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032]
    [MD5.639B783F5BC546D8D9662881730AFF9B] - (.Adobe Systems Incorporated - AAM Updates Notifier Application.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe [310224]
    [MD5.A8AD97956A0F4408CB3AA03EDD2B8BC1] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720]
    [MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]
    [MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552]
    [MD5.0CFBE2D135A73CA98381FC8CC8BC5A03] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]
    [MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3451496]
    [MD5.4A9295C9BE22739D030AB072E9A0B169] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392]
    [MD5.6D0EF984DA630251AD18888D2449FEBB] - (.Pas de propriétaire - Lanceur pour Mods FreePlayer.) -- C:\Program Files\EasyBox\EasyBox.exe [499699]
    [MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe [255536]
    [MD5.1EDC4865C8003A0251956835273904B1] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe [685360]
    [MD5.08C5BDAC2038D7B3A450A45BD8ED43DC] - (...) -- C:\Program Files\EasyBox\VLC\VLC.exe [93184]
    [MD5.FB784E1B24CD06EEC019F26EF79527AC] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [642560]

    ---\\ Opera, Plugins,Démarrage,Recherche (P1,B0,B1)
    P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin.dll
    P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin2.dll
    P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin3.dll
    P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin4.dll
    P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin5.dll
    P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin6.dll
    P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Opera\Program\Plugins\npqtplugin7.dll

    ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\acpro.xml
    M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
    M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
    M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
    M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
    M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
    M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
    M3 - MFPP: Plugins - [Didier] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml
    P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
    P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
    P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.1".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
    P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
    P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
    P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.5] - (.the VideoLAN Team - Version 1.1.5, copyright 1996-2010 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
    M0 - MFSP: prefs.js [Didier - ak9d41er.default] https://www.google.fr/?gws_rd=ssl

    ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKUS\S-1-5-21-3086759580-2372390923-3361958748-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
    R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
    R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

    ---\\ Internet Explorer, Proxy Management (R5)
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

    ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
    F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

    ---\\ Browser Helper Objects de navigateur (O2)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

    ---\\ Internet Explorer Toolbars (O3)
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    ---\\ ---\\ Applications démarrées par registre & par dossier (O4)
    O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
    O4 - HKLM\..\Run: [UpdatePDIRShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
    O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
    O4 - HKLM\..\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O4 - HKLM\..\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
    O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    O4 - HKCU\..\Run: [LanceurEasyBox] . (.Pas de propriétaire - Lanceur pour Mods FreePlayer.) -- C:\Program Files\EasyBox\EasyBox.exe
    O4 - HKCU\..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (.not file.)
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
    O4 - HKUS\S-1-5-21-3086759580-2372390923-3361958748-1000\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    O4 - HKUS\S-1-5-21-3086759580-2372390923-3361958748-1000\..\Run: [LanceurEasyBox] . (.Pas de propriétaire - Lanceur pour Mods FreePlayer.) -- C:\Program Files\EasyBox\EasyBox.exe
    O4 - HKUS\S-1-5-21-3086759580-2372390923-3361958748-1000\..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (.not file.)
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
    O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk . (.McAfee, Inc..) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

    ---\\ ---\\ Autres liens utilisateurs (O4)
    O4 - Global Startup: C:\Users\Didier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
    O4 - Global Startup: C:\Users\Didier\Desktop\AD-R.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe
    O4 - Global Startup: C:\Users\Didier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
    O4 - Global Startup: C:\Users\Didier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

    ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe

    ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
    O9 - Extra button: Skype add-on for Internet Explorer - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO

    ---\\ Winsock hijacker (Layered Service Provider) (O10)
    O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
    O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
    O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
    O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
    O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
    O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
    O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

    ---\\ Modification Domaine/Adresses DNS (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B5A7D1F8-EF27-490C-A5B1-C9A9E14DC82A}: NameServer = 213.230.155.10 213.230.129.10
    O17 - HKLM\System\CS1\Services\Tcpip\..\{B5A7D1F8-EF27-490C-A5B1-C9A9E14DC82A}: NameServer = 213.230.155.10 213.230.129.10
    O17 - HKLM\System\CS2\Services\Tcpip\..\{B5A7D1F8-EF27-490C-A5B1-C9A9E14DC82A}: NameServer = 213.230.155.10 213.230.129.10
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5E92F240-0E09-4CCE-9E31-EE8EBFEE2C1C}: DhcpNameServer = 212.27.40.241 212.27.40.240
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B4436E77-722E-418D-8523-5DC61BC32EBA}: DhcpNameServer = 212.27.40.241 212.27.40.240
    O17 - HKLM\System\CS1\Services\Tcpip\..\{5E92F240-0E09-4CCE-9E31-EE8EBFEE2C1C}: DhcpNameServer = 212.27.40.241 212.27.40.240
    O17 - HKLM\System\CS1\Services\Tcpip\..\{B4436E77-722E-418D-8523-5DC61BC32EBA}: DhcpNameServer = 212.27.40.241 212.27.40.240
    O17 - HKLM\System\CS2\Services\Tcpip\..\{5E92F240-0E09-4CCE-9E31-EE8EBFEE2C1C}: DhcpNameServer = 212.27.40.241 212.27.40.240
    O17 - HKLM\System\CS2\Services\Tcpip\..\{B4436E77-722E-418D-8523-5DC61BC32EBA}: DhcpNameServer = 212.27.40.241 212.27.40.240
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240

