Personal Shield Pro
Résolu/Fermé
kef512
Messages postés
45
Date d'inscription
lundi 13 juin 2011
Statut
Membre
Dernière intervention
27 octobre 2016
-
13 juin 2011 à 10:31
Hell's boulevard - 21 sept. 2011 à 20:17
Hell's boulevard - 21 sept. 2011 à 20:17
A voir également:
- Personal Shield Pro
- I14 pro max - Accueil - Guide téléphones
- Clé d'activation windows 10 pro - Guide
- Ccleaner pro gratuit - Télécharger - Optimisation
- Iptv smarters pro bug ✓ - Forum Box et Streaming vidéo
- Iron tv pro ne marche plus ✓ - Forum TV & Vidéo
25 réponses
Bonjour,
ALors moi aussi j'ai le meme probleme, belle saleté d'ailleurs.
Voici mon rapport rogue killer apres quelques bidouilles.
RogueKiller V5.2.4 [23/06/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: fafa [Droits d'admin]
Mode: Proxy RAZ -- Date : 23/06/2011 14:10:38
Processus malicieux: 0
Entrees de registre: 0
Termine : << RKreport[12].txt >>
RKreport[10].txt ; RKreport[11].txt ; RKreport[12].txt ; RKreport[1].txt ; RKreport[2].txt ;
RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ; RKreport[6].txt ; RKreport[7].txt ;
RKreport[8].txt ; RKreport[9].txt
Et voici le lien pour le diagnostic par ZHP.
http://www.cijoint.fr/cjlink.php?file=cj201106/cijMjuP2UB.txt
Voila si quelqu'un a quelques minute aà y accorder, merci
ALors moi aussi j'ai le meme probleme, belle saleté d'ailleurs.
Voici mon rapport rogue killer apres quelques bidouilles.
RogueKiller V5.2.4 [23/06/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: fafa [Droits d'admin]
Mode: Proxy RAZ -- Date : 23/06/2011 14:10:38
Processus malicieux: 0
Entrees de registre: 0
Termine : << RKreport[12].txt >>
RKreport[10].txt ; RKreport[11].txt ; RKreport[12].txt ; RKreport[1].txt ; RKreport[2].txt ;
RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ; RKreport[6].txt ; RKreport[7].txt ;
RKreport[8].txt ; RKreport[9].txt
Et voici le lien pour le diagnostic par ZHP.
http://www.cijoint.fr/cjlink.php?file=cj201106/cijMjuP2UB.txt
Voila si quelqu'un a quelques minute aà y accorder, merci
Bonjour,
J'aimerais que l'on m'aide car ce virus a la con et sur mon ordi, j'ai télécharger et exécute avec succès le rogue killer mon rapport c'est afficher en me disant qu'il n'y avait aucun processus malicieux
J'aimerais que l'on m'aide car ce virus a la con et sur mon ordi, j'ai télécharger et exécute avec succès le rogue killer mon rapport c'est afficher en me disant qu'il n'y avait aucun processus malicieux
Bonjour à tous,
J'ai eu le même probleme y'a 1 semaine et je suis passé par la méthode djazair ( écrit au début de se sujet ) et je le remercie car sa solution marche super bien !! voila A+
et merci à tous
J'ai eu le même probleme y'a 1 semaine et je suis passé par la méthode djazair ( écrit au début de se sujet ) et je le remercie car sa solution marche super bien !! voila A+
et merci à tous
Bonjour, j'ai également connu ce problème de Personal Shield Pro, et je tiens à adresser toute ma gratitude à Electricien 69, j'ai utilisé sa méthode et ca a l'air de fonctionner (je pensais l'avoir supprimé avec une autre méthode, mais en redémarrant mon PC Personal Shield Pro était toujours là.., alors qu'avec la méthode d'Electricien 69, après redémarrage.. RAS !!!)
Donc merci Electricien 69, c'est vraiment bien ce que tu as fais là, car ca m'a évité de passer chez un informaticien ou tout simplement racheter un PC
Donc merci Electricien 69, c'est vraiment bien ce que tu as fais là, car ca m'a évité de passer chez un informaticien ou tout simplement racheter un PC
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
fabulous57
Messages postés
1
Date d'inscription
mardi 20 septembre 2011
Statut
Membre
Dernière intervention
20 septembre 2011
20 sept. 2011 à 14:43
20 sept. 2011 à 14:43
Bonjour,
je ne sais pas si j ai tout saisi, mais je tente
Merci
1
RogueKiller V5.3.4 [30/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur: FAB [Droits d'admin]
Mode: DNS RAZ -- Date : 20/09/2011 14:13:19
Processus malicieux: 0
Entrees de registre: 0
Termine : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt
2
RogueKiller V5.3.4 [30/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur: FAB [Droits d'admin]
Mode: HOSTS RAZ -- Date : 20/09/2011 14:13:23
Processus malicieux: 0
Fichier HOSTS:
Nouveau fichier HOSTS:
127.0.0.1 localhost
Termine : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt
3
RogueKiller V5.3.4 [30/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur: FAB [Droits d'admin]
Mode: Proxy RAZ -- Date : 20/09/2011 14:13:26
Processus malicieux: 0
Entrees de registre: 0
Termine : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt
4
RogueKiller V5.3.4 [30/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur: FAB [Droits d'admin]
Mode: HOSTS RAZ -- Date : 20/09/2011 14:13:28
Processus malicieux: 0
Fichier HOSTS:
127.0.0.1 localhost
Nouveau fichier HOSTS:
127.0.0.1 localhost
Termine : << RKreport[7].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt
5
RogueKiller V5.3.4 [30/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur: FAB [Droits d'admin]
Mode: Suppression -- Date : 20/09/2011 14:14:10
Processus malicieux: 0
Entrees de registre: 0
Fichiers / Dossiers particuliers:
Fichier HOSTS:
127.0.0.1 localhost
Termine : << RKreport[8].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt ; RKreport[8].txt
6
RogueKiller V5.3.4 [30/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur: FAB [Droits d'admin]
Mode: Proxy RAZ -- Date : 20/09/2011 14:14:43
Processus malicieux: 0
Entrees de registre: 0
Termine : << RKreport[9].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt ; RKreport[8].txt ; RKreport[9].txt
7
Rapport de ZHPDiag v1.28.1350 par Nicolas Coolman, Update du 20/09/2011
Run by FAB at 20/09/2011 14:09:50
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox v3.6.22 (fr) (Defaut)
OBIE: Safari v5.34.50.0
---\\ Windows Product Information
Windows 7 Business Edition, 32-bit (Build 7600)
Windows Server License Manager Script : Absent (Not found)
Windows ID Activation : Inconnue (Unknown)
Windows Licence : Inconnue (Unknown)
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3066 MB (75% free)
System Restore: Activé (Enable)
System drive C: has 340 GB (73%) free of 466 GB
---\\ Logged in mode
~ Computer Name: FAB-PC
~ User Name: FAB
~ All Users Names: HomeGroupUser$, FAB, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\FAB\AppData\Roaming\
~ %Desktop% : C:\Users\FAB\Desktop\
~ %Favorites% : C:\Users\FAB\Favorites\
~ %LocalAppData% : C:\Users\FAB\AppData\Local\
~ %StartMenu% : C:\Users\FAB\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 340 Go of 466 Go)
D:\ CD-ROM drive (Free 0 Go of 3 Go)
E:\ Floppy drive, Flash card reader, USB Key (Free 3 Go of 4 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.2626FC9755BE22F805D3CFA0CE3EE727] - (.Microsoft Corporation - Explorateur Windows.) (.29/07/2010 - 06:45:39.) -- C:\Windows\Explorer.exe [2614272]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (....) (.14/07/2009 - 02:14:31.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]
[MD5.EE0D7471EBF9CE40CC4A203B1F90F028] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.11/08/2011 - 06:36:36.) -- C:\Windows\system32\wininet.dll [981504]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.29/07/2010 - 07:17:59.) -- C:\Windows\system32\Winlogon.exe [285696]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 - 02:20:44.) -- C:\Windows\system32\drivers\ntfs.sys [1210432]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:16:15.) -- C:\Windows\system32\sppcomapi.dll [193024]
[MD5.D8714A5FB3141F8226D16861F20C5AC4] - (....) (.14/07/2009 - 09:39:06.) -- C:\Windows\system32\fr-FR\user32.dll.mui [19968]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2129
~ Mes musiques (My Musics) : 194/551
~ Mes Videos (My Videos) : 2/115
~ Mes Favoris (My Favorites) : 3/26
~ Mes Documents (My Documents) : 1/5464
~ Mon Bureau (My Desktop) : 3/253
~ Menu demarrer (Programs) : 6/26
~ Scan Hidden Files in 00mn 10s
---\\ Processus lancés
[MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153] [PID.2908]
[MD5.B0DA80FF42A0819D162A86612896AAF2] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [47104] [PID.3104]
[MD5.B26A2F3CD6459548DB6891D138080876] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2121216] [PID.1384]
~ Scan Processes Running in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\FAB\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\FAB\AppData\Roaming\Mozilla\Firefox\Profiles\8a2e6x5s.default\prefs.js
C:\Users\FAB\AppData\Roaming\Mozilla\Firefox\Profiles\8a2e6x5s.default\user.js (.not file.)
