Virus backdoor.agent!kI11bI34geo
Résolu/Fermé
A voir également:
- Virus backdoor.agent!kI11bI34geo
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Tinyurl.com virus - Forum Virus
- Virus mcafee - Accueil - Piratage
35 réponses
Utilisateur anonyme
Modifié par Electricien 69 le 4/06/2011 à 09:18
Modifié par Electricien 69 le 4/06/2011 à 09:18
bonjour,
pas mal ton pseudo !!! mdr
* Télécharge ZHPDiag sur ton bureau :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://dl.free.fr
ou :
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/
tuto zhpdiag :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
O.o°*??? Membre, Contributeur sécurité CCMo°.Oø¤º°'°º¤ø
O.o°* ??? Réspire à fond, Rédige ton message en bon français et de manière claire.Ca va bien se passer, tu verras, enfin on essaie !!! o°.Oø¤º°'°º¤ø
pas mal ton pseudo !!! mdr
* Télécharge ZHPDiag sur ton bureau :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://dl.free.fr
ou :
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/
tuto zhpdiag :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
O.o°*??? Membre, Contributeur sécurité CCMo°.Oø¤º°'°º¤ø
O.o°* ??? Réspire à fond, Rédige ton message en bon français et de manière claire.Ca va bien se passer, tu verras, enfin on essaie !!! o°.Oø¤º°'°º¤ø
Utilisateur anonyme
5 juin 2011 à 08:03
5 juin 2011 à 08:03
bonjour,
compresse le rapport et héberge le sur un site comme cijoint, copie et colle les lien du rapport hébérgé sur ton prochain message :-)
compresse le rapport et héberge le sur un site comme cijoint, copie et colle les lien du rapport hébérgé sur ton prochain message :-)
j'ai pas trop reussi a faire comme tu as dit car je suis nul en informatique lol mais j'ai fait un copier coller du raccourci j'éspere que ca marchera
merci pour ton aide
http://www.cijoint.fr/cjlink.php?file=cj201106/cijXpXwYu2.txt
merci pour ton aide
http://www.cijoint.fr/cjlink.php?file=cj201106/cijXpXwYu2.txt
Utilisateur anonyme
5 juin 2011 à 20:28
5 juin 2011 à 20:28
super :-)
* Télécharge de AD-Remover sur ton Bureau. (Merci à l'équipe TeamXscript)
http://www.teamxscript.org/adremoverTelechargement.html
( Lien officiel )
https://www.androidworld.fr/
( Miroir )
/!\ Ferme toutes applications en cours /!\
- Double-clique sur l'icône Ad-remover située sur ton Bureau.
- Sur la page, clique sur le bouton « Nettoyer »
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
* Télécharge de AD-Remover sur ton Bureau. (Merci à l'équipe TeamXscript)
http://www.teamxscript.org/adremoverTelechargement.html
( Lien officiel )
https://www.androidworld.fr/
( Miroir )
/!\ Ferme toutes applications en cours /!\
- Double-clique sur l'icône Ad-remover située sur ton Bureau.
- Sur la page, clique sur le bouton « Nettoyer »
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ok c'est bon voila le rapport
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 23:06:53 le 05/06/2011, Mode normal
Microsoft Windows 7 Édition Familiale Premium (X64)
nour@NOUR-HP (Hewlett-Packard p6610fr-m)
============== RECHERCHE ==============
============== SCAN ADDITIONNEL ==============
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{A3BC75A2-1F87-4686-AA43-5347D756017C} (x)
HKCU_SearchScopes\{651DAA5E-2BEC-4E88-BD18-CA92BBF9753F} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKCU_SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - "AVG Secure Search" (hxxp://search.avg.com/route/?d=0&v=7.5.30.4&i=&tp=chrome&q={searchTerms}&lng={la...)
HKCU_SearchScopes\{D1F21842-2E67-417F-9371-FA93B12A9B13} - "AVG Secure Search" (hxxp://search.avg.com/route/?d=$instd$&v=$ver$&i=$dchid$&tp=chrome&q={searchTerm...)
HKLM_SearchScopes\{651DAA5E-2BEC-4E88-BD18-CA92BBF9753F} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKCU_Toolbar\WebBrowser|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)
HKLM_Toolbar|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)
HKCU_ElevationPolicy\{0CC112C8-8B5F-445E-9D8F-BF1A512FA11A} - C:\Program Files (x86)\eMule\emule.exe (http://www.emule-project.net)
HKCU_ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\wtapp_ProtocolHandler.exe (WildTangent, Inc.)
HKCU_ElevationPolicy\{AE146730-C4BA-41F6-8DB3-5F5DFE26BF0D} - C:\Program Files (x86)\PDF Complete\pdfvista.exe (PDF Complete Inc)
HKCU_ElevationPolicy\{E6D3D6CC-02F2-4AA3-9785-827E5EAFBE0C} - C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\PhotoViewer\HPPhotoViewer.exe (Hewlett-Packard Corp.)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{08FF730A-494F-4cba-AA0B-E4F1D44715F9} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\symerr.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 115 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 19 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 05/06/2011 22:55:16 (5060 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 05/06/2011 23:02:12 (3708 Octet(s))
C:\Ad-Report-SCAN[1].txt - 05/06/2011 22:58:26 (3595 Octet(s))
C:\Ad-Report-SCAN[2].txt - 05/06/2011 23:06:59 (3553 Octet(s))
Fin à: 23:07:39, 05/06/2011
============== E.O.F ==============
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 23:06:53 le 05/06/2011, Mode normal
Microsoft Windows 7 Édition Familiale Premium (X64)
nour@NOUR-HP (Hewlett-Packard p6610fr-m)
============== RECHERCHE ==============
============== SCAN ADDITIONNEL ==============
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{A3BC75A2-1F87-4686-AA43-5347D756017C} (x)
HKCU_SearchScopes\{651DAA5E-2BEC-4E88-BD18-CA92BBF9753F} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKCU_SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - "AVG Secure Search" (hxxp://search.avg.com/route/?d=0&v=7.5.30.4&i=&tp=chrome&q={searchTerms}&lng={la...)
HKCU_SearchScopes\{D1F21842-2E67-417F-9371-FA93B12A9B13} - "AVG Secure Search" (hxxp://search.avg.com/route/?d=$instd$&v=$ver$&i=$dchid$&tp=chrome&q={searchTerm...)
HKLM_SearchScopes\{651DAA5E-2BEC-4E88-BD18-CA92BBF9753F} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKCU_Toolbar\WebBrowser|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)
HKLM_Toolbar|{CCC7A320-B3CA-4199-B1A6-9F516DD69829} (x)
HKCU_ElevationPolicy\{0CC112C8-8B5F-445E-9D8F-BF1A512FA11A} - C:\Program Files (x86)\eMule\emule.exe (http://www.emule-project.net)
HKCU_ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\wtapp_ProtocolHandler.exe (WildTangent, Inc.)
HKCU_ElevationPolicy\{AE146730-C4BA-41F6-8DB3-5F5DFE26BF0D} - C:\Program Files (x86)\PDF Complete\pdfvista.exe (PDF Complete Inc)
HKCU_ElevationPolicy\{E6D3D6CC-02F2-4AA3-9785-827E5EAFBE0C} - C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\PhotoViewer\HPPhotoViewer.exe (Hewlett-Packard Corp.)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{08FF730A-494F-4cba-AA0B-E4F1D44715F9} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\symerr.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 115 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 19 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 05/06/2011 22:55:16 (5060 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 05/06/2011 23:02:12 (3708 Octet(s))
C:\Ad-Report-SCAN[1].txt - 05/06/2011 22:58:26 (3595 Octet(s))
C:\Ad-Report-SCAN[2].txt - 05/06/2011 23:06:59 (3553 Octet(s))
Fin à: 23:07:39, 05/06/2011
============== E.O.F ==============
Utilisateur anonyme
6 juin 2011 à 07:47
6 juin 2011 à 07:47
bonjour,
relance ADR, clique sur désinstaller,
aide toi de ce poste pour envoyer un nouveau rapport de zhpdiag :
https://forums.commentcamarche.net/forum/affich-22271081-virus-backdoor-agent-ki11bi34geo#1
relance ADR, clique sur désinstaller,
aide toi de ce poste pour envoyer un nouveau rapport de zhpdiag :
https://forums.commentcamarche.net/forum/affich-22271081-virus-backdoor-agent-ki11bi34geo#1
salut j'espere que c'est bon cette fois
Rapport de ZHPDiag v1.27.225 par Nicolas Coolman, Update du 05/06/2011
Run by nour at 6/6/2011 8:52:23 PM
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385 (Defaut)
---\\ System Information
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095.2 MB (65% free)
System Restore: Activé (Enable)
System drive C: has 339 GB (74%) free of 452 GB
---\\ Logged in mode
Computer Name: NOUR-HP
User Name: nour
All Users Names: nour, Ismahane, HomeGroupUser$, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=C:\Users\nour\AppData\Roaming
%LocalAppData%=C:\Users\nour\AppData\Local
%StartMenu%=C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 339 Go of 452 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E:\ CD-ROM drive (Free 0 Go of 1 Go)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
---\\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.2/26/2011 7:23:14 AM.) -- C:\Windows\Explorer.exe [2870272]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.7/14/2009 2:14:45 AM.) -- C:\Windows\system32\Wininit.exe [96256]
[MD5.214605C48AE416BC067C39D227CFCC57] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2/24/2011 6:32:44 AM.) -- C:\Windows\system32\wininet.dll [981504]
---\\ Processus lancés
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768]
[MD5.63A648C5FEB5DE641E1174ACB6CF78C6] - (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [568888]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [54576]
[MD5.1D9032C431D48AEDCC24BF836D046D7D] - (.SPAMfighter - SPYWAREfighter Application.) -- C:\Program Files (x86)\Fighters\SPYWAREfighter\swproTray.exe [983688]
[MD5.3C75EF2D104ED48FB1108AD0E3BB1188] - (.SPAMfighter - VIRUSfighter Application.) -- C:\Program Files (x86)\Fighters\VIRUSfighter\vfproTray.exe [1081992]
[MD5.638C728F21CCC7EC4F8517A212C34353] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160]
[MD5.E3965334E5DAC17751475D8AB8630610] - (.SPAMfighter ApS - SPAMfighter Agent.) -- C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe [843400]