    ---\\ Protocole additionnel et piratage de protocole (O18)
    O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

    ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

    ---\\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P. - Com for QLB application.) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: (EasyBoxApache) . (.Apache Software Foundation - Apache HTTP Server.) - C:\Program Files\EasyBox\Apache\Apache.exe
    O23 - Service: (hpqwmiex) . (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: (McComponentHostService) . (.McAfee, Inc. - Component Host Service.) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) - Clé orpheline
    O23 - Service: (Recovery Service for Windows) . (.Pas de propriétaire - STServices.) - C:\Program Files\SMINST\BLService.exe
    O23 - Service: (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: (SwitchBoard) . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

    ---\\ Enumération Active Desktop & MHTML Editor (O24)
    O24 - Default MHTML Editor: Last - .(...) - (.not file.)

    ---\\ Tâches planifiées en automatique (O39)
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Ufgjssqv.job
    [MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-PC-Didier-Didier] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
    [MD5.47B88569510E8457DFDB6DE86707E7B9] [APT] [{466F7627-03A2-452C-B5CD-F43E29ADBEC8}] (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    [MD5.70B6D0C45256B688B7DBC10E922FB402] [APT] [{5E0205F7-D81E-476D-8D0C-D2E9C4223302}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe
    [MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

    ---\\ Pilotes lancés au démarrage (O41)
    O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
    O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
    O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
    O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
    O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
    O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
    O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
    O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
    O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
    O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
    O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
    O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
    O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
    O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
    O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
    O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
    O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
    O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
    O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
    O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
    O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