M3 - MFPP: Plugins - [FAB] -- C:\Users\FAB\AppData\Roaming\Mozilla\Firefox\Profiles\8a2e6x5s.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [FAB] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [FAB] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [FAB] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [FAB] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [FAB] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [FAB] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [FAB - 8a2e6x5s.default] www.google.fr
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_25 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKUS\S-1-5-21-3222746581-1238979341-1518396074-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://google/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-3222746581-1238979341-1518396074-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [ITSecMng] . (.TOSHIBA CORPORATION - IT Security Manager for Toshiba Stack.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (.not file.)
O4 - HKLM\..\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-3222746581-1238979341-1518396074-1001\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-3222746581-1238979341-1518396074-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Badoo Desktop.lnk . (.Badoo.) -- C:\ProgramData\Badoo\Badoo Desktop\1.5.3.949\Badoo.Desktop.exe
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\FAB\Desktop\DVDFab HD Decrypter 4.lnk . (.Fengtao Software Inc..) -- C:\Program Files\DVDFab HD Decrypter 4\DVDFabHDDecrypter.exe
O4 - Global Startup: C:\Users\FAB\Desktop\Microsoft Office - Raccourci.lnk . (...) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O4 - Global Startup: C:\Users\FAB\Desktop\pbsetup - Raccourci.lnk . (...) -- C:\Users\FAB\Downloads\pbsetup.exe
O4 - Global Startup: C:\Users\FAB\Desktop\Son - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\FAB\Desktop\TopSolid 2010.lnk . (.Missler Software.) -- C:\Missler\V611\bin\top611.exe
O4 - Global Startup: C:\Users\FAB\Desktop\Téléchargements.lnk . (...) -- C:\Users\FAB\Downloads
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...) -- C:\Windows\Installer\{735619D4-B42A-437A-958C-199BFCAEDB38}\SafariIco.exe
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\bwin Poker.lnk . (...) -- C:\bwinPoker\StartBwin.fr.exe
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Outlook Express.lnk . (.OLab.) -- C:\Program Files\Outlook Express Launcher\OELauncher.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Envoyer à OneNote . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~2\Office14\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBTTN~1.dll
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BBA813D7-B62C-4068-BAAB-7954C667F487}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{92891F0F-8A1B-4CAB-9C57-75A87ED80336}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{BBA813D7-B62C-4068-BAAB-7954C667F487}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{92891F0F-8A1B-4CAB-9C57-75A87ED80336}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{BBA813D7-B62C-4068-BAAB-7954C667F487}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{92891F0F-8A1B-4CAB-9C57-75A87ED80336}: DhcpNameServer = 172.20.2.39 172.20.2.10
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: C:\Program Files\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Service SFR Gestionnaire Connexion (ServiceSFRABCD) . (.SFR & Celliance - Service Windows SFR ABCd.) - C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.6BB00663FBE9978FE2BE61B99B8375D8] [APT] [{078B2A4A-33E5-4F35-ADC9-287ACBDCACEE}] (.Google.) -- C:\Program Files\Google\Google Earth\client\googleearth.exe
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 02s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\system32\drivers\csc.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (Tosrfcom) . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) - C:\Windows\system32\Drivers\tosrfcom.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AC3Filter (remove only) - (.Pas de propriétaire.) [HKLM] -- AC3Filter
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Battlefield 2 édition Deluxe - (.Pas de propriétaire.) [HKLM] -- {04858915-9F49-4B2A-AED4-DC49A7DE6A7B}
O42 - Logiciel: CoreVorbis Audio Decoder (remove only) - (.Pas de propriétaire.) [HKLM] -- CoreVorbis Audio Decoder
O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1
O42 - Logiciel: DVDFab HD Decrypter 4.1.2.0 - (.Fengtao Software Inc..) [HKLM] -- DVDFab HD Decrypter 4_is1
O42 - Logiciel: Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{28857979-5507-4C10-A922-FF709A19D38C}
O42 - Logiciel: Direct Show Ogg Vorbis Filter (remove only) - (.Pas de propriétaire.) [HKLM] -- OggDS
O42 - Logiciel: DivX Player - (.DivXNetworks, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9}
O42 - Logiciel: DivX Pro Trial - (.DivXNetworks, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}
O42 - Logiciel: Gestionnaire de Connexion SFR 2009.03 - (.Pas de propriétaire.) [HKLM] -- Gestionnaire de Connexion SFR_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Gordian Knot Rip Pack 0.35.0 - (.Gordian Knot Development Team.) [HKLM] -- Gordian Knot
O42 - Logiciel: Huffyuv AVI lossless video codec (Remove Only) - (.Pas de propriétaire.) [HKLM] -- HUFFYUV
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft Office Professionnel Plus 2010 - (.Microsoft Corporation.) [HKLM] -- Office14.PROPLUS
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Morgan Stream Switcher - (.Pas de propriétaire.) [HKLM] -- mmswitch
O42 - Logiciel: Mozilla Firefox (3.6.22) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.22)
O42 - Logiciel: Outlook Express Launcher 2.2 - (.Pas de propriétaire.) [HKLM] -- OELauncher
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft Excel 2010 (KB2553070) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{294BAA9E-9209-497F-A71F-7E52EFB194D4}
O42 - Logiciel: Security Update for Microsoft InfoPath 2010 (KB2510065) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3C6C6854-EB6B-455C-B0A6-9871F0538028}
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2289078) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{1D1A4F08-2F17-475B-BA72-476CE5992FEE}
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2553091) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{07CA44F3-F5B3-4D12-8C91-EDC5FE91D45C}
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2553096) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{10802A6D-EDBF-4383-BCBD-9D5B32F56D35}