[MD5.D9ED562A22474E673E86C0FFB0D89EB5] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1590840]
[MD5.C6697A46554E36541E81182B258A19D6] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [673040]
[MD5.CD94B1501F66744AE1A00668DE36BBF9] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [307376]
[MD5.B6290E0C5A2F1F025AAF4A13D7C2C90D] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10r_ActiveX.exe [240288]
[MD5.5A4AB52E221E994555E574D506A6E7D1] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [657920]
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com
R0 - HKUS\S-1-5-21-1017763241-1986431608-4267821916-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) [64Bits] - {A3BC75A2-1F87-4686-AA43-5347D756017C} Clé orpheline
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll
O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKCU\..\Run: [HPAdvisorDock] . (.Hewlett-Packard - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Anti Trojan Elite] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [SWPROguard] . (.SPAMfighter - SPYWAREfighter Application.) -- C:\Program Files (x86)\Fighters\SPYWAREfighter\SWPROTray.exe
O4 - HKLM\..\Wow6432Node\Run: [VFPROguard] . (.SPAMfighter - VIRUSfighter Application.) -- C:\Program Files (x86)\Fighters\VIRUSfighter\VFPROTray.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [sfagent] . (.SPAMfighter ApS - SPAMfighter Agent.) -- C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe
O4 - HKLM\..\Wow6432Node\Run: [a-squared] . (.Emsi Software GmbH - Background Guard.) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-1017763241-1986431608-4267821916-1001\..\Run: [HPAdvisorDock] . (.Hewlett-Packard - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
O4 - HKUS\S-1-5-21-1017763241-1986431608-4267821916-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1017763241-1986431608-4267821916-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1017763241-1986431608-4267821916-1001\..\Run: [Anti Trojan Elite] Clé orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\nour\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\nour\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk . (.Emsi Software GmbH.) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2start.exe
O4 - Global Startup: C:\Users\nour\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\nour\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - hp.lnk . (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{07CA04AE-2283-48B9-A2D8-9029C2331F0D}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{07CA04AE-2283-48B9-A2D8-9029C2331F0D}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{07CA04AE-2283-48B9-A2D8-9029C2331F0D}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) . (.Emsi Software GmbH - Emsisoft Anti-Malware Service.) - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (AV Engine Scanning Service) . (.Preventon Technologies Limited - Preventon AV Scanning Service.) - C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
O23 - Service: (AV Watch Service) . (.Preventon Technologies Limited - Preventon AV Watch Service.) - C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: (ezSharedSvc) . (.EasyBits Software AS - Shared EasyBits services for Windows.) - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: (GamesAppService) . (.WildTangent, Inc. - GamesAppService.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: (gupdatem) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (HP Health Check Service) . (.Hewlett-Packard Company - HP Support Assistant.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: (hpqwmiex) . (.Hewlett-Packard Company - hpqwmiex Module.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (64-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 197.9.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: (pdfcDispatcher) . (.PDF Complete Inc - Dispatcher.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: (SPAMfighter Update Service) . (.SPAMfighter ApS - SPAMfighter Update Service.) - C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe
O23 - Service: (Suite Service) . (.SPAMfighter ApS - Fighter Suite Service.) - C:\Program Files (x86)\Fighters\FighterSuiteService.exe
O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForIsmahane.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleFornour.job
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForIsmahane] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
[MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleFornour] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [RecoveryCDWin7] (.Pas de propriétaire.) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe
[MD5.F3F709C2D49DD6636F4EDE5C2CAE5448] [APT] [{E888D3E6-AFF8-4BDF-8BC4-DE5107820217}] (.http://www.emule-project.net.) -- C:\Program Files (x86)\eMule\emule.exe
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
[MD5.FDC7C934ADB8C3B51A3C21781B608673] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.FDC7C934ADB8C3B51A3C21781B608673] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM][64Bits] -- WT087420
O42 - Logiciel: Age of Empires III - (.Microsoft Game Studios.) [HKLM][64Bits] -- InstallShield_{485775E8-AEB8-46BD-922B-242879E03DD5}
O42 - Logiciel: Age of Empires III - The Asian Dynasties - (.Microsoft Game Studios.) [HKLM][64Bits] -- InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}
O42 - Logiciel: Age of Empires III - The WarChiefs - (.Microsoft Game Studios.) [HKLM][64Bits] -- InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {853A4763-6643-4604-8D64-28BDD8925F4C}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {8F473675-D702-45F9-8EBC-342B40C17BF5}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT087428
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {0E543634-7E25-4B8F-8D5B-97880E5E5088}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon MP270 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT087453
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM][64Bits] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}
O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- {FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}
O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM][64Bits] -- WT087536
O42 - Logiciel: Emsisoft Anti-Malware 5.1 - (.Emsi Software GmbH.) [HKLM][64Bits] -- Emsisoft Anti-Malware_is1
O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WT087361
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {B3FED300-806C-11E0-A0D0-B8AC6F97B88E}
O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM][64Bits] -- {40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}
O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM][64Bits] -- {91A34181-9FAD-43AB-A35F-E7A8945B7E1C}
O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}
O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM][64Bits] -- {6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}
O42 - Logiciel: HP MediaSmart SmartMenu - (.Hewlett-Packard.) [HKLM] -- {5B08AF35-B699-4A44-BB89-3E51E70611E8}
O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}
O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- {D12E3E7F-1B13-4933-A915-16C7DD37A095}
O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM][64Bits] -- {72D90DB3-A16A-4545-B555-868471101833}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {08DB3902-2CE0-474D-BCE3-0177766CE9F1}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {DE77FE3F-A33D-499A-87AD-5FC406617B40}
O42 - Logiciel: HP Vision Hardware Diagnostics - (.Hewlett-Packard.) [HKLM] -- {D79A02E9-6713-4335-9668-AAC7474C0C0E}
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT087480
O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM][64Bits] -- WT087485
O42 - Logiciel: Jewel Quest Solitaire - (.WildTangent.) [HKLM][64Bits] -- WT087490
O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM][64Bits] -- WT087380
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM][64Bits] -- {46BA053F-57B3-4153-BDB6-D37EEC8B12D7}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Magic Desktop - (.EasyBits Software AS.) [HKLM][64Bits] -- EasyBits Magic Desktop
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
O42 - Logiciel: Microsoft Office 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {95140000-0070-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Starter 2010 - Français - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140011-0066-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office « Démarrer en un clic » 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-006D-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office « Démarrer en un clic » 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- Office14.Click2Run
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM][64Bits] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {aac9fcc4-dd9e-4add-901c-b5496a07ab2e}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM][64Bits] -- {a0fe116e-9a8a-466f-aee0-625cb7c207e3}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {8338783A-0968-3B85-AFC7-BAAE0A63DC50}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM][64Bits] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- {3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: MusicStation - (.Hewlett-Packard.) [HKLM][64Bits] -- MusicStationNetstaller
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: PDF Complete Special Edition - (.PDF Complete, Inc.) [HKLM][64Bits] -- PDF Complete
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WT087394
O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}
O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM][64Bits] -- {D36DD326-7280-11D8-97C8-000129760CBE}
