Clavier qui ne répond plus correctement !
steph5956
-
Valuu Messages postés 2258 Statut Contributeur -
Valuu Messages postés 2258 Statut Contributeur -
Bonjour,
J'ai un petit, non un GROS problème sur mon ordinateur portable. Cela fait deux jours que mon clavier bug totalement. Certaines touches fonctionent, d'autres pas, d'autres activent d'autres touche ( le m trnasofrmé en ":" par exemple ). Meme probleme avec la souris , c'est comme si le clic gauche etait toujours enfoncé. Je sais pas vraiment ce qui se passe, ca s'est fait du jour au lendemain, sans raison apaprente. ( Actuellement j utilise un clavier externe, mais c'est pas le top, parfois ce dernier a exactement les meme problemes ) .
J ai donc logiquement pensé a un virus, mais analyse anti-virus, rien detecté ( avast ).
Si ce serait un probleme de clavier, le clavier externe ne devrait pas buguer lui aussi non ?
Je comprend pas DU TOUT ce qui se passe ... Aurais je activé qqchose sans m en rendre compte ?
Merci a ceux qui prendront le temps de m'aider :)
J'ai un petit, non un GROS problème sur mon ordinateur portable. Cela fait deux jours que mon clavier bug totalement. Certaines touches fonctionent, d'autres pas, d'autres activent d'autres touche ( le m trnasofrmé en ":" par exemple ). Meme probleme avec la souris , c'est comme si le clic gauche etait toujours enfoncé. Je sais pas vraiment ce qui se passe, ca s'est fait du jour au lendemain, sans raison apaprente. ( Actuellement j utilise un clavier externe, mais c'est pas le top, parfois ce dernier a exactement les meme problemes ) .
J ai donc logiquement pensé a un virus, mais analyse anti-virus, rien detecté ( avast ).
Si ce serait un probleme de clavier, le clavier externe ne devrait pas buguer lui aussi non ?
Je comprend pas DU TOUT ce qui se passe ... Aurais je activé qqchose sans m en rendre compte ?
Merci a ceux qui prendront le temps de m'aider :)
A voir également:
- Clavier qui ne répond plus correctement !
- Télécharger clavier arabe - Télécharger - Divers Web & Internet
- & Sur clavier - Guide
- Clavier de l'ordinateur - Guide
- Clavier iphone chiffre et lettre - Guide
- Le clavier de mon telephone ne s'affiche plus - Guide
15 réponses
Hello,
N'aurais-tu pas passer ton clavier en Querty par hasard ?
Teste en appuyant sur les touches AZERTY qu'elle donne bien le mot "azerty" et non "querty"
Si c'est en Querty, appuies sur Alt+Shift (la flèche dirigée vers le haut).
N'aurais-tu pas passer ton clavier en Querty par hasard ?
Teste en appuyant sur les touches AZERTY qu'elle donne bien le mot "azerty" et non "querty"
Si c'est en Querty, appuies sur Alt+Shift (la flèche dirigée vers le haut).
non, non je suis bien en mode azerty --> parmis les 6 premieres touches il n y a que z et e qui fonctionnent mais a la bonne place
Ah... Bizarre.
On va voir côté infection.
--------------------------------------------------------------------------------------
Télécharge WinChk sur ton bureau.
Lance le et appuie sur le bouton [Exécuter]
Un rapport s'ouvrira. Il sera également enregistré sous C:\WinChk.txt
Rends toi sur pjjoint.
Clique sur [Parcourir] , navigue jusqu'au fichier C:\WinChk.txt puis clique sur [OK]
Clique enfin sur [Envoyer le fichier] puis copie/colle dans ta prochaine réponse le lien créé qui apparaitra à l'écran.
--------------------------------------------------------------------------------------
Utilise ce logiciel de diagnostic :
* Télécharge ZHPDiag (de Nicolas Coolman)
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Sous Vista/Seven, si ça ne se lance pas --> Clic droit/Exécuter en tant qu'administrateur
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur ce site, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
On va voir côté infection.
--------------------------------------------------------------------------------------
Télécharge WinChk sur ton bureau.
Lance le et appuie sur le bouton [Exécuter]
Un rapport s'ouvrira. Il sera également enregistré sous C:\WinChk.txt
Rends toi sur pjjoint.
Clique sur [Parcourir] , navigue jusqu'au fichier C:\WinChk.txt puis clique sur [OK]
Clique enfin sur [Envoyer le fichier] puis copie/colle dans ta prochaine réponse le lien créé qui apparaitra à l'écran.
--------------------------------------------------------------------------------------
Utilise ce logiciel de diagnostic :
* Télécharge ZHPDiag (de Nicolas Coolman)
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Sous Vista/Seven, si ça ne se lance pas --> Clic droit/Exécuter en tant qu'administrateur
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur ce site, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
Enfin la en ce moment le "m" ne donne plus " :" et parfois certaines lettres qui ne fonctionne pas fonctionne ... par contre est ce qu'il est possible de désactiver le clavier intégré a l'ordi ? Par ce que j ai limpression qu il me fait aussi buguer ma souris externe et mon clavier externe ... ( mon pc portable etant surtout utilisé à domicile, j ai pas specialement envie de le fire réparer ... )
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
rapport winchk http://pjjoint.malekal.com/files.php?id=r9n9r7f14o8i8t7n6t6y12q6t15w13k8q8o13q12n10x7b10
rapport zhp diag ( fichier avec extension, pas pu utiliser le site )
Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011
Run by steph at 07/09/2011 20:16:26
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox v3.5.8 (fr) (Defaut)
---\\ Windows Product Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : DCXVT
Windows License : OK
Windows Automatic Updates : OK
---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3065 MB (48% free)
System Restore: Activé (Enable)
System drive C: has 25 GB (17%) free of 144 GB
---\\ Logged in mode
~ Computer Name: PC-DE-STEPH
~ User Name: steph
~ All Users Names: steph, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\steph\AppData\Roaming\
~ %Desktop% : C:\Users\steph\Documents\Desktop\
~ %Favorites% : C:\Users\steph\Favorites\
~ %LocalAppData% : C:\Users\steph\AppData\Local\
~ %StartMenu% : C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 25 Go of 144 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 143 Go of 144 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.20/10/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.4B555106290BD117334E9A08761C035A] - (....) (.06/01/2009 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.06/01/2009 - 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.2C7332C222D1FE1FC57D622699A8C001] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.27/08/2011 - 15:04:54.) -- C:\Windows\system32\wininet.dll [1126912]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/10/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.06/01/2009 - 03:23:00.) -- C:\Windows\system32\drivers\atapi.sys [21560]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.20/10/2009 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]
[MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.06/01/2009 - 02:19:42.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/126
~ Mes musiques (My Musics) : 5/34
~ Mes Videos (My Videos) : 1/6
~ Mes Favoris (My Favorites) : 4/79
~ Mes Documents (My Documents) : 21/441
~ Mon Bureau (My Desktop) : 13/139
~ Menu demarrer (Programs) : 7/33
~ Scan Hidden Files in 00mn 00s
---\\ Processus lancés
[MD5.0C7FF4C27E0507AF230477037E65E36D] - (.SAMSUNG Electronics co., LTD. - Easy Battery Manager 3.) -- C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [352256] [PID.2304]
[MD5.01921762F0525B17057ECEAD1ADFC22D] - (.SAMSUNG Electronics - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [679936] [PID.2328]
[MD5.787311D77B29EE718A1A22859C3E4F6F] - (.Samsung Electronics Co., Ltd. - Samsung Magic Doctor Launcher.) -- C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [45056] [PID.2340]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3912]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\Windows\System32\rundll32.exe [44544] [PID.]
[MD5.AD5F3CC0FAC049F9676639E486B63913] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6273568] [PID.3984]
[MD5.A37B2AB33BFF3C6705DC2C016328DD2F] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416] [PID.3992]
[MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3493720] [PID.4000]
[MD5.53D96678FB89F056D5285101481297D9] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160] [PID.2520]
[MD5.95D2D473B44D5245F87FCDD6646A89F7] - (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe [800768] [PID.3112]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.3216]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.1912]
[MD5.5D539617604E953FD2DF852F4B51A383] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [15141768] [PID.1568]
[MD5.2C9610B089C66D60792447ED011E589B] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [723496] [PID.1440]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3288]
[MD5.11E8D8272FDBE213ADE3DAD91427CE35] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [11322880] [PID.3356]
[MD5.2337EC951C4AF6E1AF65D10BD9615BEB] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [11314688] [PID.4108]
[MD5.406B889157DB84032CE6A51D043CAE29] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [95528] [PID.2412]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472] [PID.5380]
[MD5.904E13BA41AF2E353A32CF351CA53639] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [748336] [PID.4860]
[MD5.65F8418C1BD51981059269F2A833F28A] - (.Microsoft Corporation. - Bing Client Extensions.) -- C:\Program Files\Microsoft\BingBar\BingBar.exe [391944] [PID.3272]
[MD5.6DB2174CAE7EB19520C8596D3CC976D0] - (.Microsoft Corporation. - Bing Client Application Process.) -- C:\Program Files\Microsoft\BingBar\BingApp.exe [259848] [PID.5344]
[MD5.0AB420B203BFC541DE65CFBD88470D3A] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10t_ActiveX.exe [240288] [PID.4996]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3104]
[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [669696] [PID.6044]
[MD5.DF6315CE4FF30F706ABF3802D7749E70] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 176.2.) -- C:\Windows\system32\nvvsvc.exe [196608] [PID.]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.]
[MD5.D16C826F375A44802BF317982E81A7E2] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [PID.]
[MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Infrastructure d'extensibilité pour les ser.) -- C:\Windows\system32\WLANExt.exe [74240] [PID.]
[MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664] [PID.]
[MD5.F2060A34C8A75BC24A9222EB4F8C07BD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [349472] [PID.]
[MD5.2D41D7250F73272946DE04FF7A19761E] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [819200] [PID.]
[MD5.ED8C9F16E10C1E4C4C5D16CD04966E24] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944] [PID.]