    ---\\ Logiciels installés (O42)
    O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
    O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
    O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {15FEDA5F-141C-4127-8D7E-B962D1742728}
    O42 - Logiciel: Adobe Photoshop Lightroom 3 - (.Adobe.) [HKLM] -- {23DD8A17-65DB-4D49-A2E0-164C6F460E3F}
    O42 - Logiciel: Adobe Reader 9.4.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
    O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- {AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}
    O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}
    O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA}
    O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
    O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKLM] -- BitTorrent
    O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8}
    O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
    O42 - Logiciel: Chiavetta Internet - (.Huawei Technologies Co.,Ltd.) [HKLM] -- Chiavetta Internet
    O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
    O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
    O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1
    O42 - Logiciel: ESU for Microsoft Vista - (.Hewlett-Packard.) [HKLM] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}
    O42 - Logiciel: EasyBox v4.0 - (.Pas de propriétaire.) [HKLM] -- {8CEF96CD-AC32-4DA7-A1B0-CD09BE9AF488}_is1
    O42 - Logiciel: HP Doc Viewer - (.Hewlett-Packard.) [HKLM] -- {082702D5-5DD8-4600-BCE5-48B15174687F}
    O42 - Logiciel: HP Help and Support - (.Hewlett-Packard Company.) [HKLM] -- {0054A0F6-00C9-4498-B821-B5C9578F433E}
    O42 - Logiciel: HP Quick Launch Buttons 6.40 H2 - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355}
    O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
    O42 - Logiciel: HP User Guides 0118 - (.Hewlett-Packard.) [HKLM] -- {B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}
    O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {9ADABDDE-9644-461B-9E73-83FA3EFCAB50}
    O42 - Logiciel: ImageMagick 6.6.7-1 Q16 (2011-01-15) - (.ImageMagick Studio LLC.) [HKLM] -- ImageMagick 6.6.7 Q16_is1
    O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
    O42 - Logiciel: Java(TM) 6 Update 23 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216023FF}
    O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
    O42 - Logiciel: LightScribe System Software 1.14.17.1 - (.LightScribe.) [HKLM] -- {0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
    O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
    O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
    O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proofing (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0409-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Publisher 2007 - (.Microsoft Corporation.) [HKLM] -- PUBLISHERR
    O42 - Logiciel: Microsoft Office Publisher 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-0019-0000-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Shared MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    O42 - Logiciel: Microsoft_VC80_ATL_x86 - (.Adobe.) [HKLM] -- {0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
    O42 - Logiciel: Microsoft_VC80_CRT_x86 - (.Adobe.) [HKLM] -- {92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
    O42 - Logiciel: Microsoft_VC80_MFCLOC_x86 - (.Adobe.) [HKLM] -- {D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
    O42 - Logiciel: Microsoft_VC80_MFC_x86 - (.Adobe.) [HKLM] -- {D1A19B02-817E-4296-A45B-07853FD74D57}
    O42 - Logiciel: Microsoft_VC90_ATL_x86 - (.Adobe.) [HKLM] -- {033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
    O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Adobe.) [HKLM] -- {08D2E121-7F6A-43EB-97FD-629B44903403}
    O42 - Logiciel: Microsoft_VC90_MFC_x86 - (.Adobe.) [HKLM] -- {635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
    O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
    O42 - Logiciel: Movies2iPhone .74b - (.OK Prods Ltd.) [HKLM] -- Movies2iPhone
    O42 - Logiciel: Mozilla Firefox (3.6.16) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.16)
    O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] -- {0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
    O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}
    O42 - Logiciel: Photomatix Pro version 3.0 - (.HDRsoft Sarl.) [HKLM] -- PhotomatixPro3_is1
    O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
    O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