O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM][64Bits] -- WT087501
O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WT087396
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PressReader - (. NewspaperDirect Inc..) [HKLM][64Bits] -- {912CED74-88D3-4C5B-ACB0-13231864975D}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM][64Bits] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: SPAMfighter - (.SPAMfighter ApS.) [HKLM][64Bits] -- SPAMfighter
O42 - Logiciel: SPAMfighter Client - (.SPAMfighter ApS.) [HKLM][64Bits] -- {1D0AB230-E7BC-41CB-A50C-F282273E897B}
O42 - Logiciel: SPYWAREfighter - (.SPAMfighter ApS.) [HKLM][64Bits] -- SPYWAREfighter
O42 - Logiciel: SPYWAREfighter - (.SPAMfighter ApS.) [HKLM][64Bits] -- {5A7D2B13-9522-48A9-A06F-A9C4AA33D8AD}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708
O42 - Logiciel: Skype(TM) 4.1 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: Slingo Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT087510
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228
O42 - Logiciel: VIRUSfighter - (.SPAMfighter ApS.) [HKLM][64Bits] -- VIRUSfighter
O42 - Logiciel: VIRUSfighter - (.SPAMfighter ApS.) [HKLM][64Bits] -- {A0222F6E-7785-46A0-AE9B-3D2D1ACF84C5}
O42 - Logiciel: VLC media player 1.1.9 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Virtual Villagers - The Secret City - (.WildTangent.) [HKLM][64Bits] -- WT087513
O42 - Logiciel: Visual Studio 2008 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}
O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM][64Bits] -- WT087519
O42 - Logiciel: WildTangent Games App (HP Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {FE4BE0BD-1EDB-4D24-9614-847B3C472887}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM][64Bits] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {D07A61E5-A59C-433C-BCBD-22025FA2287B}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM][64Bits] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {83C292B7-38A5-440B-A731-07070E81A64F}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM][64Bits] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {DF6D988A-EEA0-4277-AAB8-158E086E439B}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {5E2CD4FB-4538-4831-8176-05D653C3E6D4}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM][64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM][64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {05E379CC-F626-4E7D-8354-463865B303BF}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT087533
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM][64Bits] -- eMule
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {16DDB3D1-5C27-4599-9C63-E583287191CC}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AVG]
[HKCU\Software\AntiTrojanElite]
[HKCU\Software\AppDataLow\Avg]
[HKCU\Software\AppDataLow\Software\AVG Security Toolbar]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\EasyBits]
[HKCU\Software\Fighters]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\PDFComplete]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Skype]
[HKCU\Software\WildTangent]
[HKCU\Software\Wow6432Node]
[HKCU\Software\eMule]
[HKCU\Software\http://www.ecran-de-veille.com]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVG]
[HKLM\Software\Adobe]
[HKLM\Software\AntimalwareSolution]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Common Toolkit Suite]
[HKLM\Software\CyberLink]
[HKLM\Software\Cyberlink]
[HKLM\Software\EasyBits]
[HKLM\Software\Emsi Software GmbH]
[HKLM\Software\Fighters]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\Macromedia]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\NewspaperDirect]
[HKLM\Software\ODBC]
[HKLM\Software\PDFComplete]
[HKLM\Software\Piriform]
[HKLM\Software\PocketSoft]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WildTangent]
[HKLM\Software\Win32 Services]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mozilla.org]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 4/20/2011 - 11:04:00 PM - [195882] ----D- C:\Program Files\Bonjour
O43 - CFD: 4/3/2011 - 1:55:08 AM - [7040624] ----D- C:\Program Files\CCleaner
O43 - CFD: 2/25/2011 - 8:34:40 PM - [90614506] ----D- C:\Program Files\Common Files
O43 - CFD: 2/19/2011 - 5:33:18 AM - [90257428] ----D- C:\Program Files\DVD Maker
O43 - CFD: 2/19/2011 - 5:12:30 AM - [994472] ----D- C:\Program Files\Google
O43 - CFD: 11/3/2010 - 5:51:18 PM - [9779088] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 11/3/2010 - 5:16:26 PM - [1705] ----D- C:\Program Files\hp
O43 - CFD: 4/15/2011 - 9:37:00 PM - [5176332] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 4/20/2011 - 11:05:22 PM - [1939563] ----D- C:\Program Files\iPod
O43 - CFD: 4/20/2011 - 11:05:42 PM - [2345448] ----D- C:\Program Files\iTunes
O43 - CFD: 7/14/2009 - 9:45:56 AM - [149236786] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 2/15/2011 - 9:52:16 PM - [1584303] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 7/14/2009 - 7:32:40 AM - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 11/3/2010 - 5:11:04 PM - [52390537] ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD: 11/3/2010 - 5:40:20 PM - [2178436] ----D- C:\Program Files\PlayReady
O43 - CFD: 11/3/2010 - 5:10:28 PM - [14738648] ----D- C:\Program Files\Realtek
O43 - CFD: 7/14/2009 - 7:32:40 AM - [36253865] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 7/14/2009 - 7:09:28 AM - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 2/19/2011 - 5:33:16 AM - [4039168] ----D- C:\Program Files\Windows Defender
O43 - CFD: 2/19/2011 - 5:33:16 AM - [9224824] ----D- C:\Program Files\Windows Journal
O43 - CFD: 3/13/2011 - 2:48:58 PM - [7987385] ----D- C:\Program Files\Windows Live
O43 - CFD: 2/19/2011 - 5:33:18 AM - [6667264] ----D- C:\Program Files\Windows Mail
O43 - CFD: 2/19/2011 - 5:33:16 AM - [7687085] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 7/14/2009 - 7:32:40 AM - [12627124] ----D- C:\Program Files\Windows NT
O43 - CFD: 2/19/2011 - 5:33:16 AM - [5516568] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 7/14/2009 - 7:32:40 AM - [235008] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 2/19/2011 - 5:33:18 AM - [9889485] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 2/23/2011 - 9:00:36 PM - [6246981] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 2/22/2011 - 7:32:40 PM - [71746084] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 7/14/2009 - 5:20:10 AM - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 7/14/2009 - 5:20:10 AM - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2/19/2011 - 5:33:16 AM - [12009971] ----D- C:\Program Files\Common Files\System
O43 - CFD: 2/15/2011 - 1:03:04 AM - [37] ----D- C:\ProgramData\Age of Empires 3
O43 - CFD: 2/23/2011 - 9:05:42 PM - [89022267] ----D- C:\ProgramData\Apple
O43 - CFD: 2/23/2011 - 9:01:56 PM - [67314172] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 6/5/2011 - 12:52:42 AM - [0] ----D- C:\ProgramData\AVG10
O43 - CFD: 3/4/2011 - 7:37:10 PM - [21470974] --H-D- C:\ProgramData\CanonBJ
O43 - CFD: 6/3/2011 - 5:14:36 PM - [2830] ----D- C:\ProgramData\clp
O43 - CFD: 6/4/2011 - 9:46:50 PM - [96] --H-D- C:\ProgramData\Common Files
O43 - CFD: 2/25/2011 - 8:42:58 PM - [63148093] ----D- C:\ProgramData\Common Toolkit Suite
O43 - CFD: 5/25/2011 - 9:12:46 AM - [144687] ----D- C:\ProgramData\CyberLink
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 5/9/2011 - 8:31:14 PM - [0] ----D- C:\ProgramData\eMule
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 5/1/2011 - 6:33:54 PM - [1224260] ----D- C:\ProgramData\Fighters
O43 - CFD: 2/19/2011 - 5:13:00 AM - [539234] ----D- C:\ProgramData\Google
O43 - CFD: 2/16/2011 - 3:03:40 PM - [66075214] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 6/5/2011 - 12:51:58 AM - [9635661] ----D- C:\ProgramData\MFAData
O43 - CFD: 2/22/2011 - 7:33:30 PM - [2272691846] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 2/26/2011 - 7:36:28 PM - [50144] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 11/3/2010 - 5:43:46 PM - [0] ----D- C:\ProgramData\NewspaperDirect
O43 - CFD: 2/25/2011 - 8:35:38 PM - [15608] ----D- C:\ProgramData\Norton
O43 - CFD: 11/3/2010 - 5:48:48 PM - [8748021] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 11/3/2010 - 5:13:06 PM - [276886] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 6/6/2011 - 12:04:58 AM - [0] ----D- C:\ProgramData\PDFC
O43 - CFD: 11/3/2010 - 5:19:36 PM - [3540077] ----D- C:\ProgramData\Ralink Driver
O43 - CFD: 2/25/2011 - 9:42:46 PM - [19451154] ----D- C:\ProgramData\Skype
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 11/3/2010 - 5:30:58 PM - [491733] ----D- C:\ProgramData\Temp
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 2/16/2011 - 12:03:36 AM - [0] ----D- C:\ProgramData\VirtualizedApplications
O43 - CFD: 3/12/2011 - 2:11:30 AM - [1622227851] ----D- C:\ProgramData\WildTangent
O43 - CFD: 11/3/2010 - 5:16:50 PM - [35063286] ----D- C:\ProgramData\{0F47B255-CF9F-48C5-B558-B7DAF9345268}
O43 - CFD: 2/16/2011 - 2:57:20 PM - [35253750] ----D- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC}
O43 - CFD: 2/23/2011 - 9:02:08 PM - [893135] ----D- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 4/4/2011 - 10:18:40 PM - [38204202] --H-D- C:\ProgramData\{C2854F90-E25A-4436-A624-DAA1A3535BAF}
O43 - CFD: 5/1/2011 - 6:34:50 PM - [43744498] --H-D- C:\ProgramData\{C63260C3-92B8-484F-8B6B-02C69C5AAA41}
O43 - CFD: 4/2/2011 - 10:41:50 PM - [37490931] --H-D- C:\ProgramData\{D81057B4-29EC-41EB-A123-4E4E49873404}
O43 - CFD: 2/14/2011 - 11:00:16 PM - [3613968] ----D- C:\Users\nour\AppData\Roaming\Adobe
O43 - CFD: 3/5/2011 - 1:08:02 AM - [933172144] ----D- C:\Users\nour\AppData\Roaming\Apple Computer
O43 - CFD: 6/4/2011 - 9:47:50 PM - [300] ----D- C:\Users\nour\AppData\Roaming\AVG10