[MD5.A1545B731579895D8CC44FC0481C1192] - (.Microsoft Corporation - Service de la passerelle de la couche Appli.) -- C:\Windows\System32\alg.exe [59392] [PID.]
[MD5.B84A28B3984185EDA8867541AF14CDDB] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820520] [PID.]
~ Scan Processes Running in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.bing.com
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
G2 - GCE: Preference [User Data\Default] [bjeikeheijdjdfjbmknpefojickbkmom] Offerbox v.2.2.2468.40 (Activé)
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\prefs.js
C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\user.js (.not file.)
M3 - MFPP: Plugins - [steph] -- C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\searchplugins\conduit.xml
M3 - MFPP: Plugins - [steph] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [steph] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [steph] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [steph] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [steph] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [steph] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [steph - ud0pvjks.default] http://search.conduit.com/?ctid=CT2567681&SearchSource=13
M2 - MFEP: prefs.js [steph - ud0pvjks.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)
M2 - MFEP: prefs.js [steph - ud0pvjks.default\{59994074-c06d-4a75-9768-49e5a8c21264}] [] Messenger Plus Live France Toolbar v2.6.0.15 (.Conduit Ltd..)
M2 - MFEP: prefs.js [steph - ud0pvjks.default\{7a88e876-d715-4503-a7bf-a8eba13ca3f9}] [] SocialPlus v2.6.0.15 (.SocialPlus.)
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.6.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.0.254.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=13] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKUS\S-1-5-21-654576895-2124832399-4043957946-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-654576895-2124832399-4043957946-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: (no name) - {59994074-c06d-4a75-9768-49e5a8c21264} . (...) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- "C:\Program Files\Microsoft\BingBar\BingExt.dll"
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\IMBooster.exe (.not file.)
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [PlusService] . (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-654576895-2124832399-4043957946-1003\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-654576895-2124832399-4043957946-1003\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-654576895-2124832399-4043957946-1003\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-654576895-2124832399-4043957946-1003\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jouer (EasyBits GO).lnk . (.EasyBits Software AS.) -- C:\ProgramData\Easybits GO\EasyBitsGO.exe
O4 - Global Startup: C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\steph\Desktop\Audacity.lnk . (...) -- C:\Program Files\Audacity\audacity.exe
O4 - Global Startup: C:\Users\steph\Desktop\CamStudio.lnk . (...) -- C:\Program Files\CamStudio\Recorder.exe
O4 - Global Startup: C:\Users\steph\Desktop\Easy Video Capture.lnk . (...) -- C:\Program Files\Easy Video Capture\VideoCap.exe
O4 - Global Startup: C:\Users\steph\Desktop\HyperCam 2.lnk . (.Hyperionics.) -- C:\Program Files\HyCam2\HyCam2.exe
O4 - Global Startup: C:\Users\steph\Desktop\Jeux.lnk - Clé orpheline
O4 - Global Startup: C:\Users\steph\Desktop\msn.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\steph\Desktop\Ordinateur.lnk - Clé orpheline
O4 - Global Startup: C:\Users\steph\Desktop\s.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\steph\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\steph\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\steph\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~2\Office10\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: Microsoft XML Parser for Java - (Microsoft XML Parser for Java) - (.not file.) - C:\Windows\Java\classes\xmldso.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.jeux.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{257B7919-6A91-4E4C-9589-80C14D3A5A3E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{257B7919-6A91-4E4C-9589-80C14D3A5A3E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{257B7919-6A91-4E4C-9589-80C14D3A5A3E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{257B7919-6A91-4E4C-9589-80C14D3A5A3E}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} . (.Microsoft Corporation - Microsoft SharePoint Portal Server Object M.) -- C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Service Google Update (gupdate1c9cb6791327190) (gupdate1c9cb6791327190) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 176.2.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Samsung Update Plus (Samsung Update Plus) . (...) - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.01921762F0525B17057ECEAD1ADFC22D] [APT] [EasyDisplayMgr] (.SAMSUNG Electronics.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
[MD5.5467F1FF0AF264566740F67E8B810735] [APT] [Google Software Updater] (.Google.) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] [APT] [Run RoboForm TaskBar Icon] (...) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (.not file.)
[MD5.5D539617604E953FD2DF852F4B51A383] [APT] [{99D7AF36-07EC-464C-BFB6-58D7238A898D}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 03s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\system32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\system32\drivers\tcpip.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: 2007 Microsoft Office system - (.Microsoft Corporation.) [HKLM] -- PROHYBRIDR
O42 - Logiciel: Adobe Acrobat 4.0 - (.Pas de propriétaire.) [HKLM] -- Adobe Acrobat 4.0
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Agere Systems HDA Modem - (.Agere Systems.) [HKLM] -- Agere Systems Soft Modem
O42 - Logiciel: Agfa ScanWise 1.50 - (.Pas de propriétaire.) [HKLM] -- Agfa ScanWise 1.50
O42 - Logiciel: Atheros WLAN Client - (.Pas de propriétaire.) [HKLM] -- {04983D37-2202-4295-94A2-8B547C66133F}
O42 - Logiciel: Audacity 1.2.3 - (.Pas de propriétaire.) [HKLM] -- Audacity_is1
O42 - Logiciel: CSWRLD32.EXE custom database - (.Pas de propriétaire.) [HKLM] -- {29519cc5-4a16-42a8-9765-7915adb2082f}.sdb
O42 - Logiciel: CamStudio 2.0 Fr - (.Pas de propriétaire.) [HKLM] -- CamStudio 2.0 Fr_is1
O42 - Logiciel: DivX Plus Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
O42 - Logiciel: Easy Battery Manager - (.Samsung.) [HKLM] -- {6F730513-8688-4C3C-90A3-6B9792CE2EF3}
O42 - Logiciel: Easy Display Manager - (.Samsung.) [HKLM] -- {17283B95-21A8-4996-97DA-547A48DB266F}
O42 - Logiciel: Easy SpeedUp Manager - (.Pas de propriétaire.) [HKLM] -- {EF367AA4-070B-493C-9575-85BE59D789C9}
O42 - Logiciel: Easy Video Capture 1.30 - (.VideoCap Info.) [HKLM] -- Easy Video Capture_is1
O42 - Logiciel: EasyBits GO - (.EasyBits Media.) [HKCU] -- Game Organizer
O42 - Logiciel: Everest Poker (Remove Only) - (.Pas de propriétaire.) [HKLM] -- Everest Poker
O42 - Logiciel: Everest Poker.fr (Remove Only) - (.Pas de propriétaire.) [HKLM] -- Everest Poker.fr
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: HyperCam 2 - (.Pas de propriétaire.) [HKLM] -- HyperCam 2
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Intel PROSet Wireless - (.Pas de propriétaire.) [HKLM] -- ProInst
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Le Petit Dinosaure, L'histoire merveilleuse Kiosque - (.Pas de propriétaire.) [HKLM] -- Le Petit Dinosaure, L'histoire merveilleuse Kiosque
O42 - Logiciel: Le Petit Dinosaure, Parc d'activités Kiosque - (.Pas de propriétaire.) [HKLM] -- Dellbtac
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Marvell Miniport Driver - (.Marvell.) [HKLM] -- Marvell Miniport Driver
O42 - Logiciel: Messenger Plus! 5 - (.Yuna Software.) [HKLM] -- Messenger Plus!
O42 - Logiciel: Micro Application - Dictionnaire encyclopédique 2001 - (.Pas de propriétaire.) [HKLM] -- dbulex01
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox (3.5.8) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.5.8)
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL
O42 - Logiciel: PlayCamera - (.Pas de propriétaire.) [HKLM] -- {804F1285-8CBF-408D-8CDC-D4D40003B2E4}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Samsung Magic Doctor - (.Samsung Electronics Co., LTD.) [HKLM] -- {32D6A58F-9659-446C-BBFC-E6F2B41F24DC}
O42 - Logiciel: Samsung Recovery Solution III - (.Samsung.) [HKLM] -- {145DE957-0679-4A2A-BB5C-1D3E9808FAB2}
O42 - Logiciel: Samsung Update Plus - (.Samsung Electronics Co., LTD.) [HKLM] -- InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}
O42 - Logiciel: Sauvez Willy 2 - (.Pas de propriétaire.) [HKLM] -- WillyDeinstKey
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CD907315-705A-4475-A1A0-2A1245803E4D}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A0173254-F442-4D04-9154-43FA157B83D0}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{1365864D-4C58-489D-9982-844D75691CCC}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2586924) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3B65DCBC-61EC-4578-9DF2-40D3B3829CD8}
O42 - Logiciel: User Guide - (.Pas de propriétaire.) [HKLM] -- {BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}
O42 - Logiciel: VideoLAN VLC media player 0.8.6f - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Vimicro UVC Camera - (.Vimicro Corporation.) [HKLM] -- {71A51B09-E7D3-11DB-A386-005056C00008}
O42 - Logiciel: Virtual Painter 5 (Standalone) - (.Pas de propriétaire.) [HKLM] -- Virtual Painter 5 (Standalone)
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\ASProtect]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Agfa]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Audacity]
[HKCU\Software\Classes.crx]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DT Soft]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EasyBits]
[HKCU\Software\Games]
[HKCU\Software\Geoplace]
[HKCU\Software\Google]
[HKCU\Software\Grand Virtual]
[HKCU\Software\Hyperionics]
[HKCU\Software\IM Providers]
[HKCU\Software\Iminent]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Jitit Virtual Registry]
[HKCU\Software\LeaderTech]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\ManyCam 2.4]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OfferBox]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SCATLAWS]
[HKCU\Software\SCS Software]
[HKCU\Software\Samsung]
[HKCU\Software\SecuROM]
[HKCU\Software\Siber Systems]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\Spointer]
[HKCU\Software\Synaptics]
[HKCU\Software\Synthesia]
[HKCU\Software\SysInternals]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\Widcomm]
[HKCU\Software\WinLicense]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yuna Software]
[HKCU\Software\Zylom]
[HKCU\Software\cevo]
[HKCU\Software\keyhole.com]
[HKCU\Software\shockwave.com]
[HKCU\Software\thriXXX]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ASKInstaller]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\Agere]
[HKLM\Software\Agfa]
[HKLM\Software\Ahead]
[HKLM\Software\America Online]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Applied Networking]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\DT Soft]
[HKLM\Software\Debug]
[HKLM\Software\Digital River]
[HKLM\Software\DivXNetworks]
[HKLM\Software\GEAR Software]
[HKLM\Software\Games]
[HKLM\Software\Google]
[HKLM\Software\Hyperionics]
[HKLM\Software\Iminent]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Linden Research, Inc.]