    O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
    O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
    O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
    O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
    O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}
    O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {981029E0-7FC9-4CF3-AB39-6F133621921A}
    O42 - Logiciel: Skype(TM) 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
    O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
    O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player
    O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
    O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
    O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {2A697B53-0DE3-42DA-B41D-C3F804B1C538}
    O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\AOL]
    [HKCU\Software\AVAST Software]
    [HKCU\Software\Ad-Remover]
    [HKCU\Software\Adobe Lightroom]
    [HKCU\Software\Adobe]
    [HKCU\Software\AppDataLow\Software\Microsoft]
    [HKCU\Software\AppDataLow\Software]
    [HKCU\Software\AppDataLow]
    [HKCU\Software\Apple Computer, Inc.]
    [HKCU\Software\Apple Inc.]
    [HKCU\Software\BST]
    [HKCU\Software\Big Fish Games, Inc]
    [HKCU\Software\Big Fish Games]
    [HKCU\Software\Canneverbe Limited]
    [HKCU\Software\Classes]
    [HKCU\Software\Clients]
    [HKCU\Software\CyberLink]
    [HKCU\Software\DVD Shrink]
    [HKCU\Software\DivXNetworks]
    [HKCU\Software\EasyBox]
    [HKCU\Software\GNU]
    [HKCU\Software\Google]
    [HKCU\Software\Hewlett-Packard]
    [HKCU\Software\InstallShield]
    [HKCU\Software\Intel]
    [HKCU\Software\JavaSoft]
    [HKCU\Software\LightScribe]
    [HKCU\Software\Macromedia]
    [HKCU\Software\MainConcept (Muvee)]
    [HKCU\Software\Malwarebytes' Anti-Malware]
    [HKCU\Software\MimarSinan]
    [HKCU\Software\MozillaPlugins]
    [HKCU\Software\Mozilla]
    [HKCU\Software\MultimediaPhoto]
    [HKCU\Software\NTCCEQWNQO]
    [HKCU\Software\Nero]
    [HKCU\Software\Netscape]
    [HKCU\Software\Norton]
    [HKCU\Software\ODBC]
    [HKCU\Software\OpenOffice.org]
    [HKCU\Software\Opera Software]
    [HKCU\Software\Policies]
    [HKCU\Software\RegisteredApplications]
    [HKCU\Software\Research In Motion]
    [HKCU\Software\Roxio]
    [HKCU\Software\Skype]
    [HKCU\Software\Sonic Solutions]
    [HKCU\Software\Sonic]
    [HKCU\Software\Synaptics]
    [HKCU\Software\Trolltech]
    [HKCU\Software\VB and VBA Program Settings]
    [HKCU\Software\WinRAR SFX]
    [HKCU\Software\WinRAR]
    [HKCU\Software\YahooPartnerToolbar]
    [HKLM\Software\<company>]
    [HKLM\Software\ATI Technologies]
    [HKLM\Software\AVAST Software]
    [HKLM\Software\Adobe]
    [HKLM\Software\Ahead]
    [HKLM\Software\America Online]
    [HKLM\Software\Apple Computer, Inc.]
    [HKLM\Software\Apple Inc.]
    [HKLM\Software\Audible]
    [HKLM\Software\Big Fish Games]
    [HKLM\Software\CXT]
    [HKLM\Software\Canneverbe Limited]
    [HKLM\Software\Classes]
    [HKLM\Software\Clients]
    [HKLM\Software\Conexant Systems Inc ]
    [HKLM\Software\Conexant]
    [HKLM\Software\Cyberlink]
    [HKLM\Software\Debug]
    [HKLM\Software\DivXNetworks]
    [HKLM\Software\DivX]
    [HKLM\Software\EasyBits]
    [HKLM\Software\GEAR Software]
    [HKLM\Software\Google]
    [HKLM\Software\HPQLOG]
    [HKLM\Software\HPQ]
    [HKLM\Software\Hewlett-Packard]
    [HKLM\Software\Huawei technologies]
    [HKLM\Software\ImageMagick]
    [HKLM\Software\InstallShield]
    [HKLM\Software\InstalledOptions]
    [HKLM\Software\Intel]
    [HKLM\Software\JavaSoft]
    [HKLM\Software\JreMetrics]
    [HKLM\Software\Licenses]
    [HKLM\Software\LightScribe]
    [HKLM\Software\Macromedia]
    [HKLM\Software\Malwarebytes' Anti-Malware]
    [HKLM\Software\MimarSinan]
    [HKLM\Software\MozillaPlugins]
    [HKLM\Software\Mozilla]
    [HKLM\Software\NTCCEQWNQO]
    [HKLM\Software\Nero]
    [HKLM\Software\ODBC]
    [HKLM\Software\OpenOffice.org]
    [HKLM\Software\P2G_Upgrade]
    [HKLM\Software\PDR_Upgrade]
    [HKLM\Software\Policies]
    [HKLM\Software\QATestSystem]
    [HKLM\Software\RTLSetup]
    [HKLM\Software\Realtek Semiconductor Corp.]
    [HKLM\Software\Realtek USB 2.0 Card Reader]
    [HKLM\Software\Realtek]
    [HKLM\Software\RegisteredApplications]
    [HKLM\Software\Skype]
    [HKLM\Software\Sonic]
    [HKLM\Software\Symantec]
    [HKLM\Software\Synaptics]
    [HKLM\Software\UCAM_Upgrade]
    [HKLM\Software\VideoLAN]
    [HKLM\Software\WOW6432Node]
    [HKLM\Software\WinRAR]
    [HKLM\Software\Windows]
    [HKLM\Software\Yahoo]
    [HKLM\Software\mcafeeupdater]
    [HKLM\Software\mozilla.org]

    ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 - CFD: 09/04/2011 - 22:06:28 - [96723541] ----D- C:\Program Files\Ad-Remover
    O43 - CFD: 22/11/2010 - 16:13:08 - [866142249] ----D- C:\Program Files\Adobe
    O43 - CFD: 30/04/2010 - 15:37:32 - [1793179660] ----D- C:\Program Files\Adobe Photoshop CS5 Extended Edition
    O43 - CFD: 20/03/2011 - 21:40:08 - [2306366] ----D- C:\Program Files\Apple Software Update
    O43 - CFD: 09/04/2011 - 23:08:58 - [151291056] ----D- C:\Program Files\AVAST Software
    O43 - CFD: 05/04/2011 - 10:48:56 - [857521] ----D- C:\Program Files\BitTorrent
    O43 - CFD: 20/03/2011 - 21:39:28 - [617126] ----D- C:\Program Files\Bonjour
    O43 - CFD: 24/03/2011 - 21:49:28 - [14164882] ----D- C:\Program Files\CDBurnerXP
    O43 - CFD: 25/02/2011 - 17:08:32 - [24620357] ----D- C:\Program Files\Chiavetta Internet
    O43 - CFD: 02/02/2011 - 22:39:52 - [732002187] ----D- C:\Program Files\Common Files
    O43 - CFD: 17/10/2009 - 00:59:08 - [8986455] ----D- C:\Program Files\CONEXANT
    O43 - CFD: 10/11/2010 - 22:02:58 - [748090138] ----D- C:\Program Files\CyberLink
    O43 - CFD: 16/06/2010 - 23:06:32 - [1373018] ----D- C:\Program Files\DivX
    O43 - CFD: 14/07/2009 - 11:01:32 - [83226132] ----D- C:\Program Files\DVD Maker
    O43 - CFD: 18/10/2009 - 12:13:04 - [979654] ----D- C:\Program Files\DVD Shrink
    O43 - CFD: 17/10/2009 - 01:00:50 - [76061455] ----D- C:\Program Files\EasyBits For Kids
    O43 - CFD: 29/11/2010 - 13:41:58 - [210092767] ----D- C:\Program Files\EasyBox
    O43 - CFD: 17/10/2009 - 01:26:40 - [0] -SH-D- C:\Program Files\Fichiers communs
    O43 - CFD: 03/02/2011 - 00:13:06 - [0] ----D- C:\Program Files\Google
    O43 - CFD: 10/11/2010 - 22:05:24 - [133488738] ----D- C:\Program Files\Hewlett-Packard
    O43 - CFD: 10/11/2010 - 22:06:46 - [3943129] ----D- C:\Program Files\HP
    O43 - CFD: 21/01/2011 - 00:09:54 - [51826361] ----D- C:\Program Files\ImageMagick-6.6.7-Q16
    O43 - CFD: 10/11/2010 - 22:06:46 - [119155750] --H-D- C:\Program Files\InstallShield Installation Information
    O43 - CFD: 17/10/2009 - 01:05:12 - [64745] ----D- C:\Program Files\Intel
    O43 - CFD: 22/11/2010 - 16:06:56 - [5813167] ----D- C:\Program Files\Internet Explorer
    O43 - CFD: 20/03/2011 - 22:05:46 - [1856627] ----D- C:\Program Files\iPod
    O43 - CFD: 20/03/2011 - 22:06:16 - [127660511] ----D- C:\Program Files\iTunes
    O43 - CFD: 29/12/2010 - 17:41:00 - [173720709] ----D- C:\Program Files\Java
    O43 - CFD: 17/10/2009 - 14:53:16 - [16664352] ----D- C:\Program Files\JRE
    O43 - CFD: 09/04/2011 - 23:13:42 - [4931883] ----D- C:\Program Files\Malwarebytes' Anti-Malware
    O43 - CFD: 22/06/2010 - 18:03:42 - [9453898] ----D- C:\Program Files\McAfee Security Scan
    O43 - CFD: 14/07/2009 - 11:01:22 - [147812402] ----D- C:\Program Files\Microsoft Games
    O43 - CFD: 29/01/2010 - 14:57:08 - [278511573] ----D- C:\Program Files\Microsoft Office
    O43 - CFD: 29/01/2010 - 14:57:20 - [3331792] ----D- C:\Program Files\Microsoft Works
    O43 - CFD: 29/01/2010 - 14:56:48 - [8152064] ----D- C:\Program Files\Microsoft.NET
    O43 - CFD: 25/03/2010 - 01:36:50 - [10116620] ----D- C:\Program Files\Movies2iPhone
    O43 - CFD: 23/03/2011 - 21:49:42 - [31518633] --H-D- C:\Program Files\Mozilla Firefox
    O43 - CFD: 14/07/2009 - 06:52:32 - [25757] ----D- C:\Program Files\MSBuild
    O43 - CFD: 16/10/2009 - 20:54:56 - [0] ----D- C:\Program Files\MSXML 4.0
    O43 - CFD: 17/10/2009 - 01:05:22 - [18764189] R---D- C:\Program Files\Online Services
    O43 - CFD: 17/10/2009 - 14:53:14 - [377841238] ----D- C:\Program Files\OpenOffice.org 3
    O43 - CFD: 22/11/2010 - 14:38:52 - [1122625] ----D- C:\Program Files\Opera
    O43 - CFD: 27/08/2010 - 19:55:52 - [8657112] ----D- C:\Program Files\PhotomatixPro3
    O43 - CFD: 20/03/2011 - 21:41:06 - [76322555] ----D- C:\Program Files\QuickTime
    O43 - CFD: 17/10/2009 - 01:05:22 - [1588785] ----D- C:\Program Files\Realtek
    O43 - CFD: 14/07/2009 - 06:52:32 - [38593281] ----D- C:\Program Files\Reference Assemblies
    O43 - CFD: 24/03/2010 - 21:25:02 - [0] ----D- C:\Program Files\Research In Motion
    O43 - CFD: 30/08/2010 - 19:25:10 - [38378187] R---D- C:\Program Files\Skype
    O43 - CFD: 17/10/2009 - 01:05:26 - [28360879] ----D- C:\Program Files\SMINST