O43 - CFD: 2/26/2011 - 6:31:52 PM - [0] ----D- C:\Users\nour\AppData\Roaming\CyberLink
O43 - CFD: 5/1/2011 - 6:32:46 PM - [496554] ----D- C:\Users\nour\AppData\Roaming\Fighters
O43 - CFD: 2/19/2011 - 5:14:14 AM - [0] ----D- C:\Users\nour\AppData\Roaming\Google
O43 - CFD: 2/23/2011 - 8:54:52 PM - [117050] ----D- C:\Users\nour\AppData\Roaming\Hewlett-Packard
O43 - CFD: 6/1/2011 - 2:11:40 PM - [420] ----D- C:\Users\nour\AppData\Roaming\HP Support Assistant
O43 - CFD: 2/16/2011 - 3:03:14 PM - [14768] ----D- C:\Users\nour\AppData\Roaming\hpqLog
O43 - CFD: 6/1/2011 - 2:11:40 PM - [6527] ----D- C:\Users\nour\AppData\Roaming\HpUpdate
O43 - CFD: 2/14/2011 - 10:58:12 PM - [0] ----D- C:\Users\nour\AppData\Roaming\Identities
O43 - CFD: 2/14/2011 - 11:00:16 PM - [2410] ----D- C:\Users\nour\AppData\Roaming\Macromedia
O43 - CFD: 7/14/2009 - 9:44:40 AM - [0] ----D- C:\Users\nour\AppData\Roaming\Media Center Programs
O43 - CFD: 5/5/2011 - 10:09:56 PM - [19300458] -S--D- C:\Users\nour\AppData\Roaming\Microsoft
O43 - CFD: 6/6/2011 - 1:14:14 AM - [2081264] ----D- C:\Users\nour\AppData\Roaming\Skype
O43 - CFD: 6/3/2011 - 5:13:16 PM - [4939844] ----D- C:\Users\nour\AppData\Roaming\SoftGrid Client
O43 - CFD: 2/15/2011 - 9:53:28 PM - [0] ----D- C:\Users\nour\AppData\Roaming\TP
O43 - CFD: 5/24/2011 - 8:00:16 AM - [1064722] ----D- C:\Users\nour\AppData\Roaming\vlc
O43 - CFD: 2/15/2011 - 11:24:40 PM - [0] ----D- C:\Users\nour\AppData\Roaming\WinBatch
O43 - CFD: 2/22/2011 - 9:06:10 PM - [0] ----D- C:\Users\nour\AppData\Roaming\Windows Live Writer
O43 - CFD: 4/28/2011 - 6:34:48 PM - [4312] ----D- C:\Users\nour\AppData\Roaming\_MDLogs
O43 - CFD: 2/23/2011 - 9:00:50 PM - [0] ----D- C:\Users\nour\Appdata\Local\Apple
O43 - CFD: 6/2/2011 - 11:55:30 AM - [158091424] ----D- C:\Users\nour\Appdata\Local\Apple Computer
O43 - CFD: 2/14/2011 - 9:44:16 PM - [0] -SH-D- C:\Users\nour\Appdata\Local\Application Data
O43 - CFD: 2/16/2011 - 2:42:56 PM - [1210001] ----D- C:\Users\nour\Appdata\Local\Apps
O43 - CFD: 4/6/2011 - 12:45:20 PM - [0] ----D- C:\Users\nour\Appdata\Local\Axialis
O43 - CFD: 6/2/2011 - 9:45:28 PM - [39384036] ----D- C:\Users\nour\Appdata\Local\CrashDumps
O43 - CFD: 2/26/2011 - 6:31:32 PM - [34816] ----D- C:\Users\nour\Appdata\Local\CyberLink
O43 - CFD: 2/16/2011 - 2:43:22 PM - [0] ----D- C:\Users\nour\Appdata\Local\Deployment
O43 - CFD: 5/9/2011 - 11:46:30 PM - [261366] ----D- C:\Users\nour\Appdata\Local\Diagnostics
O43 - CFD: 5/9/2011 - 8:47:32 PM - [9242258] ----D- C:\Users\nour\Appdata\Local\eMule
O43 - CFD: 5/26/2011 - 9:53:02 PM - [26033] ----D- C:\Users\nour\Appdata\Local\Google
O43 - CFD: 2/26/2011 - 6:33:08 PM - [44725563] ----D- C:\Users\nour\Appdata\Local\Hewlett-Packard
O43 - CFD: 2/14/2011 - 9:44:16 PM - [0] -SH-D- C:\Users\nour\Appdata\Local\Historique
O43 - CFD: 3/3/2011 - 1:11:50 AM - [0] ----D- C:\Users\nour\Appdata\Local\HP MediaSmart Video
O43 - CFD: 5/15/2011 - 11:58:36 AM - [790166798] ----D- C:\Users\nour\Appdata\Local\Microsoft
O43 - CFD: 2/26/2011 - 7:36:26 PM - [0] ----D- C:\Users\nour\Appdata\Local\Microsoft Help
O43 - CFD: 5/26/2011 - 1:08:22 AM - [0] ----D- C:\Users\nour\Appdata\Local\Mozilla
O43 - CFD: 2/25/2011 - 8:41:56 PM - [0] ----D- C:\Users\nour\Appdata\Local\PackageAware
O43 - CFD: 3/4/2011 - 7:37:16 PM - [0] ----D- C:\Users\nour\Appdata\Local\PDFC
O43 - CFD: 2/26/2011 - 6:31:32 PM - [0] ----D- C:\Users\nour\Appdata\Local\PowerCinema
O43 - CFD: 2/15/2011 - 9:53:10 PM - [4579328] ----D- C:\Users\nour\Appdata\Local\SoftGrid Client
O43 - CFD: 6/6/2011 - 8:51:48 PM - [989009] ----D- C:\Users\nour\Appdata\Local\Temp
O43 - CFD: 2/14/2011 - 9:44:16 PM - [0] -SH-D- C:\Users\nour\Appdata\Local\Temporary Internet Files
O43 - CFD: 3/25/2011 - 10:45:28 PM - [93937] ----D- C:\Users\nour\Appdata\Local\VirtualStore
O43 - CFD: 5/15/2011 - 12:03:40 PM - [98304] ----D- C:\Users\nour\Appdata\Local\Windows Live
O43 - CFD: 2/22/2011 - 9:06:16 PM - [372494] ----D- C:\Users\nour\Appdata\Local\Windows Live Writer
O43 - CFD: 5/8/2011 - 9:39:26 PM - [0] ----D- C:\Users\nour\Appdata\Local\{002889FB-FD2E-4AE6-BB31-0171A1093799}
O43 - CFD: 6/6/2011 - 8:24:38 PM - [0] ----D- C:\Users\nour\Appdata\Local\{025BDB39-B5B8-40F5-A8C6-FD3764189C85}
O43 - CFD: 5/28/2011 - 9:41:12 AM - [0] ----D- C:\Users\nour\Appdata\Local\{161A2D89-46AD-4B60-8426-42284726D1F3}
O43 - CFD: 5/17/2011 - 3:55:56 PM - [0] ----D- C:\Users\nour\Appdata\Local\{1BEEFAF8-4569-4A6D-B413-6A2D47B44F82}
O43 - CFD: 5/21/2011 - 9:03:40 PM - [0] ----D- C:\Users\nour\Appdata\Local\{1D38B879-ED26-4659-AA0C-A868D4765316}
O43 - CFD: 5/20/2011 - 7:37:32 PM - [0] ----D- C:\Users\nour\Appdata\Local\{377E5B78-2A97-4551-8705-EE0ACA905F65}
O43 - CFD: 5/27/2011 - 9:40:10 AM - [0] ----D- C:\Users\nour\Appdata\Local\{4319B9FC-0562-4FB3-96D1-F0E4D29A905E}
O43 - CFD: 6/4/2011 - 12:21:08 PM - [0] ----D- C:\Users\nour\Appdata\Local\{43C065B4-FD8D-4DD2-ACD7-46CE899D1FF2}
O43 - CFD: 5/24/2011 - 10:55:14 PM - [0] ----D- C:\Users\nour\Appdata\Local\{6C156398-1776-4636-8F8B-87A8CD0FEB5B}
O43 - CFD: 5/9/2011 - 8:27:36 PM - [0] ----D- C:\Users\nour\Appdata\Local\{702921AD-16E6-4AB8-B72B-3157CF6A3071}
O43 - CFD: 5/7/2011 - 12:37:16 PM - [0] ----D- C:\Users\nour\Appdata\Local\{795AC749-2DE0-44C6-900D-B951E842AB57}
O43 - CFD: 4/10/2011 - 4:39:32 PM - [0] ----D- C:\Users\nour\Appdata\Local\{7E76DFA7-23A5-4331-867B-B1659E760080}
O43 - CFD: 5/16/2011 - 9:08:46 PM - [0] ----D- C:\Users\nour\Appdata\Local\{7ED1F348-C4B6-4114-839A-03B52F26B6E7}
O43 - CFD: 5/10/2011 - 11:52:24 PM - [0] ----D- C:\Users\nour\Appdata\Local\{87DA1970-0BAF-485D-8DA1-A23585997CD0}
O43 - CFD: 5/16/2011 - 6:03:48 AM - [0] ----D- C:\Users\nour\Appdata\Local\{87EF0E32-333D-45D4-B15C-FEC507ECA660}
O43 - CFD: 5/14/2011 - 11:44:34 AM - [0] ----D- C:\Users\nour\Appdata\Local\{895766C9-B36E-43C7-8DCB-37B49659C7C7}
O43 - CFD: 5/23/2011 - 9:28:02 PM - [0] ----D- C:\Users\nour\Appdata\Local\{8D808627-F9B6-4376-A138-3AA8743BAB39}
O43 - CFD: 6/5/2011 - 12:22:08 AM - [0] ----D- C:\Users\nour\Appdata\Local\{9F61CCED-093F-410B-AC34-E7FE4E5358E6}
O43 - CFD: 5/31/2011 - 9:43:50 AM - [0] ----D- C:\Users\nour\Appdata\Local\{A1BC1449-23FA-49E7-A239-FA0D38783045}
O43 - CFD: 5/11/2011 - 1:12:34 PM - [0] ----D- C:\Users\nour\Appdata\Local\{A3EF7837-A177-495F-9382-92F6D63125B0}
O43 - CFD: 4/27/2011 - 9:53:30 PM - [0] ----D- C:\Users\nour\Appdata\Local\{A5883EB9-5C2B-4804-92CD-83BBBAB4F918}
O43 - CFD: 4/10/2011 - 4:38:02 PM - [0] ----D- C:\Users\nour\Appdata\Local\{AFB04C58-D9ED-4DF6-9DA2-F9DB83C626CF}
O43 - CFD: 6/5/2011 - 12:22:44 PM - [0] ----D- C:\Users\nour\Appdata\Local\{B1C1AB97-9AD0-4854-AA28-66D684B11F07}
O43 - CFD: 5/15/2011 - 6:02:48 AM - [0] ----D- C:\Users\nour\Appdata\Local\{B2B08152-EEE4-4528-A4EB-3531AD33D254}
O43 - CFD: 6/2/2011 - 9:26:02 PM - [0] ----D- C:\Users\nour\Appdata\Local\{BBF6EC60-4E9E-422B-AC5E-163FFBC2C90E}
O43 - CFD: 5/17/2011 - 6:39:46 PM - [0] ----D- C:\Users\nour\Appdata\Local\{C88F5590-85BA-45C8-8FA8-E91B870DECCF}
O43 - CFD: 4/26/2011 - 9:15:28 PM - [0] ----D- C:\Users\nour\Appdata\Local\{D5C3E9DF-2FA3-442C-A35F-D742CCEF0C21}
O43 - CFD: 5/5/2011 - 10:11:08 PM - [0] ----D- C:\Users\nour\Appdata\Local\{E0C94094-1E93-4C0E-9366-F6CEDF12DDC5}
O43 - CFD: 5/19/2011 - 7:36:28 PM - [0] ----D- C:\Users\nour\Appdata\Local\{E1B76026-3841-40C1-9A75-A6E015860594}
O43 - CFD: 5/18/2011 - 8:44:00 PM - [0] ----D- C:\Users\nour\Appdata\Local\{EE62956E-2FC2-4E8D-8CD4-79B8AB207B14}
O43 - CFD: 6/3/2011 - 11:24:42 AM - [0] ----D- C:\Users\nour\Appdata\Local\{F42220CF-0856-458F-AEB1-47D72438F9BD}
O43 - CFD: 7/14/2009 - 6:54:34 AM - [14671] R---D- C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2/14/2011 - 10:58:24 PM - [174] R---D- C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2/15/2011 - 11:16:02 PM - [216] ----D- C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 7/14/2009 - 6:49:40 AM - [580] R---D- C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2/14/2011 - 10:58:24 PM - [174] R---D- C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2/23/2011 - 9:00:48 PM - [2306366] ----D- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 6/4/2011 - 9:44:58 PM - [10659572] ----D- C:\Program Files (x86)\AVG
O43 - CFD: 4/20/2011 - 11:04:00 PM - [621202] ----D- C:\Program Files (x86)\Bonjour
O43 - CFD: 2/25/2011 - 8:42:58 PM - [519743006] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 11/3/2010 - 5:25:34 PM - [1346142688] ----D- C:\Program Files (x86)\CyberLink
O43 - CFD: 4/28/2011 - 6:36:08 PM - [107254520] ----D- C:\Program Files (x86)\EasyBits For Kids
O43 - CFD: 6/6/2011 - 8:24:18 PM - [153163494] ----D- C:\Program Files (x86)\Emsisoft Anti-Malware
O43 - CFD: 5/9/2011 - 8:30:20 PM - [10906334] ----D- C:\Program Fi
Rapport de ZHPDiag v1.27.225 par Nicolas Coolman, Update du 05/06/2011
Run by nour at 6/6/2011 8:52:23 PM
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385 (Defaut)
---\\ System Information
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095.2 MB (65% free)
System Restore: Activé (Enable)
System drive C: has 339 GB (74%) free of 452 GB
---\\ Logged in mode
Computer Name: NOUR-HP
User Name: nour
All Users Names: nour, Ismahane, HomeGroupUser$, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=C:\Users\nour\AppData\Roaming
%LocalAppData%=C:\Users\nour\AppData\Local
%StartMenu%=C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 339 Go of 452 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E:\ CD-ROM drive (Free 0 Go of 1 Go)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
---\\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.2/26/2011 7:23:14 AM.) -- C:\Windows\Explorer.exe [2870272]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.7/14/2009 2:14:45 AM.) -- C:\Windows\system32\Wininit.exe [96256]