[HKLM\Software\LiveCraft]
[HKLM\Software\Macromedia]
[HKLM\Software\ManyCam]
[HKLM\Software\Marvell]
[HKLM\Software\Micro Application]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\PocketSoft]
[HKLM\Software\Policies]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SAMSUNG]
[HKLM\Software\SSI]
[HKLM\Software\STURM]
[HKLM\Software\Siber Systems]
[HKLM\Software\Skype]
[HKLM\Software\Solborn]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\Synthesia]
[HKLM\Software\Utherverse Digital Inc]
[HKLM\Software\VideoLAN]
[HKLM\Software\Vimicro Corporation]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Widcomm]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yuna Software]
[HKLM\Software\ZSMC]
[HKLM\Software\flightgear.org]
[HKLM\Software\mozilla.org]
[HKLM\Software\thriXXX]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/08/2011 - 10:39:56 - [218285393] ----D- C:\Program Files\Adobe
O43 - CFD: 25/04/2009 - 18:11:42 - [17592521] ----D- C:\Program Files\Agfa
O43 - CFD: 12/08/2010 - 10:26:58 - [159962561] ----D- C:\Program Files\Alwil Software
O43 - CFD: 10/08/2010 - 17:18:22 - [59] ----D- C:\Program Files\Anuman Interactive
O43 - CFD: 29/01/2011 - 18:35:26 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 30/12/2008 - 03:36:44 - [1060483] ----D- C:\Program Files\Atheros WLAN Client
O43 - CFD: 28/11/20
rapport zhp diag ( fichier avec extension, pas pu utiliser le site )
Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011
Run by steph at 07/09/2011 20:16:26
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox v3.5.8 (fr) (Defaut)
---\\ Windows Product Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : DCXVT
Windows License : OK
Windows Automatic Updates : OK
---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3065 MB (48% free)
System Restore: Activé (Enable)
System drive C: has 25 GB (17%) free of 144 GB
---\\ Logged in mode
~ Computer Name: PC-DE-STEPH
~ User Name: steph
~ All Users Names: steph, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\steph\AppData\Roaming\
~ %Desktop% : C:\Users\steph\Documents\Desktop\
~ %Favorites% : C:\Users\steph\Favorites\
~ %LocalAppData% : C:\Users\steph\AppData\Local\
~ %StartMenu% : C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 25 Go of 144 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 143 Go of 144 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.20/10/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.4B555106290BD117334E9A08761C035A] - (....) (.06/01/2009 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.06/01/2009 - 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.2C7332C222D1FE1FC57D622699A8C001] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.27/08/2011 - 15:04:54.) -- C:\Windows\system32\wininet.dll [1126912]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/10/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.06/01/2009 - 03:23:00.) -- C:\Windows\system32\drivers\atapi.sys [21560]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.20/10/2009 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]
[MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.06/01/2009 - 02:19:42.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/126
~ Mes musiques (My Musics) : 5/34
~ Mes Videos (My Videos) : 1/6
~ Mes Favoris (My Favorites) : 4/79
~ Mes Documents (My Documents) : 21/441
~ Mon Bureau (My Desktop) : 13/139
~ Menu demarrer (Programs) : 7/33
~ Scan Hidden Files in 00mn 00s
---\\ Processus lancés
[MD5.0C7FF4C27E0507AF230477037E65E36D] - (.SAMSUNG Electronics co., LTD. - Easy Battery Manager 3.) -- C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [352256] [PID.2304]
[MD5.01921762F0525B17057ECEAD1ADFC22D] - (.SAMSUNG Electronics - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [679936] [PID.2328]
[MD5.787311D77B29EE718A1A22859C3E4F6F] - (.Samsung Electronics Co., Ltd. - Samsung Magic Doctor Launcher.) -- C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [45056] [PID.2340]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3912]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\Windows\System32\rundll32.exe [44544] [PID.]
[MD5.AD5F3CC0FAC049F9676639E486B63913] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6273568] [PID.3984]
[MD5.A37B2AB33BFF3C6705DC2C016328DD2F] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416] [PID.3992]
[MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3493720] [PID.4000]
[MD5.53D96678FB89F056D5285101481297D9] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160] [PID.2520]
[MD5.95D2D473B44D5245F87FCDD6646A89F7] - (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe [800768] [PID.3112]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.3216]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.1912]
[MD5.5D539617604E953FD2DF852F4B51A383] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [15141768] [PID.1568]
[MD5.2C9610B089C66D60792447ED011E589B] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [723496] [PID.1440]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3288]
[MD5.11E8D8272FDBE213ADE3DAD91427CE35] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [11322880] [PID.3356]
[MD5.2337EC951C4AF6E1AF65D10BD9615BEB] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [11314688] [PID.4108]
[MD5.406B889157DB84032CE6A51D043CAE29] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [95528] [PID.2412]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472] [PID.5380]
[MD5.904E13BA41AF2E353A32CF351CA53639] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [748336] [PID.4860]
[MD5.65F8418C1BD51981059269F2A833F28A] - (.Microsoft Corporation. - Bing Client Extensions.) -- C:\Program Files\Microsoft\BingBar\BingBar.exe [391944] [PID.3272]
[MD5.6DB2174CAE7EB19520C8596D3CC976D0] - (.Microsoft Corporation. - Bing Client Application Process.) -- C:\Program Files\Microsoft\BingBar\BingApp.exe [259848] [PID.5344]
[MD5.0AB420B203BFC541DE65CFBD88470D3A] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10t_ActiveX.exe [240288] [PID.4996]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3104]
[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [669696] [PID.6044]
[MD5.DF6315CE4FF30F706ABF3802D7749E70] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 176.2.) -- C:\Windows\system32\nvvsvc.exe [196608] [PID.]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.]
[MD5.D16C826F375A44802BF317982E81A7E2] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [PID.]
[MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Infrastructure d'extensibilité pour les ser.) -- C:\Windows\system32\WLANExt.exe [74240] [PID.]
[MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664] [PID.]
[MD5.F2060A34C8A75BC24A9222EB4F8C07BD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [349472] [PID.]
[MD5.2D41D7250F73272946DE04FF7A19761E] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [819200] [PID.]
[MD5.ED8C9F16E10C1E4C4C5D16CD04966E24] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944] [PID.]
[MD5.A1545B731579895D8CC44FC0481C1192] - (.Microsoft Corporation - Service de la passerelle de la couche Appli.) -- C:\Windows\System32\alg.exe [59392] [PID.]
[MD5.B84A28B3984185EDA8867541AF14CDDB] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820520] [PID.]
~ Scan Processes Running in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.bing.com
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
G2 - GCE: Preference [User Data\Default] [bjeikeheijdjdfjbmknpefojickbkmom] Offerbox v.2.2.2468.40 (Activé)
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\prefs.js
C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\user.js (.not file.)
M3 - MFPP: Plugins - [steph] -- C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\searchplugins\conduit.xml
M3 - MFPP: Plugins - [steph] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [steph] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [steph] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [steph] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [steph] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [steph] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [steph - ud0pvjks.default] http://search.conduit.com/?ctid=CT2567681&SearchSource=13
M2 - MFEP: prefs.js [steph - ud0pvjks.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)
M2 - MFEP: prefs.js [steph - ud0pvjks.default\{59994074-c06d-4a75-9768-49e5a8c21264}] [] Messenger Plus Live France Toolbar v2.6.0.15 (.Conduit Ltd..)
M2 - MFEP: prefs.js [steph - ud0pvjks.default\{7a88e876-d715-4503-a7bf-a8eba13ca3f9}] [] SocialPlus v2.6.0.15 (.SocialPlus.)
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.6.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.0.254.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=13] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKUS\S-1-5-21-654576895-2124832399-4043957946-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-654576895-2124832399-4043957946-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: (no name) - {59994074-c06d-4a75-9768-49e5a8c21264} . (...) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- "C:\Program Files\Microsoft\BingBar\BingExt.dll"
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\IMBooster.exe (.not file.)
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [PlusService] . (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-654576895-2124832399-4043957946-1003\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-654576895-2124832399-4043957946-1003\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-654576895-2124832399-4043957946-1003\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-654576895-2124832399-4043957946-1003\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jouer (EasyBits GO).lnk . (.EasyBits Software AS.) -- C:\ProgramData\Easybits GO\EasyBitsGO.exe
O4 - Global Startup: C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\steph\Desktop\Audacity.lnk . (...) -- C:\Program Files\Audacity\audacity.exe
O4 - Global Startup: C:\Users\steph\Desktop\CamStudio.lnk . (...) -- C:\Program Files\CamStudio\Recorder.exe
O4 - Global Startup: C:\Users\steph\Desktop\Easy Video Capture.lnk . (...) -- C:\Program Files\Easy Video Capture\VideoCap.exe
O4 - Global Startup: C:\Users\steph\Desktop\HyperCam 2.lnk . (.Hyperionics.) -- C:\Program Files\HyCam2\HyCam2.exe
O4 - Global Startup: C:\Users\steph\Desktop\Jeux.lnk - Clé orpheline
O4 - Global Startup: C:\Users\steph\Desktop\msn.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\steph\Desktop\Ordinateur.lnk - Clé orpheline
O4 - Global Startup: C:\Users\steph\Desktop\s.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\steph\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\steph\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\steph\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~2\Office10\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: Microsoft XML Parser for Java - (Microsoft XML Parser for Java) - (.not file.) - C:\Windows\Java\classes\xmldso.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.jeux.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{257B7919-6A91-4E4C-9589-80C14D3A5A3E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{257B7919-6A91-4E4C-9589-80C14D3A5A3E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{257B7919-6A91-4E4C-9589-80C14D3A5A3E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{257B7919-6A91-4E4C-9589-80C14D3A5A3E}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} . (.Microsoft Corporation - Microsoft SharePoint Portal Server Object M.) -- C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Service Google Update (gupdate1c9cb6791327190) (gupdate1c9cb6791327190) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 176.2.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Samsung Update Plus (Samsung Update Plus) . (...) - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.01921762F0525B17057ECEAD1ADFC22D] [APT] [EasyDisplayMgr] (.SAMSUNG Electronics.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
[MD5.5467F1FF0AF264566740F67E8B810735] [APT] [Google Software Updater] (.Google.) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] [APT] [Run RoboForm TaskBar Icon] (...) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (.not file.)