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2584066) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EEB4DDD0-08EA-4787-BDAB-D38D67A35CD5}
O42 - Logiciel: Security Update for Microsoft PowerPoint 2010 (KB2519975) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{45D7C5CD-B967-44AF-9DAB-E5C8545558AD}
O42 - Logiciel: Security Update for Microsoft Publisher 2010 (KB2409055) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{C3C277D5-36E3-4B1A-926A-175B2BC019CF}
O42 - Logiciel: Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{337A3FB9-281D-4EC8-9CC1-7F6DDAC2359F}
O42 - Logiciel: Security Update for Microsoft Word 2010 (KB2345000) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: TomTom HOME 2.7.5.2014 - (.TomTom.) [HKLM] -- TomTom HOME
O42 - Logiciel: TopSolid 2010 By Missler Software - (.Missler Software.) [HKLM] -- {D1CA7EAC-0D58-44AB-9039-422CCBB408DE}
O42 - Logiciel: TopSolid 2010 Global Patch - (.Missler Software.) [HKLM] -- {F18D0E01-67A4-4D27-92BF-8FF71C523222}
O42 - Logiciel: TopSolid'Cam 2010 Patch - (.Missler Software.) [HKLM] -- {40CD696A-3A6A-43DF-A228-19D8EBD34E22}
O42 - Logiciel: TopSolid'Finder 2010 by Missler Software - (.Missler Software.) [HKLM] -- {E703A76F-156A-4507-BAE0-B385A1B845BA}
O42 - Logiciel: TopSolid'Interop Catia V5 2010 Patch - (.Missler Software.) [HKLM] -- {C8E2DF3F-3A97-4341-A7F6-C8F7C0D5DCD0}
O42 - Logiciel: TopSolid'Viewer 2010 Patch - (.Missler Software.) [HKLM] -- {D0AE9116-7846-40EA-9F39-34006999B3BC}
O42 - Logiciel: TopSolid'Viewer 2010 by Missler Software - (.Missler Software.) [HKLM] -- {73E607FC-44D5-4C4F-A4A3-9D11CBB81A4F}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2202188) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{86B7A074-265D-420C-9E1E-7A920EF0ECA7}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{556146F7-74AE-4E0A-B64F-5B8B93469F61}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B5516874-E926-4BFD-B412-D0E70112F244}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D6CE7280-6EE3-419A-8F47-DB111C040B1B}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2494150) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2523113) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{C0FF04BF-A05E-408B-81CA-B7FACDA508A3}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553065) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258D2B3F8}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553092) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2566458) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401BC87363}
O42 - Logiciel: Update for Microsoft OneNote 2010 (KB2493983) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{309EEC22-83CE-4109-B019-BA9392FAA322}
O42 - Logiciel: Update for Microsoft Outlook Social Connector (KB2583935) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EDF9874C-9E37-4110-9FC3-094247E114DF}
O42 - Logiciel: Update for Microsoft Outlook Social Connector (KB2583935) - (.Microsoft.) [HKLM] -- {90140000-001A-040C-0000-0000000FF1CE}_Office14.PROPLUS_{23639AE1-CE0D-4ED2-9110-995796F53580}
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: VobSub v2.23 (Remove Only) - (.Pas de propriétaire.) [HKLM] -- VobSub
O42 - Logiciel: XviD MPEG-4 Video Codec - (.XviD Team (Koepi).) [HKLM] -- XviD_is1
O42 - Logiciel: bwin Poker - (.Bwin.) [HKLM] -- bwin Poker_is1
O42 - Logiciel: ffdshow (remove only) - (.Pas de propriétaire.) [HKLM] -- ffdshow
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AC3Filter]
[HKCU\Software\Adobe]
[HKCU\Software\AlterGeo]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avira]
[HKCU\Software\Badoo]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DVD Shrink]
[HKCU\Software\DVDFab]
[HKCU\Software\DivXNetworks]
[HKCU\Software\Freeware]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\GordianKnot]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\Missler Software]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NeroDigital]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OLab]
[HKCU\Software\Policies]
[HKCU\Software\Protexis]
[HKCU\Software\SFR]
[HKCU\Software\TomTom]
[HKCU\Software\Toshiba]
[HKCU\Software\VFPlugin]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Agere]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Avira]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DICE]
[HKLM\Software\DVDFab]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EA GAMES]
[HKLM\Software\Electronic Arts]
[HKLM\Software\Even Balance]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Google]
[HKLM\Software\GordianKnot]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\LSI]
[HKLM\Software\Macromedia]
[HKLM\Software\MimarSinan]
[HKLM\Software\Missler Software]
[HKLM\Software\Morgan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\My Company Name]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\Nullsoft]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Protexis]
[HKLM\Software\Rainbow Technologies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SFR]
[HKLM\Software\Sonic]
[HKLM\Software\TomTom]
[HKLM\Software\Toshiba]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WinRAR]
[HKLM\Software\X-AVCSD]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 01/11/2010 - 15:52:26 - [590019] ----D- C:\Program Files\AC3Filter
O43 - CFD: 07/09/2010 - 11:59:20 - [241773241] ----D- C:\Program Files\Adobe
O43 - CFD: 09/08/2011 - 17:58:44 - [2428606] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 28/07/2010 - 19:19:36 - [132892298] ----D- C:\Program Files\Avira
O43 - CFD: 01/11/2010 - 15:50:28 - [2114566] ----D- C:\Program Files\AviSynth 2.5
O43 - CFD: 09/08/2011 - 20:16:46 - [628535] ----D- C:\Program Files\Bonjour
O43 - CFD: 17/09/2011 - 14:34:42 - [514584427] ----D- C:\Program Files\Common Files
O43 - CFD: 01/11/2010 - 15:52:00 - [4455730] ----D- C:\Program Files\DivX
O43 - CFD: 14/07/2009 - 11:01:44 - [83226132] ----D- C:\Program Files\DVD Maker
O43 - CFD: 12/10/2010 - 19:06:08 - [970899] ----D- C:\Program Files\DVD Shrink
O43 - CFD: 01/11/2010 - 15:38:28 - [4731897] ----D- C:\Program Files\DVDFab HD Decrypter 4
O43 - CFD: 17/09/2011 - 14:37:12 - [4022894856] ----D- C:\Program Files\EA GAMES
O43 - CFD: 08/09/2010 - 21:28:40 - [6363276] ----D- C:\Program Files\ffdshow
O43 - CFD: 28/07/2010 - 19:05:14 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 01/11/2010 - 15:50:16 - [350893] ----D- C:\Program Files\Gabest
O43 - CFD: 02/09/2011 - 07:48:24 - [370993646] ----D- C:\Program Files\Google
O43 - CFD: 01/11/2010 - 15:51:02 - [15334523] ----D- C:\Program Files\GordianKnot
O43 - CFD: 17/09/2011 - 14:37:06 - [80019554] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 11/08/2011 - 10:24:30 - [5730513] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 09/08/2011 - 20:18:50 - [1868883] ----D- C:\Program Files\iPod