[MD5.214605C48AE416BC067C39D227CFCC57] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2/24/2011 6:32:44 AM.) -- C:\Windows\system32\wininet.dll [981504]
---\\ Processus lancés
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768]
[MD5.63A648C5FEB5DE641E1174ACB6CF78C6] - (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [568888]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [54576]
[MD5.1D9032C431D48AEDCC24BF836D046D7D] - (.SPAMfighter - SPYWAREfighter Application.) -- C:\Program Files (x86)\Fighters\SPYWAREfighter\swproTray.exe [983688]
[MD5.3C75EF2D104ED48FB1108AD0E3BB1188] - (.SPAMfighter - VIRUSfighter Application.) -- C:\Program Files (x86)\Fighters\VIRUSfighter\vfproTray.exe [1081992]
[MD5.638C728F21CCC7EC4F8517A212C34353] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160]
[MD5.E3965334E5DAC17751475D8AB8630610] - (.SPAMfighter ApS - SPAMfighter Agent.) -- C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe [843400]
[MD5.D9ED562A22474E673E86C0FFB0D89EB5] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1590840]
[MD5.C6697A46554E36541E81182B258A19D6] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [673040]
[MD5.CD94B1501F66744AE1A00668DE36BBF9] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [307376]
[MD5.B6290E0C5A2F1F025AAF4A13D7C2C90D] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10r_ActiveX.exe [240288]
[MD5.5A4AB52E221E994555E574D506A6E7D1] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [657920]
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com
R0 - HKUS\S-1-5-21-1017763241-1986431608-4267821916-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) [64Bits] - {A3BC75A2-1F87-4686-AA43-5347D756017C} Clé orpheline
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll
O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKCU\..\Run: [HPAdvisorDock] . (.Hewlett-Packard - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Anti Trojan Elite] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [SWPROguard] . (.SPAMfighter - SPYWAREfighter Application.) -- C:\Program Files (x86)\Fighters\SPYWAREfighter\SWPROTray.exe
O4 - HKLM\..\Wow6432Node\Run: [VFPROguard] . (.SPAMfighter - VIRUSfighter Application.) -- C:\Program Files (x86)\Fighters\VIRUSfighter\VFPROTray.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [sfagent] . (.SPAMfighter ApS - SPAMfighter Agent.) -- C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe
O4 - HKLM\..\Wow6432Node\Run: [a-squared] . (.Emsi Software GmbH - Background Guard.) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-1017763241-1986431608-4267821916-1001\..\Run: [HPAdvisorDock] . (.Hewlett-Packard - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
O4 - HKUS\S-1-5-21-1017763241-1986431608-4267821916-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1017763241-1986431608-4267821916-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1017763241-1986431608-4267821916-1001\..\Run: [Anti Trojan Elite] Clé orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\nour\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\nour\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk . (.Emsi Software GmbH.) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2start.exe
O4 - Global Startup: C:\Users\nour\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\nour\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - hp.lnk . (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{07CA04AE-2283-48B9-A2D8-9029C2331F0D}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{07CA04AE-2283-48B9-A2D8-9029C2331F0D}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{07CA04AE-2283-48B9-A2D8-9029C2331F0D}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) . (.Emsi Software GmbH - Emsisoft Anti-Malware Service.) - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (AV Engine Scanning Service) . (.Preventon Technologies Limited - Preventon AV Scanning Service.) - C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
O23 - Service: (AV Watch Service) . (.Preventon Technologies Limited - Preventon AV Watch Service.) - C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: (ezSharedSvc) . (.EasyBits Software AS - Shared EasyBits services for Windows.) - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: (GamesAppService) . (.WildTangent, Inc. - GamesAppService.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: (gupdatem) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (HP Health Check Service) . (.Hewlett-Packard Company - HP Support Assistant.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: (hpqwmiex) . (.Hewlett-Packard Company - hpqwmiex Module.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (64-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 197.9.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: (pdfcDispatcher) . (.PDF Complete Inc - Dispatcher.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: (SPAMfighter Update Service) . (.SPAMfighter ApS - SPAMfighter Update Service.) - C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe
O23 - Service: (Suite Service) . (.SPAMfighter ApS - Fighter Suite Service.) - C:\Program Files (x86)\Fighters\FighterSuiteService.exe
O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForIsmahane.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleFornour.job
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForIsmahane] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
[MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleFornour] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [RecoveryCDWin7] (.Pas de propriétaire.) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe
[MD5.F3F709C2D49DD6636F4EDE5C2CAE5448] [APT] [{E888D3E6-AFF8-4BDF-8BC4-DE5107820217}] (.http://www.emule-project.net.) -- C:\Program Files (x86)\eMule\emule.exe
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
[MD5.FDC7C934ADB8C3B51A3C21781B608673] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.FDC7C934ADB8C3B51A3C21781B608673] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM][64Bits] -- WT087420
O42 - Logiciel: Age of Empires III - (.Microsoft Game Studios.) [HKLM][64Bits] -- InstallShield_{485775E8-AEB8-46BD-922B-242879E03DD5}
O42 - Logiciel: Age of Empires III - The Asian Dynasties - (.Microsoft Game Studios.) [HKLM][64Bits] -- InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}
O42 - Logiciel: Age of Empires III - The WarChiefs - (.Microsoft Game Studios.) [HKLM][64Bits] -- InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {853A4763-6643-4604-8D64-28BDD8925F4C}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {8F473675-D702-45F9-8EBC-342B40C17BF5}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT087428
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {0E543634-7E25-4B8F-8D5B-97880E5E5088}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon MP270 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT087453
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM][64Bits] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}
O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- {FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}
O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM][64Bits] -- WT087536
O42 - Logiciel: Emsisoft Anti-Malware 5.1 - (.Emsi Software GmbH.) [HKLM][64Bits] -- Emsisoft Anti-Malware_is1
O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WT087361
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {B3FED300-806C-11E0-A0D0-B8AC6F97B88E}
O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM][64Bits] -- {40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}
O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM][64Bits] -- {91A34181-9FAD-43AB-A35F-E7A8945B7E1C}
O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}
O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM][64Bits] -- {6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}
O42 - Logiciel: HP MediaSmart SmartMenu - (.Hewlett-Packard.) [HKLM] -- {5B08AF35-B699-4A44-BB89-3E51E70611E8}
O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}
O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- {D12E3E7F-1B13-4933-A915-16C7DD37A095}
O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM][64Bits] -- {72D90DB3-A16A-4545-B555-868471101833}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {08DB3902-2CE0-474D-BCE3-0177766CE9F1}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {DE77FE3F-A33D-499A-87AD-5FC406617B40}
O42 - Logiciel: HP Vision Hardware Diagnostics - (.Hewlett-Packard.) [HKLM] -- {D79A02E9-6713-4335-9668-AAC7474C0C0E}
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT087480
O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM][64Bits] -- WT087485
O42 - Logiciel: Jewel Quest Solitaire - (.WildTangent.) [HKLM][64Bits] -- WT087490
O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM][64Bits] -- WT087380
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM][64Bits] -- {46BA053F-57B3-4153-BDB6-D37EEC8B12D7}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Magic Desktop - (.EasyBits Software AS.) [HKLM][64Bits] -- EasyBits Magic Desktop
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
O42 - Logiciel: Microsoft Office 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {95140000-0070-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Starter 2010 - Français - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140011-0066-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office « Démarrer en un clic » 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-006D-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office « Démarrer en un clic » 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- Office14.Click2Run