[MD5.5D539617604E953FD2DF852F4B51A383] [APT] [{99D7AF36-07EC-464C-BFB6-58D7238A898D}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 03s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\system32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\system32\drivers\tcpip.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: 2007 Microsoft Office system - (.Microsoft Corporation.) [HKLM] -- PROHYBRIDR
O42 - Logiciel: Adobe Acrobat 4.0 - (.Pas de propriétaire.) [HKLM] -- Adobe Acrobat 4.0
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Agere Systems HDA Modem - (.Agere Systems.) [HKLM] -- Agere Systems Soft Modem
O42 - Logiciel: Agfa ScanWise 1.50 - (.Pas de propriétaire.) [HKLM] -- Agfa ScanWise 1.50
O42 - Logiciel: Atheros WLAN Client - (.Pas de propriétaire.) [HKLM] -- {04983D37-2202-4295-94A2-8B547C66133F}
O42 - Logiciel: Audacity 1.2.3 - (.Pas de propriétaire.) [HKLM] -- Audacity_is1
O42 - Logiciel: CSWRLD32.EXE custom database - (.Pas de propriétaire.) [HKLM] -- {29519cc5-4a16-42a8-9765-7915adb2082f}.sdb
O42 - Logiciel: CamStudio 2.0 Fr - (.Pas de propriétaire.) [HKLM] -- CamStudio 2.0 Fr_is1
O42 - Logiciel: DivX Plus Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
O42 - Logiciel: Easy Battery Manager - (.Samsung.) [HKLM] -- {6F730513-8688-4C3C-90A3-6B9792CE2EF3}
O42 - Logiciel: Easy Display Manager - (.Samsung.) [HKLM] -- {17283B95-21A8-4996-97DA-547A48DB266F}
O42 - Logiciel: Easy SpeedUp Manager - (.Pas de propriétaire.) [HKLM] -- {EF367AA4-070B-493C-9575-85BE59D789C9}
O42 - Logiciel: Easy Video Capture 1.30 - (.VideoCap Info.) [HKLM] -- Easy Video Capture_is1
O42 - Logiciel: EasyBits GO - (.EasyBits Media.) [HKCU] -- Game Organizer
O42 - Logiciel: Everest Poker (Remove Only) - (.Pas de propriétaire.) [HKLM] -- Everest Poker
O42 - Logiciel: Everest Poker.fr (Remove Only) - (.Pas de propriétaire.) [HKLM] -- Everest Poker.fr
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: HyperCam 2 - (.Pas de propriétaire.) [HKLM] -- HyperCam 2
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Intel PROSet Wireless - (.Pas de propriétaire.) [HKLM] -- ProInst
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Le Petit Dinosaure, L'histoire merveilleuse Kiosque - (.Pas de propriétaire.) [HKLM] -- Le Petit Dinosaure, L'histoire merveilleuse Kiosque
O42 - Logiciel: Le Petit Dinosaure, Parc d'activités Kiosque - (.Pas de propriétaire.) [HKLM] -- Dellbtac
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Marvell Miniport Driver - (.Marvell.) [HKLM] -- Marvell Miniport Driver
O42 - Logiciel: Messenger Plus! 5 - (.Yuna Software.) [HKLM] -- Messenger Plus!
O42 - Logiciel: Micro Application - Dictionnaire encyclopédique 2001 - (.Pas de propriétaire.) [HKLM] -- dbulex01
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox (3.5.8) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.5.8)
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL
O42 - Logiciel: PlayCamera - (.Pas de propriétaire.) [HKLM] -- {804F1285-8CBF-408D-8CDC-D4D40003B2E4}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Samsung Magic Doctor - (.Samsung Electronics Co., LTD.) [HKLM] -- {32D6A58F-9659-446C-BBFC-E6F2B41F24DC}
O42 - Logiciel: Samsung Recovery Solution III - (.Samsung.) [HKLM] -- {145DE957-0679-4A2A-BB5C-1D3E9808FAB2}
O42 - Logiciel: Samsung Update Plus - (.Samsung Electronics Co., LTD.) [HKLM] -- InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}
O42 - Logiciel: Sauvez Willy 2 - (.Pas de propriétaire.) [HKLM] -- WillyDeinstKey
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CD907315-705A-4475-A1A0-2A1245803E4D}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A0173254-F442-4D04-9154-43FA157B83D0}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{1365864D-4C58-489D-9982-844D75691CCC}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2586924) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3B65DCBC-61EC-4578-9DF2-40D3B3829CD8}
O42 - Logiciel: User Guide - (.Pas de propriétaire.) [HKLM] -- {BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}
O42 - Logiciel: VideoLAN VLC media player 0.8.6f - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Vimicro UVC Camera - (.Vimicro Corporation.) [HKLM] -- {71A51B09-E7D3-11DB-A386-005056C00008}
O42 - Logiciel: Virtual Painter 5 (Standalone) - (.Pas de propriétaire.) [HKLM] -- Virtual Painter 5 (Standalone)
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\ASProtect]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Agfa]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Audacity]
[HKCU\Software\Classes.crx]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DT Soft]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EasyBits]
[HKCU\Software\Games]
[HKCU\Software\Geoplace]
[HKCU\Software\Google]
[HKCU\Software\Grand Virtual]
[HKCU\Software\Hyperionics]
[HKCU\Software\IM Providers]
[HKCU\Software\Iminent]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Jitit Virtual Registry]
[HKCU\Software\LeaderTech]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\ManyCam 2.4]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OfferBox]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SCATLAWS]
[HKCU\Software\SCS Software]
[HKCU\Software\Samsung]
[HKCU\Software\SecuROM]
[HKCU\Software\Siber Systems]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\Spointer]
[HKCU\Software\Synaptics]
[HKCU\Software\Synthesia]
[HKCU\Software\SysInternals]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\Widcomm]
[HKCU\Software\WinLicense]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yuna Software]
[HKCU\Software\Zylom]
[HKCU\Software\cevo]
[HKCU\Software\keyhole.com]
[HKCU\Software\shockwave.com]
[HKCU\Software\thriXXX]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ASKInstaller]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\Agere]
[HKLM\Software\Agfa]
[HKLM\Software\Ahead]
[HKLM\Software\America Online]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Applied Networking]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\DT Soft]
[HKLM\Software\Debug]
[HKLM\Software\Digital River]
[HKLM\Software\DivXNetworks]
[HKLM\Software\GEAR Software]
[HKLM\Software\Games]
[HKLM\Software\Google]
[HKLM\Software\Hyperionics]
[HKLM\Software\Iminent]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Linden Research, Inc.]