O43 - CFD: 09/08/2011 - 20:19:12 - [125047038] ----D- C:\Program Files\iTunes
O43 - CFD: 19/05/2011 - 21:22:46 - [89284964] ----D- C:\Program Files\Java
O43 - CFD: 19/08/2010 - 22:50:20 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 24/12/2010 - 19:57:14 - [39848379] ----D- C:\Program Files\Microsoft Analysis Services
O43 - CFD: 24/12/2010 - 20:00:38 - [989185204] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 24/12/2010 - 20:00:36 - [1805760] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 24/12/2010 - 20:00:36 - [793991] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 24/12/2010 - 20:01:12 - [326800] ----D- C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 24/12/2010 - 19:58:56 - [1378033] ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 08/11/2010 - 12:59:52 - [8167779] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 26/10/2010 - 15:43:04 - [565760] ----D- C:\Program Files\Missler Software
O43 - CFD: 08/09/2010 - 21:28:24 - [218243] ----D- C:\Program Files\Morgan
O43 - CFD: 08/09/2011 - 17:39:48 - [31612729] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 24/12/2010 - 20:01:46 - [26521] ----D- C:\Program Files\MSBuild
O43 - CFD: 15/10/2010 - 09:38:22 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 13/10/2010 - 15:39:38 - [1399618446] ----D- C:\Program Files\Nero
O43 - CFD: 02/04/2011 - 02:03:18 - [455503] ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD: 08/10/2010 - 20:17:08 - [2546587] ----D- C:\Program Files\Outlook Express Launcher
O43 - CFD: 09/08/2011 - 20:08:44 - [75697179] ----D- C:\Program Files\QuickTime
O43 - CFD: 14/07/2009 - 06:52:32 - [38597377] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 09/08/2011 - 20:20:58 - [44366882] ----D- C:\Program Files\Safari
O43 - CFD: 31/07/2010 - 19:33:14 - [14369311] ----D- C:\Program Files\SFR
O43 - CFD: 11/08/2010 - 23:56:28 - [0] ----D- C:\Program Files\TomTom DesktopSuite
O43 - CFD: 12/08/2010 - 00:02:20 - [50448285] ----D- C:\Program Files\TomTom HOME 2
O43 - CFD: 12/08/2010 - 00:02:24 - [22486] ----D- C:\Program Files\TomTom International B.V
O43 - CFD: 27/08/2010 - 13:23:08 - [71737674] ----D- C:\Program Files\Toshiba
O43 - CFD: 14/07/2009 - 06:53:24 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 12/11/2010 - 23:04:56 - [78880911] ----D- C:\Program Files\VideoLAN
O43 - CFD: 18/01/2011 - 20:14:10 - [0] ----D- C:\Program Files\Winamp
O43 - CFD: 14/07/2009 - 10:39:40 - [3049984] ----D- C:\Program Files\Windows Defender
O43 - CFD: 14/07/2009 - 11:01:42 - [7013496] ----D- C:\Program Files\Windows Journal
O43 - CFD: 08/10/2010 - 20:26:30 - [74708855] ----D- C:\Program Files\Windows Live
O43 - CFD: 19/08/2010 - 22:50:04 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 18/12/2010 - 04:15:36 - [6180864] ----D- C:\Program Files\Windows Mail
O43 - CFD: 18/10/2010 - 12:58:22 - [6607787] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 28/07/2010 - 19:05:14 - [12197556] ----D- C:\Program Files\Windows NT
O43 - CFD: 14/07/2009 - 10:39:40 - [4417800] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 06:52:34 - [189440] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 14/07/2009 - 10:39:40 - [26945592] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 28/07/2010 - 19:12:10 - [3887186] ----D- C:\Program Files\WinRAR
O43 - CFD: 01/11/2010 - 15:52:20 - [170624] ----D- C:\Program Files\XviD
O43 - CFD: 20/09/2011 - 14:10:04 - [5471077] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 07/09/2010 - 11:59:26 - [6271998] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 10/09/2010 - 01:07:36 - [31934636] ----D- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 09/08/2011 - 20:18:48 - [114989651] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 24/12/2010 - 20:01:10 - [99136] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 17/09/2011 - 14:34:42 - [1976305] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 19/05/2011 - 21:23:20 - [1252295] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 24/12/2010 - 20:02:04 - [247952713] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 13/10/2010 - 15:33:04 - [19958275] ----D- C:\Program Files\Common Files\Nero
O43 - CFD: 08/09/2010 - 19:57:16 - [4167008] ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 26/10/2010 - 15:05:40 - [1095894] ----D- C:\Program Files\Common Files\SafeNet Sentinel
O43 - CFD: 14/07/2009 - 04:37:06 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:37:06 - [41103783] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 24/12/2010 - 19:58:02 - [10718952] ----D- C:\Program Files\Common Files\System
O43 - CFD: 19/08/2010 - 22:46:44 - [33061079] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 10/09/2010 - 01:07:40 - [94161943] ----D- C:\ProgramData\Adobe
O43 - CFD: 19/09/2011 - 19:41:16 - [393424] ----D- C:\ProgramData\aJ21703IpPdP21703
O43 - CFD: 27/08/2010 - 16:37:50 - [113693059] ----D- C:\ProgramData\Apple
O43 - CFD: 27/08/2010 - 16:39:08 - [122314672] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 28/07/2010 - 19:19:36 - [58767240] ----D- C:\ProgramData\Avira
O43 - CFD: 12/06/2011 - 20:36:50 - [1867112] ----D- C:\ProgramData\Badoo
O43 - CFD: 28/07/2010 - 19:05:14 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 12/10/2010 - 19:07:14 - [3358] ----D- C:\ProgramData\DVD Shrink
O43 - CFD: 16/06/2011 - 20:50:42 - [1930] ----D- C:\ProgramData\EBP
O43 - CFD: 28/07/2010 - 19:05:14 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 28/07/2010 - 19:05:14 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 24/12/2010 - 20:00:36 - [227358164] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 16/09/2011 - 20:51:06 - [63858] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 26/10/2010 - 15:42:50 - [307] ----D- C:\ProgramData\Missler Software
O43 - CFD: 28/07/2010 - 19:05:14 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 13/10/2010 - 15:39:40 - [2641557] ----D- C:\ProgramData\Nero
O43 - CFD: 02/04/2011 - 02:03:20 - [281681] ----D- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 19/05/2011 - 21:23:20 - [119] ----D- C:\ProgramData\Sun
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 12/08/2010 - 00:02:50 - [196944] ----D- C:\ProgramData\TomTom
O43 - CFD: 27/08/2010 - 13:27:20 - [18232] ----D- C:\ProgramData\TOSHIBA
O43 - CFD: 27/08/2010 - 16:39:42 - [541235] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 10/09/2010 - 01:07:38 - [19844284] ----D- C:\Users\FAB\AppData\Roaming\Adobe
O43 - CFD: 28/08/2010 - 20:48:44 - [19376841200] ----D- C:\Users\FAB\AppData\Roaming\Apple Computer