    O43 - CFD: 17/10/2009 - 00:55:02 - [14672316] ----D- C:\Program Files\Synaptics
    O43 - CFD: 14/07/2009 - 06:53:24 - [0] --H-D- C:\Program Files\Uninstall Information
    O43 - CFD: 26/11/2010 - 15:41:50 - [80691317] ----D- C:\Program Files\VideoLAN
    O43 - CFD: 16/06/2010 - 23:04:36 - [0] ----D- C:\Program Files\Webteh
    O43 - CFD: 17/10/2009 - 01:05:26 - [0] ----D- C:\Program Files\Windows Calendar
    O43 - CFD: 17/10/2009 - 01:05:26 - [0] ----D- C:\Program Files\Windows Collaboration
    O43 - CFD: 14/07/2009 - 10:39:40 - [3049984] ----D- C:\Program Files\Windows Defender
    O43 - CFD: 14/07/2009 - 11:01:30 - [7013496] ----D- C:\Program Files\Windows Journal
    O43 - CFD: 14/07/2009 - 10:39:40 - [6180864] ----D- C:\Program Files\Windows Mail
    O43 - CFD: 21/10/2009 - 22:31:26 - [6607787] ----D- C:\Program Files\Windows Media Player
    O43 - CFD: 17/10/2009 - 01:26:40 - [12194484] ----D- C:\Program Files\Windows NT
    O43 - CFD: 17/10/2009 - 01:05:26 - [0] ----D- C:\Program Files\Windows Photo Gallery
    O43 - CFD: 14/07/2009 - 10:39:40 - [4417800] ----D- C:\Program Files\Windows Photo Viewer
    O43 - CFD: 14/07/2009 - 06:52:34 - [189440] ----D- C:\Program Files\Windows Portable Devices
    O43 - CFD: 14/07/2009 - 10:39:40 - [10712014] ----D- C:\Program Files\Windows Sidebar
    O43 - CFD: 02/02/2010 - 22:30:50 - [3724337] ----D- C:\Program Files\WinRAR
    O43 - CFD: 10/04/2011 - 21:04:52 - [4779436] ----D- C:\Program Files\ZHPDiag
    O43 - CFD: 22/11/2010 - 16:13:10 - [320112360] ----D- C:\Program Files\Common Files\Adobe
    O43 - CFD: 20/03/2011 - 22:05:46 - [91350844] ----D- C:\Program Files\Common Files\Apple
    O43 - CFD: 29/01/2010 - 14:57:08 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
    O43 - CFD: 10/11/2010 - 22:11:16 - [5145595] ----D- C:\Program Files\Common Files\InstallShield
    O43 - CFD: 29/12/2010 - 16:39:28 - [39116381] ----D- C:\Program Files\Common Files\Java
    O43 - CFD: 17/10/2009 - 00:58:54 - [29200078] ----D- C:\Program Files\Common Files\LightScribe
    O43 - CFD: 29/01/2010 - 14:57:18 - [182964465] ----D- C:\Program Files\Common Files\microsoft shared
    O43 - CFD: 22/08/2010 - 23:20:12 - [4346720] ----D- C:\Program Files\Common Files\PX Storage Engine
    O43 - CFD: 14/07/2009 - 04:37:06 - [2702] ----D- C:\Program Files\Common Files\Services
    O43 - CFD: 30/08/2010 - 19:24:58 - [2135336] ----D- C:\Program Files\Common Files\Skype
    O43 - CFD: 14/07/2009 - 04:37:06 - [41103783] ----D- C:\Program Files\Common Files\SpeechEngines
    O43 - CFD: 14/07/2009 - 10:39:40 - [16430947] ----D- C:\Program Files\Common Files\System
    O43 - CFD: 22/11/2010 - 16:13:10 - [315770813] ----D- C:\ProgramData\Adobe
    O43 - CFD: 25/03/2010 - 00:20:20 - [121606176] ----D- C:\ProgramData\Apple
    O43 - CFD: 20/03/2011 - 21:40:52 - [65510435] ----D- C:\ProgramData\Apple Computer
    O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Application Data
    O43 - CFD: 17/10/2009 - 01:05:34 - [20957] ----D- C:\ProgramData\Atheros
    O43 - CFD: 09/04/2011 - 23:08:58 - [4771878] ----D- C:\ProgramData\AVAST Software
    O43 - CFD: 17/10/2009 - 01:26:40 - [0] -SH-D- C:\ProgramData\Bureau
    O43 - CFD: 18/10/2009 - 12:14:52 - [0] ----D- C:\ProgramData\Canneverbe Limited
    O43 - CFD: 10/11/2010 - 22:06:46 - [31009] ----D- C:\ProgramData\CyberLink
    O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Desktop
    O43 - CFD: 16/06/2010 - 23:06:40 - [1514981] ----D- C:\ProgramData\DivX
    O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Documents
    O43 - CFD: 07/12/2010 - 23:25:08 - [144] ----D- C:\ProgramData\Driver Whiz
    O43 - CFD: 18/10/2009 - 23:05:24 - [17545] ----D- C:\ProgramData\DVD Shrink
    O43 - CFD: 17/10/2009 - 01:26:40 - [0] -SH-D- C:\ProgramData\Favoris
    O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Favorites
    O43 - CFD: 16/06/2010 - 23:18:04 - [0] ----D- C:\ProgramData\Google
    O43 - CFD: 17/10/2009 - 01:05:36 - [36446930] ----D- C:\ProgramData\Hewlett-Packard
    O43 - CFD: 29/12/2009 - 19:02:44 - [391] ----D- C:\ProgramData\InstallShield
    O43 - CFD: 07/11/2009 - 15:52:58 - [390] ----D- C:\ProgramData\LightScribe
    O43 - CFD: 22/11/2010 - 15:16:44 - [6522791] ----D- C:\ProgramData\Malwarebytes