[HKLM\Software\LiveCraft]
[HKLM\Software\Macromedia]
[HKLM\Software\ManyCam]
[HKLM\Software\Marvell]
[HKLM\Software\Micro Application]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\PocketSoft]
[HKLM\Software\Policies]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SAMSUNG]
[HKLM\Software\SSI]
[HKLM\Software\STURM]
[HKLM\Software\Siber Systems]
[HKLM\Software\Skype]
[HKLM\Software\Solborn]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\Synthesia]
[HKLM\Software\Utherverse Digital Inc]
[HKLM\Software\VideoLAN]
[HKLM\Software\Vimicro Corporation]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Widcomm]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yuna Software]
[HKLM\Software\ZSMC]
[HKLM\Software\flightgear.org]
[HKLM\Software\mozilla.org]
[HKLM\Software\thriXXX]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/08/2011 - 10:39:56 - [218285393] ----D- C:\Program Files\Adobe
O43 - CFD: 25/04/2009 - 18:11:42 - [17592521] ----D- C:\Program Files\Agfa
O43 - CFD: 12/08/2010 - 10:26:58 - [159962561] ----D- C:\Program Files\Alwil Software
O43 - CFD: 10/08/2010 - 17:18:22 - [59] ----D- C:\Program Files\Anuman Interactive
O43 - CFD: 29/01/2011 - 18:35:26 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 30/12/2008 - 03:36:44 - [1060483] ----D- C:\Program Files\Atheros WLAN Client
O43 - CFD: 28/11/20
O43 - CFD: 28/11/2009 - 00:58:14 - [7535452] ----D- C:\Program Files\Audacity
O43 - CFD: 09/05/2011 - 20:46:12 - [621125] ----D- C:\Program Files\Bonjour
O43 - CFD: 24/05/2009 - 15:21:46 - [8387129] ----D- C:\Program Files\CamStudio
O43 - CFD: 30/12/2008 - 03:37:24 - [6221977] ----D- C:\Program Files\Cisco
O43 - CFD: 14/08/2011 - 17:26:00 - [999586805] ----D- C:\Program Files\Common Files
O43 - CFD: 15/02/2010 - 14:46:18 - [10314692] ----D- C:\Program Files\DivX
O43 - CFD: 24/05/2009 - 15:06:42 - [1006454] ----D- C:\Program Files\Easy Video Capture
O43 - CFD: 10/12/2010 - 22:30:16 - [25771058] ----D- C:\Program Files\Everest Poker
O43 - CFD: 04/09/2010 - 19:39:58 - [18358909] ----D- C:\Program Files\Everest Poker.fr
O43 - CFD: 22/03/2009 - 05:51:48 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 08/08/2010 - 11:36:00 - [0] ----D- C:\Program Files\Fluendo
O43 - CFD: 12/06/2011 - 00:14:22 - [31] ----D- C:\Program Files\Freeciv-2.2.1-sdl
O43 - CFD: 25/07/2011 - 13:48:16 - [96743131] ----D- C:\Program Files\Google
O43 - CFD: 24/12/2009 - 17:32:24 - [1471209] ----D- C:\Program Files\HyCam2
O43 - CFD: 12/06/2011 - 12:46:52 - [36579297] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 30/12/2008 - 03:37:22 - [70860865] ----D- C:\Program Files\Intel
O43 - CFD: 27/08/2011 - 16:07:14 - [6536747] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 01/07/2011 - 20:07:14 - [1856627] ----D- C:\Program Files\iPod
O43 - CFD: 01/07/2011 - 20:08:22 - [128332719] ----D- C:\Program Files\iTunes
O43 - CFD: 14/08/2011 - 17:05:04 - [89503829] ----D- C:\Program Files\Java
O43 - CFD: 30/12/2008 - 03:35:56 - [2504516] ----D- C:\Program Files\Marvell
O43 - CFD: 01/06/2009 - 17:19:18 - [114366538] ----D- C:\Program Files\Micro Application
O43 - CFD: 26/08/2011 - 08:23:24 - [23110624] ----D- C:\Program Files\Microsoft
O43 - CFD: 12/06/2011 - 12:47:32 - [100423038] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 16/07/2011 - 22:14:28 - [717748798] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 30/09/2009 - 18:58:16 - [1559148] ----D- C:\Program Files\Microsoft Office Outlook Connector
O43 - CFD: 30/12/2008 - 04:34:34 - [7791803] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 19/06/2011 - 23:48:14 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 08/08/2010 - 15:22:04 - [62160] ----D- C:\Program Files\Microsoft Small Business
O43 - CFD: 15/10/2009 - 18:42:08 - [50669474] ----D- C:\Program Files\Microsoft SQL Server
O43 - CFD: 30/09/2009 - 18:56:14 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 30/09/2009 - 18:57:34 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 30/12/2008 - 04:31:36 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 25/01/2010 - 18:23:20 - [3726168] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 08/08/2010 - 15:23:40 - [8167779] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 10/08/2011 - 10:26:48 - [99342446] ----D- C:\Program Files\Movie Maker
O43 - CFD: 27/07/2011 - 11:14:56 - [29468525] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 30/12/2008 - 03:44:26 - [0] ----D- C:\Program Files\MSSOAP
O43 - CFD: 06/07/2011 - 09:35:32 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 18/04/2010 - 22:58:22 - [782336] ----D- C:\Program Files\OpenAL
O43 - CFD: 02/05/2011 - 11:23:42 - [352657674] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 29/01/2011 - 18:37:30 - [76322555] ----D- C:\Program Files\QuickTime
O43 - CFD: 17/12/2009 - 22:57:16 - [0] ----D- C:\Program Files\Real
O43 - CFD: 30/12/2008 - 03:34:20 - [12193726] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 22/03/2009 - 05:55:54 - [342190025] ----D- C:\Program Files\Samsung
O43 - CFD: 12/08/2011 - 10:45:50 - [15141852] R---D- C:\Program Files\Skype
O43 - CFD: 30/12/2008 - 03:41:36 - [14268848] ----D- C:\Program Files\Synaptics
O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 12/06/2011 - 00:13:08 - [0] ----D- C:\Program Files\Utherverse Digital Inc
O43 - CFD: 09/05/2009 - 10:39:20 - [33338768] ----D- C:\Program Files\VideoLAN
O43 - CFD: 30/12/2008 - 03:40:50 - [2240787] ----D- C:\Program Files\Vimicro Corporation
O43 - CFD: 27/07/2011 - 21:31:54 - [11445584] ----D- C:\Program Files\vp5e
O43 - CFD: 30/12/2008 - 03:39:18 - [8724802] ----D- C:\Program Files\WIDCOMM
O43 - CFD: 10/08/2011 - 10:26:48 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 10/08/2011 - 10:26:48 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 10/08/2011 - 10:26:46 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 10/08/2011 - 10:26:48 - [7084664] ----D- C:\Program Files\Windows Journal
O43 - CFD: 26/08/2011 - 08:25:02 - [147801020] ----D- C:\Program Files\Windows Live
O43 - CFD: 22/03/2009 - 12:21:24 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 12/08/2011 - 10:17:46 - [9116344] ----D- C:\Program Files\Windows Mail
O43 - CFD: 10/08/2011 - 10:26:48 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 22/03/2009 - 05:51:48 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 10/08/2011 - 10:26:48 - [13528738] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 12/08/2011 - 10:18:26 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 10/08/2011 - 10:26:48 - [6674851] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 13/03/2010 - 14:30:26 - [3882468] ----D- C:\Program Files\WinRAR
O43 - CFD: 27/07/2011 - 11:12:02 - [19295040] ----D- C:\Program Files\Yuna Software
O43 - CFD: 07/09/2011 - 20:16:46 - [4013926] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 23/12/2009 - 01:02:40 - [0] ----D- C:\Program Files\Zylom Games
O43 - CFD: 10/08/2011 - 10:40:22 - [6777445] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 01/07/2011 - 20:07:10 - [92089804] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 30/12/2008 - 04:31:36 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 15/02/2010 - 14:46:10 - [1619968] ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD: 11/04/2009 - 09:54:28 - [11406075] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 30/12/2008 - 03:37:22 - [7675408] ----D- C:\Program Files\Common Files\Intel
O43 - CFD: 14/08/2011 - 17:26:00 - [1258951] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 19/06/2011 - 19:24:46 - [470607859] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 30/12/2008 - 03:44:26 - [568832] ----D- C:\Program Files\Common Files\MSSoap
O43 - CFD: 23/12/2009 - 01:01:38 - [0] ----D- C:\Program Files\Common Files\Real
O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 10/08/2011 - 10:26:46 - [54252477] ----D- C:\Program Files\Common Files\System
O43 - CFD: 22/03/2009 - 12:17:00 - [312132573] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 10/08/2011 - 10:40:22 - [763] ----D- C:\ProgramData\Adobe
O43 - CFD: 11/11/2010 - 00:15:52 - [36633316] ----D- C:\ProgramData\Alwil Software
O43 - CFD: 29/01/2011 - 18:33:02 - [88562176] ----D- C:\ProgramData\Apple
O43 - CFD: 01/07/2011 - 20:07:04 - [66637608] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 22/03/2009 - 05:51:48 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 03/03/2011 - 23:39:42 - [1348] ----D- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 12/08/2011 - 10:44:00 - [11347070] ----D- C:\ProgramData\Easybits GO
O43 - CFD: 22/03/2009 - 05:51:48 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 06/09/2011 - 20:46:48 - [13766] ----D- C:\ProgramData\Google Updater
O43 - CFD: 30/12/2008 - 03:37:22 - [956] ----D- C:\ProgramData\Intel
O43 - CFD: 02/08/2009 - 23:27:22 - [15190] ----D- C:\ProgramData\McAfee
O43 - CFD: 22/03/2009 - 05:51:48 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 10/02/2010 - 17:18:04 - [3284868] ----D- C:\ProgramData\Messenger Plus!