O43 - CFD: 23/01/2011 - 23:24:12 - [199] ----D- C:\Users\FAB\AppData\Roaming\dvdcss
O43 - CFD: 28/07/2010 - 19:05:38 - [0] ----D- C:\Users\FAB\AppData\Roaming\Identities
O43 - CFD: 26/10/2010 - 15:05:04 - [0] ----D- C:\Users\FAB\AppData\Roaming\InstallShield
O43 - CFD: 29/07/2010 - 01:53:22 - [74440] ----D- C:\Users\FAB\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 11:00:42 - [0] ----D- C:\Users\FAB\AppData\Roaming\Media Center Programs
O43 - CFD: 01/11/2010 - 16:16:12 - [16] ----D- C:\Users\FAB\AppData\Roaming\Media Player Classic
O43 - CFD: 18/09/2011 - 19:12:16 - [18668329] -S--D- C:\Users\FAB\AppData\Roaming\Microsoft
O43 - CFD: 28/07/2010 - 19:10:42 - [1811542] ----D- C:\Users\FAB\AppData\Roaming\Mozilla
O43 - CFD: 13/10/2010 - 15:40:00 - [189591] ----D- C:\Users\FAB\AppData\Roaming\Nero
O43 - CFD: 13/10/2010 - 15:44:40 - [0] ----D- C:\Users\FAB\AppData\Roaming\NeroDigital(TM)
O43 - CFD: 31/07/2010 - 19:36:04 - [3732] ----D- C:\Users\FAB\AppData\Roaming\SFR
O43 - CFD: 12/08/2010 - 00:02:36 - [7672987] ----D- C:\Users\FAB\AppData\Roaming\TomTom
O43 - CFD: 15/09/2011 - 21:05:38 - [4678062] ----D- C:\Users\FAB\AppData\Roaming\vlc
O43 - CFD: 27/08/2010 - 13:22:22 - [12] ----D- C:\Users\FAB\AppData\Roaming\WinRAR
O43 - CFD: 02/10/2010 - 12:07:30 - [79933] ----D- C:\Users\FAB\AppData\Local\Adobe
O43 - CFD: 27/08/2010 - 16:37:56 - [0] ----D- C:\Users\FAB\AppData\Local\Apple
O43 - CFD: 05/01/2011 - 16:49:12 - [10047969] ----D- C:\Users\FAB\AppData\Local\Apple Computer
O43 - CFD: 28/07/2010 - 19:05:28 - [0] -SH-D- C:\Users\FAB\AppData\Local\Application Data
O43 - CFD: 20/09/2011 - 14:01:18 - [933870] ----D- C:\Users\FAB\AppData\Local\Diagnostics
O43 - CFD: 25/01/2011 - 18:15:26 - [0] ----D- C:\Users\FA
je ne sais pas si j ai tout saisi, mais je tente
Merci
1
RogueKiller V5.3.4 [30/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur: FAB [Droits d'admin]
Mode: DNS RAZ -- Date : 20/09/2011 14:13:19
Processus malicieux: 0
Entrees de registre: 0
Termine : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt
2
RogueKiller V5.3.4 [30/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur: FAB [Droits d'admin]
Mode: HOSTS RAZ -- Date : 20/09/2011 14:13:23
Processus malicieux: 0
Fichier HOSTS:
Nouveau fichier HOSTS:
127.0.0.1 localhost
Termine : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt
3
RogueKiller V5.3.4 [30/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur: FAB [Droits d'admin]
Mode: Proxy RAZ -- Date : 20/09/2011 14:13:26
Processus malicieux: 0
Entrees de registre: 0
Termine : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt
4
RogueKiller V5.3.4 [30/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur: FAB [Droits d'admin]
Mode: HOSTS RAZ -- Date : 20/09/2011 14:13:28
Processus malicieux: 0
Fichier HOSTS:
127.0.0.1 localhost
Nouveau fichier HOSTS:
127.0.0.1 localhost
Termine : << RKreport[7].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt
5
RogueKiller V5.3.4 [30/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur: FAB [Droits d'admin]
Mode: Suppression -- Date : 20/09/2011 14:14:10
Processus malicieux: 0
Entrees de registre: 0
Fichiers / Dossiers particuliers:
Fichier HOSTS:
127.0.0.1 localhost
Termine : << RKreport[8].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt ; RKreport[8].txt
6
RogueKiller V5.3.4 [30/08/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Systeme d'exploitation: Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur: FAB [Droits d'admin]
Mode: Proxy RAZ -- Date : 20/09/2011 14:14:43
Processus malicieux: 0
Entrees de registre: 0
Termine : << RKreport[9].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt ; RKreport[8].txt ; RKreport[9].txt
7
Rapport de ZHPDiag v1.28.1350 par Nicolas Coolman, Update du 20/09/2011
Run by FAB at 20/09/2011 14:09:50
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox v3.6.22 (fr) (Defaut)
OBIE: Safari v5.34.50.0
---\\ Windows Product Information
Windows 7 Business Edition, 32-bit (Build 7600)
Windows Server License Manager Script : Absent (Not found)
Windows ID Activation : Inconnue (Unknown)
Windows Licence : Inconnue (Unknown)
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3066 MB (75% free)
System Restore: Activé (Enable)
System drive C: has 340 GB (73%) free of 466 GB
---\\ Logged in mode
~ Computer Name: FAB-PC
~ User Name: FAB
~ All Users Names: HomeGroupUser$, FAB, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\FAB\AppData\Roaming\
~ %Desktop% : C:\Users\FAB\Desktop\
~ %Favorites% : C:\Users\FAB\Favorites\
~ %LocalAppData% : C:\Users\FAB\AppData\Local\
~ %StartMenu% : C:\Users\FAB\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 340 Go of 466 Go)
D:\ CD-ROM drive (Free 0 Go of 3 Go)
E:\ Floppy drive, Flash card reader, USB Key (Free 3 Go of 4 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.2626FC9755BE22F805D3CFA0CE3EE727] - (.Microsoft Corporation - Explorateur Windows.) (.29/07/2010 - 06:45:39.) -- C:\Windows\Explorer.exe [2614272]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (....) (.14/07/2009 - 02:14:31.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]
[MD5.EE0D7471EBF9CE40CC4A203B1F90F028] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.11/08/2011 - 06:36:36.) -- C:\Windows\system32\wininet.dll [981504]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.29/07/2010 - 07:17:59.) -- C:\Windows\system32\Winlogon.exe [285696]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 - 02:20:44.) -- C:\Windows\system32\drivers\ntfs.sys [1210432]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:16:15.) -- C:\Windows\system32\sppcomapi.dll [193024]
[MD5.D8714A5FB3141F8226D16861F20C5AC4] - (....) (.14/07/2009 - 09:39:06.) -- C:\Windows\system32\fr-FR\user32.dll.mui [19968]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2129
~ Mes musiques (My Musics) : 194/551
~ Mes Videos (My Videos) : 2/115
~ Mes Favoris (My Favorites) : 3/26
~ Mes Documents (My Documents) : 1/5464
~ Mon Bureau (My Desktop) : 3/253
~ Menu demarrer (Programs) : 6/26
~ Scan Hidden Files in 00mn 10s
---\\ Processus lancés
[MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153] [PID.2908]
[MD5.B0DA80FF42A0819D162A86612896AAF2] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [47104] [PID.3104]
[MD5.B26A2F3CD6459548DB6891D138080876] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2121216] [PID.1384]
~ Scan Processes Running in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\FAB\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\FAB\AppData\Roaming\Mozilla\Firefox\Profiles\8a2e6x5s.default\prefs.js
C:\Users\FAB\AppData\Roaming\Mozilla\Firefox\Profiles\8a2e6x5s.default\user.js (.not file.)