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM][64Bits] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {aac9fcc4-dd9e-4add-901c-b5496a07ab2e}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM][64Bits] -- {a0fe116e-9a8a-466f-aee0-625cb7c207e3}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {8338783A-0968-3B85-AFC7-BAAE0A63DC50}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM][64Bits] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- {3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: MusicStation - (.Hewlett-Packard.) [HKLM][64Bits] -- MusicStationNetstaller
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: PDF Complete Special Edition - (.PDF Complete, Inc.) [HKLM][64Bits] -- PDF Complete
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WT087394
O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}
O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM][64Bits] -- {D36DD326-7280-11D8-97C8-000129760CBE}
O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM][64Bits] -- WT087501
O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WT087396
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PressReader - (. NewspaperDirect Inc..) [HKLM][64Bits] -- {912CED74-88D3-4C5B-ACB0-13231864975D}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM][64Bits] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: SPAMfighter - (.SPAMfighter ApS.) [HKLM][64Bits] -- SPAMfighter
O42 - Logiciel: SPAMfighter Client - (.SPAMfighter ApS.) [HKLM][64Bits] -- {1D0AB230-E7BC-41CB-A50C-F282273E897B}
O42 - Logiciel: SPYWAREfighter - (.SPAMfighter ApS.) [HKLM][64Bits] -- SPYWAREfighter
O42 - Logiciel: SPYWAREfighter - (.SPAMfighter ApS.) [HKLM][64Bits] -- {5A7D2B13-9522-48A9-A06F-A9C4AA33D8AD}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708
O42 - Logiciel: Skype(TM) 4.1 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: Slingo Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT087510
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228
O42 - Logiciel: VIRUSfighter - (.SPAMfighter ApS.) [HKLM][64Bits] -- VIRUSfighter
O42 - Logiciel: VIRUSfighter - (.SPAMfighter ApS.) [HKLM][64Bits] -- {A0222F6E-7785-46A0-AE9B-3D2D1ACF84C5}
O42 - Logiciel: VLC media player 1.1.9 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Virtual Villagers - The Secret City - (.WildTangent.) [HKLM][64Bits] -- WT087513
O42 - Logiciel: Visual Studio 2008 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}
O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM][64Bits] -- WT087519
O42 - Logiciel: WildTangent Games App (HP Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {FE4BE0BD-1EDB-4D24-9614-847B3C472887}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM][64Bits] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {D07A61E5-A59C-433C-BCBD-22025FA2287B}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM][64Bits] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {83C292B7-38A5-440B-A731-07070E81A64F}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM][64Bits] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {DF6D988A-EEA0-4277-AAB8-158E086E439B}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {5E2CD4FB-4538-4831-8176-05D653C3E6D4}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM][64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM][64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {05E379CC-F626-4E7D-8354-463865B303BF}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT087533
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM][64Bits] -- eMule
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {16DDB3D1-5C27-4599-9C63-E583287191CC}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AVG]
[HKCU\Software\AntiTrojanElite]
[HKCU\Software\AppDataLow\Avg]
[HKCU\Software\AppDataLow\Software\AVG Security Toolbar]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\EasyBits]
[HKCU\Software\Fighters]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\PDFComplete]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Skype]
[HKCU\Software\WildTangent]
[HKCU\Software\Wow6432Node]
[HKCU\Software\eMule]
[HKCU\Software\http://www.ecran-de-veille.com]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVG]
[HKLM\Software\Adobe]
[HKLM\Software\AntimalwareSolution]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Common Toolkit Suite]
[HKLM\Software\CyberLink]
[HKLM\Software\Cyberlink]
[HKLM\Software\EasyBits]
[HKLM\Software\Emsi Software GmbH]
[HKLM\Software\Fighters]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\Macromedia]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\NewspaperDirect]
[HKLM\Software\ODBC]
[HKLM\Software\PDFComplete]
[HKLM\Software\Piriform]
[HKLM\Software\PocketSoft]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WildTangent]
[HKLM\Software\Win32 Services]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mozilla.org]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 4/20/2011 - 11:04:00 PM - [195882] ----D- C:\Program Files\Bonjour
O43 - CFD: 4/3/2011 - 1:55:08 AM - [7040624] ----D- C:\Program Files\CCleaner
O43 - CFD: 2/25/2011 - 8:34:40 PM - [90614506] ----D- C:\Program Files\Common Files
O43 - CFD: 2/19/2011 - 5:33:18 AM - [90257428] ----D- C:\Program Files\DVD Maker
O43 - CFD: 2/19/2011 - 5:12:30 AM - [994472] ----D- C:\Program Files\Google
O43 - CFD: 11/3/2010 - 5:51:18 PM - [9779088] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 11/3/2010 - 5:16:26 PM - [1705] ----D- C:\Program Files\hp
O43 - CFD: 4/15/2011 - 9:37:00 PM - [5176332] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 4/20/2011 - 11:05:22 PM - [1939563] ----D- C:\Program Files\iPod
O43 - CFD: 4/20/2011 - 11:05:42 PM - [2345448] ----D- C:\Program Files\iTunes
O43 - CFD: 7/14/2009 - 9:45:56 AM - [149236786] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 2/15/2011 - 9:52:16 PM - [1584303] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 7/14/2009 - 7:32:40 AM - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 11/3/2010 - 5:11:04 PM - [52390537] ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD: 11/3/2010 - 5:40:20 PM - [2178436] ----D- C:\Program Files\PlayReady
O43 - CFD: 11/3/2010 - 5:10:28 PM - [14738648] ----D- C:\Program Files\Realtek
O43 - CFD: 7/14/2009 - 7:32:40 AM - [36253865] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 7/14/2009 - 7:09:28 AM - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 2/19/2011 - 5:33:16 AM - [4039168] ----D- C:\Program Files\Windows Defender
O43 - CFD: 2/19/2011 - 5:33:16 AM - [9224824] ----D- C:\Program Files\Windows Journal
O43 - CFD: 3/13/2011 - 2:48:58 PM - [7987385] ----D- C:\Program Files\Windows Live
O43 - CFD: 2/19/2011 - 5:33:18 AM - [6667264] ----D- C:\Program Files\Windows Mail
O43 - CFD: 2/19/2011 - 5:33:16 AM - [7687085] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 7/14/2009 - 7:32:40 AM - [12627124] ----D- C:\Program Files\Windows NT
O43 - CFD: 2/19/2011 - 5:33:16 AM - [5516568] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 7/14/2009 - 7:32:40 AM - [235008] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 2/19/2011 - 5:33:18 AM - [9889485] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 2/23/2011 - 9:00:36 PM - [6246981] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 2/22/2011 - 7:32:40 PM - [71746084] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 7/14/2009 - 5:20:10 AM - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 7/14/2009 - 5:20:10 AM - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2/19/2011 - 5:33:16 AM - [12009971] ----D- C:\Program Files\Common Files\System
O43 - CFD: 2/15/2011 - 1:03:04 AM - [37] ----D- C:\ProgramData\Age of Empires 3
O43 - CFD: 2/23/2011 - 9:05:42 PM - [89022267] ----D- C:\ProgramData\Apple
O43 - CFD: 2/23/2011 - 9:01:56 PM - [67314172] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 6/5/2011 - 12:52:42 AM - [0] ----D- C:\ProgramData\AVG10
O43 - CFD: 3/4/2011 - 7:37:10 PM - [21470974] --H-D- C:\ProgramData\CanonBJ
O43 - CFD: 6/3/2011 - 5:14:36 PM - [2830] ----D- C:\ProgramData\clp
O43 - CFD: 6/4/2011 - 9:46:50 PM - [96] --H-D- C:\ProgramData\Common Files
O43 - CFD: 2/25/2011 - 8:42:58 PM - [63148093] ----D- C:\ProgramData\Common Toolkit Suite
O43 - CFD: 5/25/2011 - 9:12:46 AM - [144687] ----D- C:\ProgramData\CyberLink
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 5/9/2011 - 8:31:14 PM - [0] ----D- C:\ProgramData\eMule
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 5/1/2011 - 6:33:54 PM - [1224260] ----D- C:\ProgramData\Fighters
O43 - CFD: 2/19/2011 - 5:13:00 AM - [539234] ----D- C:\ProgramData\Google
O43 - CFD: 2/16/2011 - 3:03:40 PM - [66075214] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 6/5/2011 - 12:51:58 AM - [9635661] ----D- C:\ProgramData\MFAData
O43 - CFD: 2/22/2011 - 7:33:30 PM - [2272691846] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 2/26/2011 - 7:36:28 PM - [50144] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 11/3/2010 - 5:43:46 PM - [0] ----D- C:\ProgramData\NewspaperDirect
O43 - CFD: 2/25/2011 - 8:35:38 PM - [15608] ----D- C:\ProgramData\Norton
O43 - CFD: 11/3/2010 - 5:48:48 PM - [8748021] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 11/3/2010 - 5:13:06 PM - [276886] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 6/6/2011 - 12:04:58 AM - [0] ----D- C:\ProgramData\PDFC
O43 - CFD: 11/3/2010 - 5:19:36 PM - [3540077] ----D- C:\ProgramData\Ralink Driver
O43 - CFD: 2/25/2011 - 9:42:46 PM - [19451154] ----D- C:\ProgramData\Skype
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 11/3/2010 - 5:30:58 PM - [491733] ----D- C:\ProgramData\Temp
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 2/16/2011 - 12:03:36 AM - [0] ----D- C:\ProgramData\VirtualizedApplications