O43 - CFD: 26/08/2011 - 08:23:36 - [176257075] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 12/08/2011 - 01:27:52 - [53418] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 22/03/2009 - 05:51:48 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 10/08/2011 - 10:22:36 - [189747] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 17/12/2009 - 22:57:48 - [78] ----D- C:\ProgramData\Real
O43 - CFD: 30/12/2008 - 03:37:54 - [143] ----D- C:\ProgramData\Roaming
O43 - CFD: 12/07/2010 - 22:21:44 - [96] ----D- C:\ProgramData\RoboForm
O43 - CFD: 30/12/2008 - 03:49:22 - [172032] ----D- C:\ProgramData\SAMSUNG
O43 - CFD: 12/08/2011 - 10:45:38 - [79217045] ----D- C:\ProgramData\Skype
O43 - CFD: 11/08/2011 - 00:07:46 - [40646824] ----D- C:\ProgramData\Skype Extras
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 01/05/2011 - 12:21:50 - [155] ----D- C:\ProgramData\Sun
O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 17/08/2009 - 23:18:18 - [0] ----D- C:\ProgramData\Zylom
O43 - CFD: 29/01/2011 - 18:39:16 - [541235] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 12/04/2011 - 18:40:12 - [26280] ----D- C:\Users\steph\AppData\Roaming\.freeciv
O43 - CFD: 05/04/2009 - 14:24:18 - [4759877] ----D- C:\Users\steph\AppData\Roaming\Adobe
O43 - CFD: 29/01/2011 - 18:43:50 - [199383] ----D- C:\Users\steph\AppData\Roaming\Apple Computer
O43 - CFD: 12/06/2011 - 00:08:42 - [0] ----D- C:\Users\steph\AppData\Roaming\Atari
O43 - CFD: 04/03/2011 - 13:34:42 - [1191] ----D- C:\Users\steph\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 02/05/2009 - 23:19:24 - [3026] ----D- C:\Users\steph\AppData\Roaming\flightgear.org
O43 - CFD: 18/04/2010 - 23:00:28 - [97] ----D- C:\Users\steph\AppData\Roaming\fltk.org
O43 - CFD: 12/08/2011 - 10:43:46 - [865488] ----D- C:\Users\steph\AppData\Roaming\go
O43 - CFD: 15/07/2009 - 17:15:34 - [2721] ----D- C:\Users\steph\AppData\Roaming\Hamachi
O43 - CFD: 22/03/2009 - 05:56:42 - [0] ----D- C:\Users\steph\AppData\Roaming\Identities
O43 - CFD: 17/08/2011 - 01:24:20 - [0] ----D- C:\Users\steph\AppData\Roaming\Intel
O43 - CFD: 04/03/2011 - 13:42:52 - [0] ----D- C:\Users\steph\AppData\Roaming\Leadertech
O43 - CFD: 22/03/2009 - 06:37:18 - [3136298] ----D- C:\Users\steph\AppData\Roaming\Macromedia
O43 - CFD: 16/05/2009 - 21:41:42 - [4329] ----D- C:\Users\steph\AppData\Roaming\ManyCam
O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\steph\AppData\Roaming\Media Center Programs
O43 - CFD: 02/05/2011 - 11:13:38 - [21666724] -S--D- C:\Users\steph\AppData\Roaming\Microsoft
O43 - CFD: 29/07/2009 - 21:03:50 - [4415163] ----D- C:\Users\steph\AppData\Roaming\Microsoft Games
O43 - CFD: 15/07/2010 - 00:42:34 - [590043] ----D- C:\Users\steph\AppData\Roaming\moovida-1
O43 - CFD: 04/08/2009 - 23:23:40 - [2988755] ----D- C:\Users\steph\AppData\Roaming\Mozilla
O43 - CFD: 08/08/2010 - 11:32:26 - [466] ----D- C:\Users\steph\AppData\Roaming\OfferBox
O43 - CFD: 02/05/2011 - 11:27:08 - [1708476] ----D- C:\Users\steph\AppData\Roaming\OpenOffice.org
O43 - CFD: 10/05/2010 - 21:22:46 - [0] ----D- C:\Users\steph\AppData\Roaming\PeerNetworking
O43 - CFD: 23/12/2009 - 01:01:38 - [204267] ----D- C:\Users\steph\AppData\Roaming\Real
O43 - CFD: 29/03/2011 - 20:00:38 - [8993] ----D- C:\Users\steph\AppData\Roaming\Rovio
O43 - CFD: 27/12/2010 - 21:05:22 - [6117474] ----D- C:\Users\steph\AppData\Roaming\SecondLife
O43 - CFD: 07/09/2011 - 20:11:04 - [11400655] ----D- C:\Users\steph\AppData\Roaming\Skype
O43 - CFD: 28/05/2011 - 16:01:42 - [424584] ----D- C:\Users\steph\AppData\Roaming\skypePM
O43 - CFD: 25/04/2011 - 18:37:28 - [11943] ----D- C:\Users\steph\AppData\Roaming\Synthesia
O43 - CFD: 26/12/2010 - 23:43:00 - [374742810] ----D- C:\Users\steph\AppData\Roaming\thriXXX
O43 - CFD: 26/12/2010 - 21:32:04 - [2639] ----D- C:\Users\steph\AppData\Roaming\Utherverse
O43 - CFD: 29/07/2010 - 23:35:42 - [494] ----D- C:\Users\steph\AppData\Roaming\Vivox
O43 - CFD: 09/05/2009 - 10:39:50 - [371392] ----D- C:\Users\steph\AppData\Roaming\vlc
O43 - CFD: 19/03/2011 - 15:50:44 - [0] ----D- C:\Users\steph\AppData\Roaming\Windows Live Writer
O43 - CFD: 13/03/2010 - 14:30:42 - [12] ----D- C:\Users\steph\AppData\Roaming\WinRAR
O43 - CFD: 25/11/2009 - 21:23:08 - [4094] ----D- C:\Users\steph\AppData\Roaming\Wormux
O43 - CFD: 10/08/2011 - 10:39:20 - [53090037] ----D- C:\Users\steph\AppData\Local\Adobe
O43 - CFD: 29/01/2011 - 18:35:28 - [69018920] ----D- C:\Users\steph\AppData\Local\Apple
O43 - CFD: 21/06/2011 - 19:38:38 - [5458275] ----D- C:\Users\steph\AppData\Local\Apple Computer
O43 - CFD: 22/03/2009 - 05:55:12 - [0] -SH-D- C:\Users\steph\AppData\Local\Application Data
O43 - CFD: 12/06/2011 - 00:19:34 - [0] ----D- C:\Users\steph\AppData\Local\Conduit
O43 - CFD: 31/03/2010 - 20:21:02 - [264775115] ----D- C:\Users\steph\AppData\Local\Google
O43 - CFD: 22/03/2009 - 05:55:12 - [0] -SH-D- C:\Users\steph\AppData\Local\Historique
O43 - CFD: 27/07/2011 - 21:32:02 - [1367277] ----D- C:\Users\steph\AppData\Local\LiveCraft
O43 - CFD: 26/08/2011 - 12:10:34 - [1826223297] ----D- C:\Users\steph\AppData\Local\Microsoft
O43 - CFD: 20/01/2010 - 18:56:24 - [2015810] ----D- C:\Users\steph\AppData\Local\Microsoft Games
O43 - CFD: 21/10/2009 - 18:32:14 - [0] ----D- C:\Users\steph\AppData\Local\Microsoft Help
O43 - CFD: 08/08/2010 - 11:30:20 - [234375] ----D- C:\Users\steph\AppData\Local\moovida Air
O43 - CFD: 04/08/2009 - 23:23:22 - [58170213] ----D- C:\Users\steph\AppData\Local\Mozilla
O43 - CFD: 06/01/2011 - 22:45:46 - [152805294] ----D- C:\Users\steph\AppData\Local\SecondLife
O43 - CFD: 07/09/2011 - 20:14:18 - [2631797732] ----D- C:\Users\steph\AppData\Local\Temp
O43 - CFD: 22/03/2009 - 05:55:12 - [0] -SH-D- C:\Users\steph\AppData\Local\Temporary Internet Files
O43 - CFD: 05/04/2009 - 14:24:18 - [1875184212] ----D- C:\Users\steph\AppData\Local\VirtualStore
O43 - CFD: 19/03/2011 - 15:50:46 - [373674] ----D- C:\Users\steph\AppData\Local\Windows Live Writer
~ Scan Program Folder in 00mn 22s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.34DD3245D753E0BD31E1F593F1654C79] - 07/09/2011 - 19:00:07 ---A- . (...) -- C:\WinChk.txt [2150]
O44 - LFC:[MD5.E78AFBEF25819951FF2DF746030976EF] - 07/09/2011 - 18:42:06 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1620125]
O44 - LFC:[MD5.32497DF9AD0D790B664DB6167052A2F9] - 07/09/2011 - 18:07:13 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.A1713657C6BD8E0A26E47D722D2B6DDD] - 04/09/2011 - 22:00:34 ---A- . (...) -- C:\Windows\setupact.log [138157]
O44 - LFC:[MD5.DEE796D390675293F3B678DE2FBBB665] - 27/08/2011 - 15:06:59 ---A- . (...) -- C:\Windows\IE9_main.log [25327]
O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 27/08/2011 - 15:05:07 ---A- . (...) -- C:\Windows\system32\icrav03.rat [8798]
O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 27/08/2011 - 15:05:07 ---A- . (...) -- C:\Windows\system32\ticrf.rat [1988]
O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 27/08/2011 - 15:04:52 ---A- . (...) -- C:\Windows\system32\ieuinit.inf [72822]
O44 - LFC:[MD5.BF897D63FF3AB8DA41DD456B248FB1C7] - 26/08/2011 - 16:02:03 ---A- . (...) -- C:\Windows\MEMORY.DMP [354663522]
O44 - LFC:[MD5.ED72F576F2584362CC9D5BCE003B17A0] - 26/08/2011 - 07:19:44 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1527530]
O44 - LFC:[MD5.FC8D0D305DB657ABD22563C9A811857B] - 26/08/2011 - 07:19:44 ---A- . (...) -- C:\Windows\system32\perfc009.dat [104914]
O44 - LFC:[MD5.91EF7D5E8F7F1F6F1D14F785DC27CC6C] - 26/08/2011 - 07:19:44 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [127504]
O44 - LFC:[MD5.E42FB8AB58AD95A65CB9688B68324EFC] - 26/08/2011 - 07:19:44 ---A- . (...) -- C:\Windows\system32\perfh009.dat [598900]
O44 - LFC:[MD5.2CB274A78E0D456C84531014F92B81D6] - 26/08/2011 - 07:19:44 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [681798]
O44 - LFC:[MD5.7D9923D572F4D01741507F01506DF89B] - 22/08/2011 - 11:53:15 ---A- . (...) -- C:\Windows\win.ini [1175]
O44 - LFC:[MD5.48B129FD2DC9F3C898BEF48A4F08A0B0] - 22/08/2011 - 11:40:39 ---A- . (...) -- C:\Windows\dmi.ini [73]
O44 - LFC:[MD5.2340832B8B1EFB379280A30140D1B7ED] - 14/08/2011 - 16:05:08 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\system32\java.exe [145184]
O44 - LFC:[MD5.FD8AB373BD7834A65114DD899199D00B] - 14/08/2011 - 16:05:08 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\system32\javaw.exe [145184]
O44 - LFC:[MD5.4EDDB64328BE19A164657230C647913E] - 14/08/2011 - 16:05:08 ---A- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\Windows\system32\javaws.exe [157472]
O44 - LFC:[MD5.C394C16CDDF813ED31880125DEC61E00] - 14/08/2011 - 16:05:03 ---A- . (...) -- C:\Windows\system32\jupdate-1.6.0_26-b03.log [3765]
O44 - LFC:[MD5.D1D5607E93D49397FC3B23D613EA046A] - 12/08/2011 - 09:36:17 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [397264]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 12/08/2011 - 09:17:02 --HA- . (...) -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf [0]
O44 - LFC:[MD5.10F813FA685730E17034DC56A7BF6C48] - 10/08/2011 - 19:42:49 ---A- . (...) -- C:\Windows\PFRO.log [124536]
O44 - LFC:[MD5.5A04176D92DBDCA782BFD70C26A0DA03] - 27/06/1994 - 01:03:58 ---A- . (...) -- C:\Windows\system32\dva.386 [1966]
~ Scan Files in 00mn 15s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 06/01/2009 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]
O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 06/01/2009 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]
O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 06/01/2009 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]
O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 06/01/2009 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]
O58 - SDL:[MD5.1CFEBA39FC613E45B49D3EDDFBCDA289] - 06/01/2009 - 04:13:00 ---A- . (.Agere Systems - SoftModem Device Driver.) -- C:\Windows\system32\drivers\AGRSM.sys [1203776]
O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 06/01/2009 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]
O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 06/01/2009 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]
O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 06/01/2009 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]
O58 - SDL:[MD5.861CB512E4E850E87DD2316F88D69330] - 11/11/2010 - 12:32:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [19544]
O58 - SDL:[MD5.FF83C93AEEE8B0CF4B464CA667A67ACD] - 11/11/2010 - 12:32:20 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [54104]
O58 - SDL:[MD5.8DB043BF96BB6D334E5B4888E709E1C7] - 11/11/2010 - 12:32:32 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [25432]
O58 - SDL:[MD5.17230708A2028CD995656DF455F2E303] - 08/08/2011 - 12:36:43 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [441176]
O58 - SDL:[MD5.DBEDD9D43B00630966EF05D2D8D04CEE] - 11/11/2010 - 12:36:32 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [309848]
O58 - SDL:[MD5.984CFCE2168286C2511695C2F9621475] - 11/11/2010 - 12:35:23 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [43608]
O58 - SDL:[MD5.08015D34F6FDD0B355805BAD978497C3] - 06/01/2009 - 08:30:53 ---A- . (.Broadcom Corporation - Pilote Ethernet 5.1 NDIS Broadcom Corporation.) -- C:\Windows\system32\drivers\bcm4sbxp.sys [45056]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 06/01/2009 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 06/01/2009 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 06/01/2009 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 06/01/2009 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 06/01/2009 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 06/01/2009 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.3EA1A20DC0CA1AD23E7AA8C37A91BCD1] - 06/01/2009 - 00:17:10 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\system32\drivers\btwaudio.sys [80424]