M3 - MFPP: Plugins - [FAB] -- C:\Users\FAB\AppData\Roaming\Mozilla\Firefox\Profiles\8a2e6x5s.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [FAB] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [FAB] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [FAB] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [FAB] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [FAB] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [FAB] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [FAB - 8a2e6x5s.default] www.google.fr
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_25 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKUS\S-1-5-21-3222746581-1238979341-1518396074-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://google/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-3222746581-1238979341-1518396074-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [ITSecMng] . (.TOSHIBA CORPORATION - IT Security Manager for Toshiba Stack.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (.not file.)
O4 - HKLM\..\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-3222746581-1238979341-1518396074-1001\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-3222746581-1238979341-1518396074-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Badoo Desktop.lnk . (.Badoo.) -- C:\ProgramData\Badoo\Badoo Desktop\1.5.3.949\Badoo.Desktop.exe
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\FAB\Desktop\DVDFab HD Decrypter 4.lnk . (.Fengtao Software Inc..) -- C:\Program Files\DVDFab HD Decrypter 4\DVDFabHDDecrypter.exe
O4 - Global Startup: C:\Users\FAB\Desktop\Microsoft Office - Raccourci.lnk . (...) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O4 - Global Startup: C:\Users\FAB\Desktop\pbsetup - Raccourci.lnk . (...) -- C:\Users\FAB\Downloads\pbsetup.exe
O4 - Global Startup: C:\Users\FAB\Desktop\Son - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\FAB\Desktop\TopSolid 2010.lnk . (.Missler Software.) -- C:\Missler\V611\bin\top611.exe
O4 - Global Startup: C:\Users\FAB\Desktop\Téléchargements.lnk . (...) -- C:\Users\FAB\Downloads
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...) -- C:\Windows\Installer\{735619D4-B42A-437A-958C-199BFCAEDB38}\SafariIco.exe
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\bwin Poker.lnk . (...) -- C:\bwinPoker\StartBwin.fr.exe
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\FAB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Outlook Express.lnk . (.OLab.) -- C:\Program Files\Outlook Express Launcher\OELauncher.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Envoyer à OneNote . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~2\Office14\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office14\ONBTTN~1.dll
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BBA813D7-B62C-4068-BAAB-7954C667F487}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{92891F0F-8A1B-4CAB-9C57-75A87ED80336}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{BBA813D7-B62C-4068-BAAB-7954C667F487}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{92891F0F-8A1B-4CAB-9C57-75A87ED80336}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{BBA813D7-B62C-4068-BAAB-7954C667F487}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{92891F0F-8A1B-4CAB-9C57-75A87ED80336}: DhcpNameServer = 172.20.2.39 172.20.2.10
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: C:\Program Files\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Service SFR Gestionnaire Connexion (ServiceSFRABCD) . (.SFR & Celliance - Service Windows SFR ABCd.) - C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.6BB00663FBE9978FE2BE61B99B8375D8] [APT] [{078B2A4A-33E5-4F35-ADC9-287ACBDCACEE}] (.Google.) -- C:\Program Files\Google\Google Earth\client\googleearth.exe
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 02s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\system32\drivers\csc.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (Tosrfcom) . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) - C:\Windows\system32\Drivers\tosrfcom.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AC3Filter (remove only) - (.Pas de propriétaire.) [HKLM] -- AC3Filter
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Battlefield 2 édition Deluxe - (.Pas de propriétaire.) [HKLM] -- {04858915-9F49-4B2A-AED4-DC49A7DE6A7B}
O42 - Logiciel: CoreVorbis Audio Decoder (remove only) - (.Pas de propriétaire.) [HKLM] -- CoreVorbis Audio Decoder
O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1
O42 - Logiciel: DVDFab HD Decrypter 4.1.2.0 - (.Fengtao Software Inc..) [HKLM] -- DVDFab HD Decrypter 4_is1
O42 - Logiciel: Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{28857979-5507-4C10-A922-FF709A19D38C}
O42 - Logiciel: Direct Show Ogg Vorbis Filter (remove only) - (.Pas de propriétaire.) [HKLM] -- OggDS
O42 - Logiciel: DivX Player - (.DivXNetworks, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9}
O42 - Logiciel: DivX Pro Trial - (.DivXNetworks, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}
O42 - Logiciel: Gestionnaire de Connexion SFR 2009.03 - (.Pas de propriétaire.) [HKLM] -- Gestionnaire de Connexion SFR_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Gordian Knot Rip Pack 0.35.0 - (.Gordian Knot Development Team.) [HKLM] -- Gordian Knot
O42 - Logiciel: Huffyuv AVI lossless video codec (Remove Only) - (.Pas de propriétaire.) [HKLM] -- HUFFYUV
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft Office Professionnel Plus 2010 - (.Microsoft Corporation.) [HKLM] -- Office14.PROPLUS
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Morgan Stream Switcher - (.Pas de propriétaire.) [HKLM] -- mmswitch
O42 - Logiciel: Mozilla Firefox (3.6.22) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.22)
O42 - Logiciel: Outlook Express Launcher 2.2 - (.Pas de propriétaire.) [HKLM] -- OELauncher
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft Excel 2010 (KB2553070) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{294BAA9E-9209-497F-A71F-7E52EFB194D4}
O42 - Logiciel: Security Update for Microsoft InfoPath 2010 (KB2510065) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3C6C6854-EB6B-455C-B0A6-9871F0538028}
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2289078) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{1D1A4F08-2F17-475B-BA72-476CE5992FEE}
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2553091) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{07CA44F3-F5B3-4D12-8C91-EDC5FE91D45C}
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2553096) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{10802A6D-EDBF-4383-BCBD-9D5B32F56D35}
O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2584066) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EEB4DDD0-08EA-4787-BDAB-D38D67A35CD5}
O42 - Logiciel: Security Update for Microsoft PowerPoint 2010 (KB2519975) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{45D7C5CD-B967-44AF-9DAB-E5C8545558AD}
O42 - Logiciel: Security Update for Microsoft Publisher 2010 (KB2409055) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{C3C277D5-36E3-4B1A-926A-175B2BC019CF}
O42 - Logiciel: Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{337A3FB9-281D-4EC8-9CC1-7F6DDAC2359F}