O43 - CFD: 3/12/2011 - 2:11:30 AM - [1622227851] ----D- C:\ProgramData\WildTangent
O43 - CFD: 11/3/2010 - 5:16:50 PM - [35063286] ----D- C:\ProgramData\{0F47B255-CF9F-48C5-B558-B7DAF9345268}
O43 - CFD: 2/16/2011 - 2:57:20 PM - [35253750] ----D- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC}
O43 - CFD: 2/23/2011 - 9:02:08 PM - [893135] ----D- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 4/4/2011 - 10:18:40 PM - [38204202] --H-D- C:\ProgramData\{C2854F90-E25A-4436-A624-DAA1A3535BAF}
O43 - CFD: 5/1/2011 - 6:34:50 PM - [43744498] --H-D- C:\ProgramData\{C63260C3-92B8-484F-8B6B-02C69C5AAA41}
O43 - CFD: 4/2/2011 - 10:41:50 PM - [37490931] --H-D- C:\ProgramData\{D81057B4-29EC-41EB-A123-4E4E49873404}
O43 - CFD: 2/14/2011 - 11:00:16 PM - [3613968] ----D- C:\Users\nour\AppData\Roaming\Adobe
O43 - CFD: 3/5/2011 - 1:08:02 AM - [933172144] ----D- C:\Users\nour\AppData\Roaming\Apple Computer
O43 - CFD: 6/4/2011 - 9:47:50 PM - [300] ----D- C:\Users\nour\AppData\Roaming\AVG10
O43 - CFD: 2/26/2011 - 6:31:52 PM - [0] ----D- C:\Users\nour\AppData\Roaming\CyberLink
O43 - CFD: 5/1/2011 - 6:32:46 PM - [496554] ----D- C:\Users\nour\AppData\Roaming\Fighters
O43 - CFD: 2/19/2011 - 5:14:14 AM - [0] ----D- C:\Users\nour\AppData\Roaming\Google
O43 - CFD: 2/23/2011 - 8:54:52 PM - [117050] ----D- C:\Users\nour\AppData\Roaming\Hewlett-Packard
O43 - CFD: 6/1/2011 - 2:11:40 PM - [420] ----D- C:\Users\nour\AppData\Roaming\HP Support Assistant
O43 - CFD: 2/16/2011 - 3:03:14 PM - [14768] ----D- C:\Users\nour\AppData\Roaming\hpqLog
O43 - CFD: 6/1/2011 - 2:11:40 PM - [6527] ----D- C:\Users\nour\AppData\Roaming\HpUpdate
O43 - CFD: 2/14/2011 - 10:58:12 PM - [0] ----D- C:\Users\nour\AppData\Roaming\Identities
O43 - CFD: 2/14/2011 - 11:00:16 PM - [2410] ----D- C:\Users\nour\AppData\Roaming\Macromedia
O43 - CFD: 7/14/2009 - 9:44:40 AM - [0] ----D- C:\Users\nour\AppData\Roaming\Media Center Programs
O43 - CFD: 5/5/2011 - 10:09:56 PM - [19300458] -S--D- C:\Users\nour\AppData\Roaming\Microsoft
O43 - CFD: 6/6/2011 - 1:14:14 AM - [2081264] ----D- C:\Users\nour\AppData\Roaming\Skype
O43 - CFD: 6/3/2011 - 5:13:16 PM - [4939844] ----D- C:\Users\nour\AppData\Roaming\SoftGrid Client
O43 - CFD: 2/15/2011 - 9:53:28 PM - [0] ----D- C:\Users\nour\AppData\Roaming\TP
O43 - CFD: 5/24/2011 - 8:00:16 AM - [1064722] ----D- C:\Users\nour\AppData\Roaming\vlc
O43 - CFD: 2/15/2011 - 11:24:40 PM - [0] ----D- C:\Users\nour\AppData\Roaming\WinBatch
O43 - CFD: 2/22/2011 - 9:06:10 PM - [0] ----D- C:\Users\nour\AppData\Roaming\Windows Live Writer
O43 - CFD: 4/28/2011 - 6:34:48 PM - [4312] ----D- C:\Users\nour\AppData\Roaming\_MDLogs
O43 - CFD: 2/23/2011 - 9:00:50 PM - [0] ----D- C:\Users\nour\Appdata\Local\Apple
O43 - CFD: 6/2/2011 - 11:55:30 AM - [158091424] ----D- C:\Users\nour\Appdata\Local\Apple Computer
O43 - CFD: 2/14/2011 - 9:44:16 PM - [0] -SH-D- C:\Users\nour\Appdata\Local\Application Data
O43 - CFD: 2/16/2011 - 2:42:56 PM - [1210001] ----D- C:\Users\nour\Appdata\Local\Apps
O43 - CFD: 4/6/2011 - 12:45:20 PM - [0] ----D- C:\Users\nour\Appdata\Local\Axialis
O43 - CFD: 6/2/2011 - 9:45:28 PM - [39384036] ----D- C:\Users\nour\Appdata\Local\CrashDumps
O43 - CFD: 2/26/2011 - 6:31:32 PM - [34816] ----D- C:\Users\nour\Appdata\Local\CyberLink
O43 - CFD: 2/16/2011 - 2:43:22 PM - [0] ----D- C:\Users\nour\Appdata\Local\Deployment
O43 - CFD: 5/9/2011 - 11:46:30 PM - [261366] ----D- C:\Users\nour\Appdata\Local\Diagnostics
O43 - CFD: 5/9/2011 - 8:47:32 PM - [9242258] ----D- C:\Users\nour\Appdata\Local\eMule
O43 - CFD: 5/26/2011 - 9:53:02 PM - [26033] ----D- C:\Users\nour\Appdata\Local\Google
O43 - CFD: 2/26/2011 - 6:33:08 PM - [44725563] ----D- C:\Users\nour\Appdata\Local\Hewlett-Packard
O43 - CFD: 2/14/2011 - 9:44:16 PM - [0] -SH-D- C:\Users\nour\Appdata\Local\Historique
O43 - CFD: 3/3/2011 - 1:11:50 AM - [0] ----D- C:\Users\nour\Appdata\Local\HP MediaSmart Video
O43 - CFD: 5/15/2011 - 11:58:36 AM - [790166798] ----D- C:\Users\nour\Appdata\Local\Microsoft
O43 - CFD: 2/26/2011 - 7:36:26 PM - [0] ----D- C:\Users\nour\Appdata\Local\Microsoft Help
O43 - CFD: 5/26/2011 - 1:08:22 AM - [0] ----D- C:\Users\nour\Appdata\Local\Mozilla
O43 - CFD: 2/25/2011 - 8:41:56 PM - [0] ----D- C:\Users\nour\Appdata\Local\PackageAware
O43 - CFD: 3/4/2011 - 7:37:16 PM - [0] ----D- C:\Users\nour\Appdata\Local\PDFC
O43 - CFD: 2/26/2011 - 6:31:32 PM - [0] ----D- C:\Users\nour\Appdata\Local\PowerCinema
O43 - CFD: 2/15/2011 - 9:53:10 PM - [4579328] ----D- C:\Users\nour\Appdata\Local\SoftGrid Client
O43 - CFD: 6/6/2011 - 8:51:48 PM - [989009] ----D- C:\Users\nour\Appdata\Local\Temp
O43 - CFD: 2/14/2011 - 9:44:16 PM - [0] -SH-D- C:\Users\nour\Appdata\Local\Temporary Internet Files
O43 - CFD: 3/25/2011 - 10:45:28 PM - [93937] ----D- C:\Users\nour\Appdata\Local\VirtualStore
O43 - CFD: 5/15/2011 - 12:03:40 PM - [98304] ----D- C:\Users\nour\Appdata\Local\Windows Live
O43 - CFD: 2/22/2011 - 9:06:16 PM - [372494] ----D- C:\Users\nour\Appdata\Local\Windows Live Writer
O43 - CFD: 5/8/2011 - 9:39:26 PM - [0] ----D- C:\Users\nour\Appdata\Local\{002889FB-FD2E-4AE6-BB31-0171A1093799}
O43 - CFD: 6/6/2011 - 8:24:38 PM - [0] ----D- C:\Users\nour\Appdata\Local\{025BDB39-B5B8-40F5-A8C6-FD3764189C85}
O43 - CFD: 5/28/2011 - 9:41:12 AM - [0] ----D- C:\Users\nour\Appdata\Local\{161A2D89-46AD-4B60-8426-42284726D1F3}
O43 - CFD: 5/17/2011 - 3:55:56 PM - [0] ----D- C:\Users\nour\Appdata\Local\{1BEEFAF8-4569-4A6D-B413-6A2D47B44F82}
O43 - CFD: 5/21/2011 - 9:03:40 PM - [0] ----D- C:\Users\nour\Appdata\Local\{1D38B879-ED26-4659-AA0C-A868D4765316}
O43 - CFD: 5/20/2011 - 7:37:32 PM - [0] ----D- C:\Users\nour\Appdata\Local\{377E5B78-2A97-4551-8705-EE0ACA905F65}
O43 - CFD: 5/27/2011 - 9:40:10 AM - [0] ----D- C:\Users\nour\Appdata\Local\{4319B9FC-0562-4FB3-96D1-F0E4D29A905E}
O43 - CFD: 6/4/2011 - 12:21:08 PM - [0] ----D- C:\Users\nour\Appdata\Local\{43C065B4-FD8D-4DD2-ACD7-46CE899D1FF2}
O43 - CFD: 5/24/2011 - 10:55:14 PM - [0] ----D- C:\Users\nour\Appdata\Local\{6C156398-1776-4636-8F8B-87A8CD0FEB5B}
O43 - CFD: 5/9/2011 - 8:27:36 PM - [0] ----D- C:\Users\nour\Appdata\Local\{702921AD-16E6-4AB8-B72B-3157CF6A3071}
O43 - CFD: 5/7/2011 - 12:37:16 PM - [0] ----D- C:\Users\nour\Appdata\Local\{795AC749-2DE0-44C6-900D-B951E842AB57}
O43 - CFD: 4/10/2011 - 4:39:32 PM - [0] ----D- C:\Users\nour\Appdata\Local\{7E76DFA7-23A5-4331-867B-B1659E760080}
O43 - CFD: 5/16/2011 - 9:08:46 PM - [0] ----D- C:\Users\nour\Appdata\Local\{7ED1F348-C4B6-4114-839A-03B52F26B6E7}
O43 - CFD: 5/10/2011 - 11:52:24 PM - [0] ----D- C:\Users\nour\Appdata\Local\{87DA1970-0BAF-485D-8DA1-A23585997CD0}
O43 - CFD: 5/16/2011 - 6:03:48 AM - [0] ----D- C:\Users\nour\Appdata\Local\{87EF0E32-333D-45D4-B15C-FEC507ECA660}
O43 - CFD: 5/14/2011 - 11:44:34 AM - [0] ----D- C:\Users\nour\Appdata\Local\{895766C9-B36E-43C7-8DCB-37B49659C7C7}
O43 - CFD: 5/23/2011 - 9:28:02 PM - [0] ----D- C:\Users\nour\Appdata\Local\{8D808627-F9B6-4376-A138-3AA8743BAB39}
O43 - CFD: 6/5/2011 - 12:22:08 AM - [0] ----D- C:\Users\nour\Appdata\Local\{9F61CCED-093F-410B-AC34-E7FE4E5358E6}
O43 - CFD: 5/31/2011 - 9:43:50 AM - [0] ----D- C:\Users\nour\Appdata\Local\{A1BC1449-23FA-49E7-A239-FA0D38783045}
O43 - CFD: 5/11/2011 - 1:12:34 PM - [0] ----D- C:\Users\nour\Appdata\Local\{A3EF7837-A177-495F-9382-92F6D63125B0}
O43 - CFD: 4/27/2011 - 9:53:30 PM - [0] ----D- C:\Users\nour\Appdata\Local\{A5883EB9-5C2B-4804-92CD-83BBBAB4F918}
O43 - CFD: 4/10/2011 - 4:38:02 PM - [0] ----D- C:\Users\nour\Appdata\Local\{AFB04C58-D9ED-4DF6-9DA2-F9DB83C626CF}
O43 - CFD: 6/5/2011 - 12:22:44 PM - [0] ----D- C:\Users\nour\Appdata\Local\{B1C1AB97-9AD0-4854-AA28-66D684B11F07}
O43 - CFD: 5/15/2011 - 6:02:48 AM - [0] ----D- C:\Users\nour\Appdata\Local\{B2B08152-EEE4-4528-A4EB-3531AD33D254}
O43 - CFD: 6/2/2011 - 9:26:02 PM - [0] ----D- C:\Users\nour\Appdata\Local\{BBF6EC60-4E9E-422B-AC5E-163FFBC2C90E}
O43 - CFD: 5/17/2011 - 6:39:46 PM - [0] ----D- C:\Users\nour\Appdata\Local\{C88F5590-85BA-45C8-8FA8-E91B870DECCF}
O43 - CFD: 4/26/2011 - 9:15:28 PM - [0] ----D- C:\Users\nour\Appdata\Local\{D5C3E9DF-2FA3-442C-A35F-D742CCEF0C21}
O43 - CFD: 5/5/2011 - 10:11:08 PM - [0] ----D- C:\Users\nour\Appdata\Local\{E0C94094-1E93-4C0E-9366-F6CEDF12DDC5}
O43 - CFD: 5/19/2011 - 7:36:28 PM - [0] ----D- C:\Users\nour\Appdata\Local\{E1B76026-3841-40C1-9A75-A6E015860594}
O43 - CFD: 5/18/2011 - 8:44:00 PM - [0] ----D- C:\Users\nour\Appdata\Local\{EE62956E-2FC2-4E8D-8CD4-79B8AB207B14}
O43 - CFD: 6/3/2011 - 11:24:42 AM - [0] ----D- C:\Users\nour\Appdata\Local\{F42220CF-0856-458F-AEB1-47D72438F9BD}
O43 - CFD: 7/14/2009 - 6:54:34 AM - [14671] R---D- C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2/14/2011 - 10:58:24 PM - [174] R---D- C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2/15/2011 - 11:16:02 PM - [216] ----D- C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 7/14/2009 - 6:49:40 AM - [580] R---D- C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2/14/2011 - 10:58:24 PM - [174] R---D- C:\Users\nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2/23/2011 - 9:00:48 PM - [2306366] ----D- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 6/4/2011 - 9:44:58 PM - [10659572] ----D- C:\Program Files (x86)\AVG
O43 - CFD: 4/20/2011 - 11:04:00 PM - [621202] ----D- C:\Program Files (x86)\Bonjour
O43 - CFD: 2/25/2011 - 8:42:58 PM - [519743006] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 11/3/2010 - 5:25:34 PM - [1346142688] ----D- C:\Program Files (x86)\CyberLink
O43 - CFD: 4/28/2011 - 6:36:08 PM - [107254520] ----D- C:\Program Files (x86)\EasyBits For Kids
O43 - CFD: 6/6/2011 - 8:24:18 PM - [153163494] ----D- C:\Program Files (x86)\Emsisoft Anti-Malware
O43 - CFD: 5/9/2011 - 8:30:20 PM - [10906334] ----D- C:\Program Fi
Utilisateur anonyme
7 juin 2011 à 07:13
7 juin 2011 à 07:13
bonjour,
c'est le bon rapport mais incomplet !