    O43 - CFD: 19/10/2009 - 09:34:20 - [604061] ----D- C:\ProgramData\McAfee
    O43 - CFD: 17/10/2009 - 01:56:20 - [853] ----D- C:\ProgramData\McAfee Security Scan
    O43 - CFD: 17/10/2009 - 01:26:40 - [0] -SH-D- C:\ProgramData\Menu Démarrer
    O43 - CFD: 17/10/2009 - 01:26:32 - [169174506] -S--D- C:\ProgramData\Microsoft
    O43 - CFD: 29/01/2010 - 14:58:10 - [61992] ----D- C:\ProgramData\Microsoft Help
    O43 - CFD: 17/10/2009 - 01:26:40 - [0] -SH-D- C:\ProgramData\Modèles
    O43 - CFD: 17/10/2009 - 01:05:38 - [12036] ----D- C:\ProgramData\Norton
    O43 - CFD: 17/10/2009 - 01:05:38 - [4381526] ----D- C:\ProgramData\NortonInstaller
    O43 - CFD: 11/10/2010 - 14:34:02 - [3422] ----D- C:\ProgramData\regid.1986-12.com.adobe
    O43 - CFD: 24/03/2010 - 21:30:02 - [17597] ----D- C:\ProgramData\Roxio
    O43 - CFD: 30/08/2010 - 19:24:56 - [27617664] ----D- C:\ProgramData\Skype
    O43 - CFD: 29/12/2009 - 19:02:38 - [1081] ----D- C:\ProgramData\Sonic
    O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Start Menu
    O43 - CFD: 16/06/2010 - 23:12:08 - [224] ----D- C:\ProgramData\Sun
    O43 - CFD: 12/04/2010 - 15:30:00 - [487779] ---AD- C:\ProgramData\Temp
    O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Templates
    O43 - CFD: 17/10/2009 - 01:05:38 - [13278999] ----D- C:\ProgramData\WildTangent
    O43 - CFD: 01/12/2010 - 21:53:46 - [7696979] ----D- C:\Users\Didier\AppData\Roaming\Adobe
    O43 - CFD: 09/11/2010 - 22:41:10 - [108] ----D- C:\Users\Didier\AppData\Roaming\Adobe Mini Bridge CS5
    O43 - CFD: 25/03/2010 - 00:23:54 - [513267898] ----D- C:\Users\Didier\AppData\Roaming\Apple Computer
    O43 - CFD: 08/04/2010 - 17:24:46 - [7460] ----D- C:\Users\Didier\AppData\Roaming\Big Fish Games
    O43 - CFD: 07/04/2011 - 09:48:24 - [10055209] ----D- C:\Users\Didier\AppData\Roaming\BitTorrent
    O43 - CFD: 13/11/2009 - 22:54:10 - [6292] ----D- C:\Users\Didier\AppData\Roaming\BSplayer Pro
    O43 - CFD: 13/03/2011 - 20:11:52 - [1557] ----D- C:\Users\Didier\AppData\Roaming\Canneverbe Limited
    O43 - CFD: 08/05/2010 - 16:09:00 - [141312] ----D- C:\Users\Didier\AppData\Roaming\DivX
    O43 - CFD: 10/11/2010 - 22:05:40 - [188] ----D- C:\Users\Didier\AppData\Roaming\GTek
    O43 - CFD: 13/10/2010 - 00:20:38 - [165] ----D- C:\Users\Didier\AppData\Roaming\gtk-2.0
    O43 - CFD: 17/10/2009 - 01:09:34 - [303104] ----D- C:\Users\Didier\AppData\Roaming\Hewlett-Packard
    O43 - CFD: 17/10/2009 - 01:09:34 - [42124] ----D- C:\Users\Didier\AppData\Roaming\HP TCS
    O43 - CFD: 25/03/2010 - 01:35:18 - [0] ----D- C:\Users\Didier\AppData\Roaming\Identities
    O43 - CFD: 10/11/2010 - 22:01:30 - [293] ----D- C:\Users\Didier\AppData\Roaming\InstallShield
    O43 - CFD: 17/10/2009 - 01:09:34 - [66694] ----D- C:\Users\Didier\AppData\Roaming\Macromedia
    O43 - CFD: 22/11/2010 - 15:16:52 - [8802234] ----D- C:\Users\Didier\AppData\Roaming\Malwarebytes
    O43 - CFD: 14/07/2009 - 11:00:34 - [0] ----D- C:\Users\Didier\AppData\Roaming\Media Center Programs
    O43 - CFD: 13/03/2011 - 19:54:38 - [2213524] -S--D- C:\Users\Didier\AppData\Roaming\Microsoft
    O43 - CFD: 12/11/2010 - 02:43:56 - [13243147] ----D- C:\Users\Didier\AppData\Roaming\Mozilla
    O43 - CFD: 07/11/2009 - 15:52:58 - [119112] ----D- C:\Users\Didier\AppData\Roaming\Nero
    O43 - CFD: 16/06/2010 - 23:07:50 - [54] ----D- C:\Users\Didier\AppData\Roaming\OfficeRecovery
    O43 - CFD: 17/10/2009 - 14:45:20 - [2523740] ----D- C:\Users\Didier\AppData\Roaming\OpenOffice.org
    O43 - CFD: 20/06/2010 - 13:25:44 - [203980] ----D- C:\Users\Didier\AppData\Roaming\Opera
    O43 - CFD: 26/11/2010 - 15:24:06 - [2349] ----D- C:\Users\Didier\AppData\Roaming\PIFreePC
    O43 - CFD: 29/12/2009 - 19:05:58 - [6002668] ----D- C:\Users\Didier\AppData\Roaming\Roxio
    O43 - CFD: 07/04/2011 - 09:49:04 - [3107528] ----D- C:\Users\Didier\AppData\Roaming\Skype
    O43 - CFD: 07/04/2011 - 09:48:32 - [8456] ----D- C:\Users\Didier\AppData\Roaming\skypePM
    O43 - CFD: 29/08/2010 - 16:28:38 - [0] ----D- C:\Users\Didier\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    O43 - CFD: 06/12/2010 - 17:32:44 - [2027463] ----D- C:\Users\Didier\AppData\Roaming\vlc
    O43 - CFD: 02/02/2010 - 22:31:00 - [12] ----D- C:\Users\Didier\AppData\Roaming\WinRAR

    ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 - LFC:[MD5.8FFDB4B2DFB7D57B130CF1E89F426408] - 10/04/2011 - 20:03:23 ---A- . (...) -- C:\Windows\setupact.log [5617015]
    O44 - LFC:[MD5.1A0000000000000000000000FCEF1200] - 10/04/2011 - 19:59:45 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1834636]
    O44 - LFC:[MD5.5ECF4A26C9B197B98B0169B413AA14A5] - 10/04/2011 - 19:59:36 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
    O44 - LFC:[MD5.D31499016327AD7AEEE8777CB16E58CF] - 10/04/2011 - 12:48:04 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [10288]
    O44 - LFC:[MD5.D31499016327AD7AEEE8777CB16E58CF] - 10/04/2011 - 12:48:04 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [10288]
    O44 - LFC:[MD5.2107323DDCA34951DDB60574E248296D] - 10/04/2011 - 12:46:37 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1524562]
    O44 - LFC:[MD5.5C44FF27BD6075D8847862E56B3E6281] - 10/04/2011 - 12:46:37 ---A- . (...) -- C:\Windows\System32\perfc009.dat [103568]
    O44 - LFC:[MD5.4327925F3AD67F7EB99D03E05451D205] - 10/04/2011 - 12:46:37 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [127684]
    O44 - LFC:[MD5.444C7A1B32839A2454353F3F1342DB5D] - 10/04/2011 - 12:46:37 ---A- . (...) -- C:\Windows\System32\perfh009.dat [607190]
    O44 - LFC:[MD5.5F5002850F434DAB6071C335B69FBEA6] - 10/04/2011 - 12:46:37 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [695004]
    O44 - LFC:[MD5.1C2E6BB4FE8621B1B863855B02BC33EB] - 09/04/2011 - 22:10:09 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\System32\drivers\aswFsBlk.sys [19544]
    O44 - LFC:[MD5.4B1A54BA2BC5873A774DF6B70AB8B0B3] - 09/04/2011 - 22:10:09 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [301528]
    O44 - LFC:[MD5.C7F1CEA32766184911293F4E1EE653F5] - 09/04/2011 - 22:10:07 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\drivers\aswTdi.sys [49240]
    O44 - LFC:[MD5.B6A9373619D851BE80FB5F1B5EED0D4E] - 09/04/2011 - 22:10:07 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\System32\drivers\aswRdr.sys [25432]
    O44 - LFC:[MD5.9BE41C1AE8BC481EB662D85C98D979C2] - 09/04/2011 - 22:10:06 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys [371544]
    O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 09/04/2011 - 22:10:02 ---A- . (...) -- C:\Windows\System32\config.nt [2577]
    O44 - LFC:[MD5.B0F137F664F10829CD2380B0E20E7C29] - 09/04/2011 - 22:10:02 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [53592]
    O44 - LFC:[MD5.0439C6170F7F6355BB5275C9CAA6050F] - 09/04/2011 - 22:09:03 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [40648]
    O44 - LFC:[MD5.C6E1D434F1F3A5226B0DDFDF84B12677] - 09/04/2011 - 22:09:03 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [190016]
    O44 - LFC:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 09/04/2011 - 21:19:59 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]
    O44 - LFC:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 09/04/2011 - 21:19:55 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]
    O44 - LFC:[MD5.02BB51AF5FBD0DAF324F64F5F0FE181F] - 09/04/2011 - 21:07:33 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [4038]
    O44 - LFC:[MD5.DBCA25990F2A3ADF4BD350E6EC4ABB11] - 09/04/2011 - 19:59:03 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
    O44 - LFC:[MD5.7D437A206DF2652FEC9CEFA5B0B1CD6C] - 25/03/2011 - 09:01:16 ---A- . (...) -- C:\Windows\PFRO.log [3856]
    O44 - LFC:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 20/03/2011 - 21:06:16 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [26600]
    O44 - LFC:[MD5.005EE82BABF1D2D32188A75BEDF500A4] - 20/03/2011 - 21:06:16 ---A- . (.GEAR Software Inc. - GEARAspi (x86).) -- C:\Windows\System32\GEARAspi.dll [107368]

    ---\\ MountPoints2 Shell Key (O51)
    O51 - MPSK:{b2127e5e-40f0-11e0-a976-001f166136bf}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\AutoRun.exe (.not file.)
    O51 - MPSK:{b2127e6d-40f0-11e0-a976-001f166136bf}\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\AutoRun.exe (.not file.)

    ---\\ Trojan Driver Search Data (HKLM) (O52)
    O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
    O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
    O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm
    O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
    O52 - TDSD: \drivers.desc\"C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM"="CyberLink MP3 Encoder" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

    ---\\ Microsoft Control Security Providers (O54)
    O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
    O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

    ---\\ Microsoft Windows Policies System (O55)
    O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
    O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
    O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwit
    0
  9. Utilisateur anonyme
     
    Bonsoir

    Le rapport n'est pas complet.
    Merci d'utiliser ci-joint pour poster ce rapport.

    @+
    0