O42 - Logiciel: Security Update for Microsoft Word 2010 (KB2345000) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: TomTom HOME 2.7.5.2014 - (.TomTom.) [HKLM] -- TomTom HOME
O42 - Logiciel: TopSolid 2010 By Missler Software - (.Missler Software.) [HKLM] -- {D1CA7EAC-0D58-44AB-9039-422CCBB408DE}
O42 - Logiciel: TopSolid 2010 Global Patch - (.Missler Software.) [HKLM] -- {F18D0E01-67A4-4D27-92BF-8FF71C523222}
O42 - Logiciel: TopSolid'Cam 2010 Patch - (.Missler Software.) [HKLM] -- {40CD696A-3A6A-43DF-A228-19D8EBD34E22}
O42 - Logiciel: TopSolid'Finder 2010 by Missler Software - (.Missler Software.) [HKLM] -- {E703A76F-156A-4507-BAE0-B385A1B845BA}
O42 - Logiciel: TopSolid'Interop Catia V5 2010 Patch - (.Missler Software.) [HKLM] -- {C8E2DF3F-3A97-4341-A7F6-C8F7C0D5DCD0}
O42 - Logiciel: TopSolid'Viewer 2010 Patch - (.Missler Software.) [HKLM] -- {D0AE9116-7846-40EA-9F39-34006999B3BC}
O42 - Logiciel: TopSolid'Viewer 2010 by Missler Software - (.Missler Software.) [HKLM] -- {73E607FC-44D5-4C4F-A4A3-9D11CBB81A4F}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2202188) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{86B7A074-265D-420C-9E1E-7A920EF0ECA7}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{556146F7-74AE-4E0A-B64F-5B8B93469F61}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B5516874-E926-4BFD-B412-D0E70112F244}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D6CE7280-6EE3-419A-8F47-DB111C040B1B}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2494150) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2523113) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{C0FF04BF-A05E-408B-81CA-B7FACDA508A3}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553065) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258D2B3F8}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2553092) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}
O42 - Logiciel: Update for Microsoft Office 2010 (KB2566458) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401BC87363}
O42 - Logiciel: Update for Microsoft OneNote 2010 (KB2493983) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{309EEC22-83CE-4109-B019-BA9392FAA322}
O42 - Logiciel: Update for Microsoft Outlook Social Connector (KB2583935) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EDF9874C-9E37-4110-9FC3-094247E114DF}
O42 - Logiciel: Update for Microsoft Outlook Social Connector (KB2583935) - (.Microsoft.) [HKLM] -- {90140000-001A-040C-0000-0000000FF1CE}_Office14.PROPLUS_{23639AE1-CE0D-4ED2-9110-995796F53580}
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: VobSub v2.23 (Remove Only) - (.Pas de propriétaire.) [HKLM] -- VobSub
O42 - Logiciel: XviD MPEG-4 Video Codec - (.XviD Team (Koepi).) [HKLM] -- XviD_is1
O42 - Logiciel: bwin Poker - (.Bwin.) [HKLM] -- bwin Poker_is1
O42 - Logiciel: ffdshow (remove only) - (.Pas de propriétaire.) [HKLM] -- ffdshow
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AC3Filter]
[HKCU\Software\Adobe]
[HKCU\Software\AlterGeo]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avira]
[HKCU\Software\Badoo]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DVD Shrink]
[HKCU\Software\DVDFab]
[HKCU\Software\DivXNetworks]
[HKCU\Software\Freeware]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\GordianKnot]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\Missler Software]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NeroDigital]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OLab]
[HKCU\Software\Policies]
[HKCU\Software\Protexis]
[HKCU\Software\SFR]
[HKCU\Software\TomTom]
[HKCU\Software\Toshiba]
[HKCU\Software\VFPlugin]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Agere]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Avira]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DICE]
[HKLM\Software\DVDFab]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EA GAMES]
[HKLM\Software\Electronic Arts]
[HKLM\Software\Even Balance]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Google]
[HKLM\Software\GordianKnot]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\LSI]
[HKLM\Software\Macromedia]
[HKLM\Software\MimarSinan]
[HKLM\Software\Missler Software]
[HKLM\Software\Morgan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\My Company Name]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\Nullsoft]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Protexis]
[HKLM\Software\Rainbow Technologies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SFR]
[HKLM\Software\Sonic]
[HKLM\Software\TomTom]
[HKLM\Software\Toshiba]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WinRAR]
[HKLM\Software\X-AVCSD]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 01/11/2010 - 15:52:26 - [590019] ----D- C:\Program Files\AC3Filter
O43 - CFD: 07/09/2010 - 11:59:20 - [241773241] ----D- C:\Program Files\Adobe
O43 - CFD: 09/08/2011 - 17:58:44 - [2428606] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 28/07/2010 - 19:19:36 - [132892298] ----D- C:\Program Files\Avira
O43 - CFD: 01/11/2010 - 15:50:28 - [2114566] ----D- C:\Program Files\AviSynth 2.5
O43 - CFD: 09/08/2011 - 20:16:46 - [628535] ----D- C:\Program Files\Bonjour
O43 - CFD: 17/09/2011 - 14:34:42 - [514584427] ----D- C:\Program Files\Common Files
O43 - CFD: 01/11/2010 - 15:52:00 - [4455730] ----D- C:\Program Files\DivX
O43 - CFD: 14/07/2009 - 11:01:44 - [83226132] ----D- C:\Program Files\DVD Maker
O43 - CFD: 12/10/2010 - 19:06:08 - [970899] ----D- C:\Program Files\DVD Shrink
O43 - CFD: 01/11/2010 - 15:38:28 - [4731897] ----D- C:\Program Files\DVDFab HD Decrypter 4
O43 - CFD: 17/09/2011 - 14:37:12 - [4022894856] ----D- C:\Program Files\EA GAMES
O43 - CFD: 08/09/2010 - 21:28:40 - [6363276] ----D- C:\Program Files\ffdshow
O43 - CFD: 28/07/2010 - 19:05:14 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 01/11/2010 - 15:50:16 - [350893] ----D- C:\Program Files\Gabest
O43 - CFD: 02/09/2011 - 07:48:24 - [370993646] ----D- C:\Program Files\Google
O43 - CFD: 01/11/2010 - 15:51:02 - [15334523] ----D- C:\Program Files\GordianKnot
O43 - CFD: 17/09/2011 - 14:37:06 - [80019554] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 11/08/2011 - 10:24:30 - [5730513] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 09/08/2011 - 20:18:50 - [1868883] ----D- C:\Program Files\iPod
O43 - CFD: 09/08/2011 - 20:19:12 - [125047038] ----D- C:\Program Files\iTunes
O43 - CFD: 19/05/2011 - 21:22:46 - [89284964] ----D- C:\Program Files\Java
O43 - CFD: 19/08/2010 - 22:50:20 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 24/12/2010 - 19:57:14 - [39848379] ----D- C:\Program Files\Microsoft Analysis Services
O43 - CFD: 24/12/2010 - 20:00:38 - [989185204] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 24/12/2010 - 20:00:36 - [1805760] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 24/12/2010 - 20:00:36 - [793991] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 24/12/2010 - 20:01:12 - [326800] ----D- C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 24/12/2010 - 19:58:56 - [1378033] ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 08/11/2010 - 12:59:52 - [8167779] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 26/10/2010 - 15:43:04 - [565760] ----D- C:\Program Files\Missler Software
O43 - CFD: 08/09/2010 - 21:28:24 - [218243] ----D- C:\Program Files\Morgan