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://dl.free.fr
ou :
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/
si le rapport ne passe pas sur le site d'hebergeur, compresse le puyis héberge le de nouveau, colle son lien ici :-)
c'est le bon rapport mais incomplet !
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://dl.free.fr
ou :
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/
si le rapport ne passe pas sur le site d'hebergeur, compresse le puyis héberge le de nouveau, colle son lien ici :-)
j'ai refait comme tu ma dit j'éspére que c'est bon cette fois
http://www.terafiles.net/v-115734.html
http://www.terafiles.net/v-115734.html
Utilisateur anonyme
7 juin 2011 à 16:52
7 juin 2011 à 16:52
super,
tu as Emi soft et Preventon®Antivirus comme antivirus, il faut en conserver un seul sur le pc !
pas de trace de ton fichier !
* Lance ZHPFix (soit via le raccourci sur ton Bureau, soit via ZHPDiag en cliquant sur l'écusson vert)
* Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)
Copie et colle les lignes suivantes en gras dans Zhpfix :
----------------------------------------------------------
[HKLM\Software\AntimalwareSolution]
O64 - Services: CurCS - (.not file.) - AVG Anti-Rootkit Driver (Avgrkx64) .(...) - LEGACY_AVGRKX64
O64 - Services: CurCS - (.not file.) - AVG TDI Driver (Avgtdia) .(...) - LEGACY_AVGTDIA
O64 - Services: CurCS - (.not file.) - Symantec Network Security WFP Driver (SymNetS) .(...) - LEGACY_SYMNETS
R3 - URLSearchHook: (no name) [64Bits] - {A3BC75A2-1F87-4686-AA43-5347D756017C} Clé orpheline
----------------------------------------------------------
- Clique sur le bouton « GO » pour lancer le nettoyage,
- Copie/colle la totalité du rapport dans ta prochaine réponse
Tuto :
http://www.premiumorange.com/zeb-help-process/zhpfix.html
tu as Emi soft et Preventon®Antivirus comme antivirus, il faut en conserver un seul sur le pc !
pas de trace de ton fichier !
* Lance ZHPFix (soit via le raccourci sur ton Bureau, soit via ZHPDiag en cliquant sur l'écusson vert)
* Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)
Copie et colle les lignes suivantes en gras dans Zhpfix :
----------------------------------------------------------
[HKLM\Software\AntimalwareSolution]
O64 - Services: CurCS - (.not file.) - AVG Anti-Rootkit Driver (Avgrkx64) .(...) - LEGACY_AVGRKX64
O64 - Services: CurCS - (.not file.) - AVG TDI Driver (Avgtdia) .(...) - LEGACY_AVGTDIA
O64 - Services: CurCS - (.not file.) - Symantec Network Security WFP Driver (SymNetS) .(...) - LEGACY_SYMNETS
R3 - URLSearchHook: (no name) [64Bits] - {A3BC75A2-1F87-4686-AA43-5347D756017C} Clé orpheline
----------------------------------------------------------
- Clique sur le bouton « GO » pour lancer le nettoyage,
- Copie/colle la totalité du rapport dans ta prochaine réponse
Tuto :
http://www.premiumorange.com/zeb-help-process/zhpfix.html
voila le rapport dit moi tu peut m'expliquer qu'est-ce que ca affiche comme information merci
Rapport de ZHPFix 1.12.330 par Nicolas Coolman, Update du 05/06/2011
Fichier d'export Registre : C:\ZHPExportRegistry-6-8-2011-12-02-48 AM.txt
Run by nour at 6/8/2011 12:02:48 AM
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
========== Clé(s) du Registre ==========
ABSENT HKLM\Software\AntimalwareSolution
ABSENT Service Legacy: LEGACY_AVGRKX64
ABSENT Service Legacy: LEGACY_AVGTDIA
ABSENT Service Legacy: LEGACY_SYMNETS
========== Valeur(s) du Registre ==========
ABSENT R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} Clé orpheline
========== Récapitulatif ==========
4 : Clé(s) du Registre
1 : Valeur(s) du Registre
End of the scan
Rapport de ZHPFix 1.12.330 par Nicolas Coolman, Update du 05/06/2011
Fichier d'export Registre : C:\ZHPExportRegistry-6-8-2011-12-02-48 AM.txt
Run by nour at 6/8/2011 12:02:48 AM
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
========== Clé(s) du Registre ==========
ABSENT HKLM\Software\AntimalwareSolution
ABSENT Service Legacy: LEGACY_AVGRKX64
ABSENT Service Legacy: LEGACY_AVGTDIA
ABSENT Service Legacy: LEGACY_SYMNETS
========== Valeur(s) du Registre ==========
ABSENT R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} Clé orpheline
========== Récapitulatif ==========
4 : Clé(s) du Registre
1 : Valeur(s) du Registre
End of the scan
voila le rapport dis moi peut-tu m'expliquer ce que affiche c'est information stp merci
Rapport de ZHPFix 1.12.330 par Nicolas Coolman, Update du 05/06/2011
Fichier d'export Registre : C:\ZHPExportRegistry-6-8-2011-12-02-48 AM.txt
Run by nour at 6/8/2011 12:02:48 AM
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
========== Clé(s) du Registre ==========
ABSENT HKLM\Software\AntimalwareSolution
ABSENT Service Legacy: LEGACY_AVGRKX64
ABSENT Service Legacy: LEGACY_AVGTDIA
ABSENT Service Legacy: LEGACY_SYMNETS
========== Valeur(s) du Registre ==========
ABSENT R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} Clé orpheline
========== Récapitulatif ==========
4 : Clé(s) du Registre
1 : Valeur(s) du Registre
End of the scan
Rapport de ZHPFix 1.12.330 par Nicolas Coolman, Update du 05/06/2011
Fichier d'export Registre : C:\ZHPExportRegistry-6-8-2011-12-02-48 AM.txt
Run by nour at 6/8/2011 12:02:48 AM
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
========== Clé(s) du Registre ==========
ABSENT HKLM\Software\AntimalwareSolution
ABSENT Service Legacy: LEGACY_AVGRKX64
ABSENT Service Legacy: LEGACY_AVGTDIA
ABSENT Service Legacy: LEGACY_SYMNETS
========== Valeur(s) du Registre ==========
ABSENT R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} Clé orpheline
========== Récapitulatif ==========
4 : Clé(s) du Registre
1 : Valeur(s) du Registre
End of the scan
Utilisateur anonyme
8 juin 2011 à 08:13
8 juin 2011 à 08:13
bonjour,
redemarre ton pc et donne moi des nouvelles avant de finaliser la désinfection ;-)
redemarre ton pc et donne moi des nouvelles avant de finaliser la désinfection ;-)
salut j'ai redemarer mon pc et fait un scan rien a signaler par contre j'iamerai bien savoir ce que c'était comme virus et commment marche la procédure qu'on a fait
merci
merci
Utilisateur anonyme
9 juin 2011 à 12:40
9 juin 2011 à 12:40
bonjour,
ton pc a été nfecté par des adwares !(toolbars intectieux!)
on a tout nettoyé !
le ficher détecté devait fait parti des adwares !
Télécharge Malwarebytes' Anti-Malware et enregistre le sur ton bureau:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
ou ici :
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
/!\Utilisateur de Vista et Windows 7 : Clique droit sur le logo de Malwarebytes' Anti-Malware, « exécuter en tant qu'Administrateur »
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Une fois la mise à jour terminé
. rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. Tu cliques droit dans le cadre de la réponse et coller
. À la fin du scan, il se peut que MBAM ait besoin de redémarrer le pc pour finaliser la suppression, donc pas de panique, redémarre ton pc !!!
Si tu as besoin d'aide regarde ce tutoriel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
ton pc a été nfecté par des adwares !(toolbars intectieux!)
on a tout nettoyé !
le ficher détecté devait fait parti des adwares !
Télécharge Malwarebytes' Anti-Malware et enregistre le sur ton bureau:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
ou ici :
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
/!\Utilisateur de Vista et Windows 7 : Clique droit sur le logo de Malwarebytes' Anti-Malware, « exécuter en tant qu'Administrateur »
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Une fois la mise à jour terminé
. rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. Tu cliques droit dans le cadre de la réponse et coller
. À la fin du scan, il se peut que MBAM ait besoin de redémarrer le pc pour finaliser la suppression, donc pas de panique, redémarre ton pc !!!
Si tu as besoin d'aide regarde ce tutoriel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
voila le rapport qu'il m'affiche apparament j'ai encore 7 adware
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6821
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
09/06/2011 22:56:14
mbam-log-2011-06-09 (22-56-14).txt
Type d'examen: Examen complet (C:\|Q:\|)
Elément(s) analysé(s): 327895
Temps écoulé: 47 minute(s), 30 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 4
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
c:\Users\Ismahane\local settings\application data\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Ismahane\local settings\application data\EoRezo\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Ismahane\local settings\application data\EoRezo\EoRezo\EoStats (Adware.EoRezo) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\Users\Ismahane\local settings\application data\EoRezo\EoRezo\eorezo_confmedia.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Ismahane\local settings\application data\EoRezo\EoRezo\user.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Ismahane\local settings\application data\EoRezo\EoRezo\user_profil.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Ismahane\local settings\application data\EoRezo\EoRezo\EoStats\eoStats.txt (Adware.EoRezo) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6821
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
09/06/2011 22:56:14
mbam-log-2011-06-09 (22-56-14).txt
Type d'examen: Examen complet (C:\|Q:\|)
Elément(s) analysé(s): 327895
Temps écoulé: 47 minute(s), 30 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 4
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
c:\Users\Ismahane\local settings\application data\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Ismahane\local settings\application data\EoRezo\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Ismahane\local settings\application data\EoRezo\EoRezo\EoStats (Adware.EoRezo) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\Users\Ismahane\local settings\application data\EoRezo\EoRezo\eorezo_confmedia.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Ismahane\local settings\application data\EoRezo\EoRezo\user.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Ismahane\local settings\application data\EoRezo\EoRezo\user_profil.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
c:\Users\Ismahane\local settings\application data\EoRezo\EoRezo\EoStats\eoStats.txt (Adware.EoRezo) -> Quarantined and deleted successfully.
Utilisateur anonyme
10 juin 2011 à 07:07
10 juin 2011 à 07:07
bonjour,
relance MBAM, vide sa quarantaine,
relance zhpdiag, clique sur la flèche verte pour lancer un emise à jour,
puis clique sur la loupe
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://dl.free.fr
ou :
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/
relance MBAM, vide sa quarantaine,
relance zhpdiag, clique sur la flèche verte pour lancer un emise à jour,
puis clique sur la loupe
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://dl.free.fr
ou :
http://www.cijoint.fr/
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/
5 juin 2011 à 01:29