O58 - SDL:[MD5.195872E48A7FB01F8BC9B800F70F4054] - 06/01/2009 - 23:20:24 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\system32\drivers\btwavdt.sys [80936]
O58 - SDL:[MD5.0724E7D6C9B6A289EDDDA33FA8176E80] - 06/01/2009 - 23:20:26 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\system32\drivers\btwrchid.sys [16168]
O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 06/01/2009 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 06/01/2009 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]
O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 06/01/2009 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 06/01/2009 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 29/01/2011 - 13:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.7929A161F9951D173CA9900FE7067391] - 07/07/2009 - 09:50:26 ---A- . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\system32\drivers\hamachi.sys [25280]
O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 06/01/2009 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]
O58 - SDL:[MD5.707C1692214B1C290271067197F075F6] - 06/01/2009 - 09:44:44 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [324120]
O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 06/01/2009 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]
O58 - SDL:[MD5.496DB78E6A0C4C44023D9A92B4A7AC31] - 06/01/2009 - 03:10:57 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [1380864]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 06/01/2009 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 06/01/2009 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 06/01/2009 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]
O58 - SDL:[MD5.EBC507F129DF8F0E0CA270DCFC0CF87F] - 06/01/2009 - 02:43:12 ---A- . (.SAMSUNG ELECTRONICS CO., LTD. - Non PnP Driver.) -- C:\Windows\system32\drivers\KMDFMEMIO.sys [13312]
O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 06/01/2009 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]
O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 06/01/2009 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]
O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 06/01/2009 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]
O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 06/01/2009 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]
O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 06/01/2009 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 06/01/2009 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.35D5458D9A1B26B2005ABFFBF4C1C5E7] - 06/01/2009 - 03:23:20 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw3v32.sys [2225664]
O58 - SDL:[MD5.9CA26DCCF0B84A6FF2B54FBB2A94520B] - 06/01/2009 - 22:30:50 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw5v32.sys [3662848]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 06/01/2009 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 06/01/2009 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.A103162C62C336C2CB3C5E1E2773D17B] - 06/01/2009 - 19:29:26 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda32v.sys [44576]
O58 - SDL:[MD5.C526B4A24EF951EF219C3BFA1534B152] - 06/01/2009 - 20:24:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 176.) -- C:\Windows\system32\drivers\nvlddmkm.sys [7548000]
O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 06/01/2009 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]
O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 06/01/2009 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]
O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 06/01/2009 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 06/01/2009 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.B0878F280FA335AC67F056A9BFE06E04] - 06/01/2009 - 09:59:18 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2152088]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 06/01/2009 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 06/01/2009 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 06/01/2009 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 06/01/2009 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 06/01/2009 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.451E8037E2EB6DA6BDF0A66F65D1810B] - 06/01/2009 - 06:39:08 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [193456]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 06/01/2009 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 06/01/2009 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 06/01/2009 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 06/01/2009 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]
O58 - SDL:[MD5.C30A79CFEE47F1A9633F403C5ACE872F] - 06/01/2009 - 08:30:28 ---A- . (.Vimicro Corporation - Vimicro USB Video Class Camera.) -- C:\Windows\system32\drivers\vmc302.sys [242048]
O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 06/01/2009 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]
O58 - SDL:[MD5.F603B2714642AE5C5BF6C4639DE4DADD] - 06/01/2009 - 09:02:00 ---A- . (.Marvell - Miniport Driver for Marvell Yukon Ethernet Controller..) -- C:\Windows\system32\drivers\yk60x86.sys [303616]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 06/01/2009 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 06/01/2009 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 06/01/2009 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 06/01/2009 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 06/01/2009 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 06/01/2009 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 06/01/2009 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 06/01/2009 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 06/01/2009 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 06/01/2009 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 06/01/2009 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 06/01/2009 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 06/01/2009 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 06/01/2009 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 06/01/2009 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]
~ Scan Drivers in 00mn 06s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 04/07/2011 - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt(aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 30/12/2008 - C:\Windows\system32\DRIVERS\kmdfmemio.sys - SAMSUNG Kernel Driver(KMDFMEMIO) .(.SAMSUNG ELECTRONICS CO., LTD. - Non PnP Driver.) - LEGACY_KMDFMEMIO
~ Scan Services in 00mn 01s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\searchplugins\conduit.xml
O69 - SBI: prefs.js [steph - ud0pvjks.default] user_pref("CT2567681.SearchEngine", "Recherche||http://search.conduit.com/Results.aspx?
O69 - SBI: prefs.js [steph - ud0pvjks.default] user_pref("CT2567681.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2567681
O69 - SBI: prefs.js [steph - ud0pvjks.default] user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2567681
O69 - SBI: prefs.js [steph - ud0pvjks.default] user_pref("browser.startup.homepage", "http://search.conduit.com/?ctid=CT2567681&SearchSource=13");
O69 - SBI: prefs.js [steph - ud0pvjks.default] user_pref("keyword.URL", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q=");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {7483C735-B153-4703-883E-8340F264559E} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Messenger Plus Live France Customized Web Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {C8E6BAFD-3155-482B-B8A5-C489EFBE6E5C} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {CB92631F-B0A3-4B1E-935E-CD0B33BA48EB} - (hooseek) - http://www.hooseek.com
~ Scan Keys in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.ED324284FA119EF0F240AC9E2262D666] [SPRF][20/01/2011] (.Microsoft Corporation - Windows Media Component Setup Application.) -- C:\Users\steph\AppData\Local\Temp\wmpfirefoxplugin.exe [318904]
[MD5.80F4A456633F78A26A3C6B16E64EFEC5] [SPRF][28/09/2007] (.Microsoft - Uno Messenger.) -- C:\Windows\Downloaded Program Files\GAME_UNO1.dll [381960]
[MD5.DC38B1B71CB7FF8F4241333B9EC84F03] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfbmp13n.dll [57344]
[MD5.6CBA9ECE3186ADEAE144A79E3AC769FE] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfcmp13n.dll [401408]
[MD5.BDD316D6479220B8FA2A911262898640] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfeps13n.dll [65536]
[MD5.8B83DC9053B8164731B15AF455CBD9A9] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lffax13n.dll [98304]
[MD5.A63B94BB949D5E836F144A0A754E5451] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfgif13n.dll [69632]
[MD5.1E1FDE2FF4B0197EF8A36259244CF142] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpcd13n.dll [49152]
[MD5.9D9CA493D0864DF83D282E2393FE5825] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpcx13n.dll [53248]
[MD5.AD6D6FAC370748775FB9FB33A398BFF9] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpng13n.dll [159744]
[MD5.4A3A0CE4ED63580116A7354E06B42CDF] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpsd13n.dll [55808]
[MD5.BBBE68D622945FF8BC9CE847975B2389] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lftga13n.dll [53248]
[MD5.333F810C00745C05EDF17D6580A4601E] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lftif13n.dll [155648]
[MD5.9788C72C2EC7011E6CC40CFDD5CE2251] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltclr13n.dll [1693696]
[MD5.55D16BEB62D0B6C54CE315F7063FA7A1] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltdis13n.dll [299008]
[MD5.F56BA445D7D36EB4DDBFE4477BAD594D] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltefx13n.dll [206336]
[MD5.BF1727ED495670881E18E346D162CA3D] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltfil13n.dll [163840]
[MD5.209B65395E75CD957E14B8EC3C742A7B] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltimg13n.dll [450560]
[MD5.CEFC7E62D25BDC3A4501062718D0A65F] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltkrn13n.dll [462848]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544]
[MD5.E661E91B5929632665683222D509D271] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Minesweeper Flags for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MineSweeper.dll [130472]
[MD5.1E5CFDF9AEBDD84305A4C8154277A269] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Checkers for MSN Messenger.) -- C:\Windows\Downloaded Program Files\msgrchkr.dll [131472]
[MD5.A0F541D9D2CACEEC7A4A378CD0C31626] [SPRF][20/11/2006] (.Microsoft® Corporation - MSN Photo Upload Tool.) -- C:\Windows\Downloaded Program Files\MsnPUpld.dll [543544]
[MD5.4305F843E38ABB2186D0CD07982EBECD] [SPRF][15/06/2007] (.Oberon Media, Inc. - Oberon Game Host ActiveX Control.) -- C:\Windows\Downloaded Program Files\OberonGameHost.dll [632392]
[MD5.4690A678A1EC998100506D9A5809181A] [SPRF][20/11/2006] (.Eastman Kodak - PCDLIB32.) -- C:\Windows\Downloaded Program Files\pcdlib32.dll [212480]
[MD5.732CACA8E848F6E721B093E51FC50B1D] [SPRF][09/01/2007] (.Microsoft® Corporation - Outil MSN Téléchargement de photos.) -- C:\Windows\Downloaded Program Files\PURfr-fr.dll [110592]
~ Scan Files in 00mn 00s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{F286CD4E-3C37-4BC9-A286-412C1633240A}C:\program files\flightgear\bin\win32\fgfs.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\flightgear\bin\win32\fgfs.exe (.not file.)