O43 - CFD: 08/09/2011 - 17:39:48 - [31612729] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 24/12/2010 - 20:01:46 - [26521] ----D- C:\Program Files\MSBuild
O43 - CFD: 15/10/2010 - 09:38:22 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 13/10/2010 - 15:39:38 - [1399618446] ----D- C:\Program Files\Nero
O43 - CFD: 02/04/2011 - 02:03:18 - [455503] ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD: 08/10/2010 - 20:17:08 - [2546587] ----D- C:\Program Files\Outlook Express Launcher
O43 - CFD: 09/08/2011 - 20:08:44 - [75697179] ----D- C:\Program Files\QuickTime
O43 - CFD: 14/07/2009 - 06:52:32 - [38597377] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 09/08/2011 - 20:20:58 - [44366882] ----D- C:\Program Files\Safari
O43 - CFD: 31/07/2010 - 19:33:14 - [14369311] ----D- C:\Program Files\SFR
O43 - CFD: 11/08/2010 - 23:56:28 - [0] ----D- C:\Program Files\TomTom DesktopSuite
O43 - CFD: 12/08/2010 - 00:02:20 - [50448285] ----D- C:\Program Files\TomTom HOME 2
O43 - CFD: 12/08/2010 - 00:02:24 - [22486] ----D- C:\Program Files\TomTom International B.V
O43 - CFD: 27/08/2010 - 13:23:08 - [71737674] ----D- C:\Program Files\Toshiba
O43 - CFD: 14/07/2009 - 06:53:24 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 12/11/2010 - 23:04:56 - [78880911] ----D- C:\Program Files\VideoLAN
O43 - CFD: 18/01/2011 - 20:14:10 - [0] ----D- C:\Program Files\Winamp
O43 - CFD: 14/07/2009 - 10:39:40 - [3049984] ----D- C:\Program Files\Windows Defender
O43 - CFD: 14/07/2009 - 11:01:42 - [7013496] ----D- C:\Program Files\Windows Journal
O43 - CFD: 08/10/2010 - 20:26:30 - [74708855] ----D- C:\Program Files\Windows Live
O43 - CFD: 19/08/2010 - 22:50:04 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 18/12/2010 - 04:15:36 - [6180864] ----D- C:\Program Files\Windows Mail
O43 - CFD: 18/10/2010 - 12:58:22 - [6607787] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 28/07/2010 - 19:05:14 - [12197556] ----D- C:\Program Files\Windows NT
O43 - CFD: 14/07/2009 - 10:39:40 - [4417800] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 06:52:34 - [189440] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 14/07/2009 - 10:39:40 - [26945592] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 28/07/2010 - 19:12:10 - [3887186] ----D- C:\Program Files\WinRAR
O43 - CFD: 01/11/2010 - 15:52:20 - [170624] ----D- C:\Program Files\XviD
O43 - CFD: 20/09/2011 - 14:10:04 - [5471077] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 07/09/2010 - 11:59:26 - [6271998] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 10/09/2010 - 01:07:36 - [31934636] ----D- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 09/08/2011 - 20:18:48 - [114989651] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 24/12/2010 - 20:01:10 - [99136] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 17/09/2011 - 14:34:42 - [1976305] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 19/05/2011 - 21:23:20 - [1252295] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 24/12/2010 - 20:02:04 - [247952713] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 13/10/2010 - 15:33:04 - [19958275] ----D- C:\Program Files\Common Files\Nero
O43 - CFD: 08/09/2010 - 19:57:16 - [4167008] ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 26/10/2010 - 15:05:40 - [1095894] ----D- C:\Program Files\Common Files\SafeNet Sentinel
O43 - CFD: 14/07/2009 - 04:37:06 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:37:06 - [41103783] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 24/12/2010 - 19:58:02 - [10718952] ----D- C:\Program Files\Common Files\System
O43 - CFD: 19/08/2010 - 22:46:44 - [33061079] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 10/09/2010 - 01:07:40 - [94161943] ----D- C:\ProgramData\Adobe
O43 - CFD: 19/09/2011 - 19:41:16 - [393424] ----D- C:\ProgramData\aJ21703IpPdP21703
O43 - CFD: 27/08/2010 - 16:37:50 - [113693059] ----D- C:\ProgramData\Apple
O43 - CFD: 27/08/2010 - 16:39:08 - [122314672] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 28/07/2010 - 19:19:36 - [58767240] ----D- C:\ProgramData\Avira
O43 - CFD: 12/06/2011 - 20:36:50 - [1867112] ----D- C:\ProgramData\Badoo
O43 - CFD: 28/07/2010 - 19:05:14 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 12/10/2010 - 19:07:14 - [3358] ----D- C:\ProgramData\DVD Shrink
O43 - CFD: 16/06/2011 - 20:50:42 - [1930] ----D- C:\ProgramData\EBP
O43 - CFD: 28/07/2010 - 19:05:14 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 28/07/2010 - 19:05:14 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 24/12/2010 - 20:00:36 - [227358164] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 16/09/2011 - 20:51:06 - [63858] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 26/10/2010 - 15:42:50 - [307] ----D- C:\ProgramData\Missler Software
O43 - CFD: 28/07/2010 - 19:05:14 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 13/10/2010 - 15:39:40 - [2641557] ----D- C:\ProgramData\Nero
O43 - CFD: 02/04/2011 - 02:03:20 - [281681] ----D- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 19/05/2011 - 21:23:20 - [119] ----D- C:\ProgramData\Sun
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 12/08/2010 - 00:02:50 - [196944] ----D- C:\ProgramData\TomTom
O43 - CFD: 27/08/2010 - 13:27:20 - [18232] ----D- C:\ProgramData\TOSHIBA
O43 - CFD: 27/08/2010 - 16:39:42 - [541235] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 10/09/2010 - 01:07:38 - [19844284] ----D- C:\Users\FAB\AppData\Roaming\Adobe
O43 - CFD: 28/08/2010 - 20:48:44 - [19376841200] ----D- C:\Users\FAB\AppData\Roaming\Apple Computer
O43 - CFD: 23/01/2011 - 23:24:12 - [199] ----D- C:\Users\FAB\AppData\Roaming\dvdcss
O43 - CFD: 28/07/2010 - 19:05:38 - [0] ----D- C:\Users\FAB\AppData\Roaming\Identities
O43 - CFD: 26/10/2010 - 15:05:04 - [0] ----D- C:\Users\FAB\AppData\Roaming\InstallShield
O43 - CFD: 29/07/2010 - 01:53:22 - [74440] ----D- C:\Users\FAB\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 11:00:42 - [0] ----D- C:\Users\FAB\AppData\Roaming\Media Center Programs
O43 - CFD: 01/11/2010 - 16:16:12 - [16] ----D- C:\Users\FAB\AppData\Roaming\Media Player Classic
O43 - CFD: 18/09/2011 - 19:12:16 - [18668329] -S--D- C:\Users\FAB\AppData\Roaming\Microsoft
O43 - CFD: 28/07/2010 - 19:10:42 - [1811542] ----D- C:\Users\FAB\AppData\Roaming\Mozilla
O43 - CFD: 13/10/2010 - 15:40:00 - [189591] ----D- C:\Users\FAB\AppData\Roaming\Nero
O43 - CFD: 13/10/2010 - 15:44:40 - [0] ----D- C:\Users\FAB\AppData\Roaming\NeroDigital(TM)
O43 - CFD: 31/07/2010 - 19:36:04 - [3732] ----D- C:\Users\FAB\AppData\Roaming\SFR
O43 - CFD: 12/08/2010 - 00:02:36 - [7672987] ----D- C:\Users\FAB\AppData\Roaming\TomTom
O43 - CFD: 15/09/2011 - 21:05:38 - [4678062] ----D- C:\Users\FAB\AppData\Roaming\vlc
O43 - CFD: 27/08/2010 - 13:22:22 - [12] ----D- C:\Users\FAB\AppData\Roaming\WinRAR
O43 - CFD: 02/10/2010 - 12:07:30 - [79933] ----D- C:\Users\FAB\AppData\Local\Adobe
O43 - CFD: 27/08/2010 - 16:37:56 - [0] ----D- C:\Users\FAB\AppData\Local\Apple
O43 - CFD: 05/01/2011 - 16:49:12 - [10047969] ----D- C:\Users\FAB\AppData\Local\Apple Computer
O43 - CFD: 28/07/2010 - 19:05:28 - [0] -SH-D- C:\Users\FAB\AppData\Local\Application Data
O43 - CFD: 20/09/2011 - 14:01:18 - [933870] ----D- C:\Users\FAB\AppData\Local\Diagnostics
O43 - CFD: 25/01/2011 - 18:15:26 - [0] ----D- C:\Users\FA