O87 - FAEL: "UDP Query User{BAB473B4-EB90-45B1-AEBB-7F5F669B0D1A}C:\program files\flightgear\bin\win32\fgfs.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\flightgear\bin\win32\fgfs.exe (.not file.)
O87 - FAEL: "TCP Query User{CFDF7EC6-237A-4B22-AC02-91EEB02B21A2}C:\users\steph\appdata\roaming\imvuclient\1vivoxvoice.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\steph\appdata\roaming\imvuclient\1vivoxvoice.exe (.not file.)
O87 - FAEL: "UDP Query User{63307FAD-9224-4A2F-8002-536E191A816C}C:\users\steph\appdata\roaming\imvuclient\1vivoxvoice.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\steph\appdata\roaming\imvuclient\1vivoxvoice.exe (.not file.)
O87 - FAEL: "TCP Query User{44317244-983B-40F9-BCF2-2E44F8296F50}C:\program files\freeciv-2.2.1-sdl\freeciv-server.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\freeciv-2.2.1-sdl\freeciv-server.exe (.not file.)
O87 - FAEL: "UDP Query User{36CD0998-9BFF-46B3-A975-CBB95C190AB2}C:\program files\freeciv-2.2.1-sdl\freeciv-server.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\freeciv-2.2.1-sdl\freeciv-server.exe (.not file.)
O87 - FAEL: "TCP Query User{2A509099-BE01-47AF-B178-03FD2AC021D2}C:\program files\google\google earth\client\googleearth.exe" | In - Public - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "UDP Query User{A78FF0C7-39A5-4BAD-BC58-6927A2C9517A}C:\program files\google\google earth\client\googleearth.exe" | In - Public - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "TCP Query User{AE927486-05C6-4E16-9222-CD8E253A0922}C:\program files\utherverse digital inc\utherverse vww client\utherverse.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\utherverse digital inc\utherverse vww client\utherverse.e
O87 - FAEL: "UDP Query User{FAD59004-74B6-404D-8625-4C13C2F1A5E3}C:\program files\utherverse digital inc\utherverse vww client\utherverse.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\utherverse digital inc\utherverse vww client\utherverse.
O87 - FAEL: "TCP Query User{84B9DAE9-4A3D-4A27-AACD-2D26E721D8B3}C:\program files\secondlifeviewer2\slvoice.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\secondlifeviewer2\slvoice.exe (.not file.)
O87 - FAEL: "UDP Query User{10172EC5-69C4-4655-AA54-8329E613688D}C:\program files\secondlifeviewer2\slvoice.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\secondlifeviewer2\slvoice.exe (.not file.)
O87 - FAEL: "{898345DE-E5FF-47B9-9379-F2F65A1237A4}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "{782904A1-2CB7-4CB1-94A3-5A659E89081A}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{B7554155-80D8-4BBA-9D88-3C9F1E8B2215}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{7E4838A7-C7F8-41DC-AB12-60A9B115F8D5}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
~ Scan Firewall in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 8621 - (29/08/2011)
Clés trouvées (Keys found) : 14
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 10
Fichiers trouvés (Files found) : 1
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchTheWeb] =>Adware.IMBooster
[HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.ct2567681] =>Adware.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKLM\Software\ASKInstaller] =>Toolbar.AskBarDis
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Grand Virtual] =>Spyware.AgenceExclusive
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Spointer] =>Adware.SPointer
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\everest poker] =>Adware.Casino
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.AskSBar
C:\Program Files\Everest Poker =>Adware.Casino
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everest Poker =>Adware.Casino
C:\Users\steph\AppData\Roaming\OfferBox =>PUP.OfferBox
C:\Users\steph\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\steph\AppData\Local\moovida air =>Adware.SPointer
C:\Users\steph\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\steph\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\Conduit =>Toolbar.Conduit
C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\SearchPlugins\conduit.xml =>Toolbar.Conduit
~ Scan Additionnel in 00mn 09s
---\\ Recherche détournement de DNS routeur (O89)
Serveur : livebox.home
Address: 192.168.1.1
Nom : www.l.google.com
Addresses: 74.125.39.99
74.125.39.105
74.125.39.106
74.125.39.104
74.125.39.147
74.125.39.103
Aliases: www.google.fr
www.google.com
~ Scan DNS in 00mn 02s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 09/05/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 04/07/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SS - | Demand 26/08/2011 195336 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe
SR - | Auto 09/05/2011 349472 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 06/01/2009 819200 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SS - | Auto 02/05/2009 133104 | (gupdate1c9cb6791327190) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 02/05/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 02/05/2009 183280 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 01/07/2011 820520 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 06/01/2009 196608 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 06/01/2009 466944 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SS - | Auto 77480 | (Samsung Update Plus) . (...) - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
SR - | Auto 06/01/2009 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe
~ Scan Services in 00mn 03s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by steph at 07/09/2011 20:17:59
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
C:\Windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver
1 nt!IofCallDriver[0x8307D11B] -> \Device\Harddisk0\DR0[0x86B44770]
3 CLASSPNP[0x8BAA38B3] -> nt!IofCallDriver[0x8307D11B] -> \Device\Ide\IAAStorageDevice-1[0x8603F028]
kernel: MBR read successfully
user & kernel MBR OK
~ Scan MBR in 00mn 05s
End of the scan (1264 lines in 01mn 34s)(0)
O43 - CFD: 09/05/2011 - 20:46:12 - [621125] ----D- C:\Program Files\Bonjour
O43 - CFD: 24/05/2009 - 15:21:46 - [8387129] ----D- C:\Program Files\CamStudio
O43 - CFD: 30/12/2008 - 03:37:24 - [6221977] ----D- C:\Program Files\Cisco
O43 - CFD: 14/08/2011 - 17:26:00 - [999586805] ----D- C:\Program Files\Common Files
O43 - CFD: 15/02/2010 - 14:46:18 - [10314692] ----D- C:\Program Files\DivX
O43 - CFD: 24/05/2009 - 15:06:42 - [1006454] ----D- C:\Program Files\Easy Video Capture
O43 - CFD: 10/12/2010 - 22:30:16 - [25771058] ----D- C:\Program Files\Everest Poker
O43 - CFD: 04/09/2010 - 19:39:58 - [18358909] ----D- C:\Program Files\Everest Poker.fr
O43 - CFD: 22/03/2009 - 05:51:48 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 08/08/2010 - 11:36:00 - [0] ----D- C:\Program Files\Fluendo
O43 - CFD: 12/06/2011 - 00:14:22 - [31] ----D- C:\Program Files\Freeciv-2.2.1-sdl
O43 - CFD: 25/07/2011 - 13:48:16 - [96743131] ----D- C:\Program Files\Google
O43 - CFD: 24/12/2009 - 17:32:24 - [1471209] ----D- C:\Program Files\HyCam2
O43 - CFD: 12/06/2011 - 12:46:52 - [36579297] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 30/12/2008 - 03:37:22 - [70860865] ----D- C:\Program Files\Intel
O43 - CFD: 27/08/2011 - 16:07:14 - [6536747] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 01/07/2011 - 20:07:14 - [1856627] ----D- C:\Program Files\iPod
O43 - CFD: 01/07/2011 - 20:08:22 - [128332719] ----D- C:\Program Files\iTunes
O43 - CFD: 14/08/2011 - 17:05:04 - [89503829] ----D- C:\Program Files\Java
O43 - CFD: 30/12/2008 - 03:35:56 - [2504516] ----D- C:\Program Files\Marvell
O43 - CFD: 01/06/2009 - 17:19:18 - [114366538] ----D- C:\Program Files\Micro Application
O43 - CFD: 26/08/2011 - 08:23:24 - [23110624] ----D- C:\Program Files\Microsoft
O43 - CFD: 12/06/2011 - 12:47:32 - [100423038] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 16/07/2011 - 22:14:28 - [717748798] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 30/09/2009 - 18:58:16 - [1559148] ----D- C:\Program Files\Microsoft Office Outlook Connector
O43 - CFD: 30/12/2008 - 04:34:34 - [7791803] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 19/06/2011 - 23:48:14 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 08/08/2010 - 15:22:04 - [62160] ----D- C:\Program Files\Microsoft Small Business
O43 - CFD: 15/10/2009 - 18:42:08 - [50669474] ----D- C:\Program Files\Microsoft SQL Server
O43 - CFD: 30/09/2009 - 18:56:14 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 30/09/2009 - 18:57:34 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 30/12/2008 - 04:31:36 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 25/01/2010 - 18:23:20 - [3726168] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 08/08/2010 - 15:23:40 - [8167779] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 10/08/2011 - 10:26:48 - [99342446] ----D- C:\Program Files\Movie Maker
O43 - CFD: 27/07/2011 - 11:14:56 - [29468525] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 30/12/2008 - 03:44:26 - [0] ----D- C:\Program Files\MSSOAP
O43 - CFD: 06/07/2011 - 09:35:32 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 18/04/2010 - 22:58:22 - [782336] ----D- C:\Program Files\OpenAL
O43 - CFD: 02/05/2011 - 11:23:42 - [352657674] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 29/01/2011 - 18:37:30 - [76322555] ----D- C:\Program Files\QuickTime
O43 - CFD: 17/12/2009 - 22:57:16 - [0] ----D- C:\Program Files\Real
O43 - CFD: 30/12/2008 - 03:34:20 - [12193726] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 22/03/2009 - 05:55:54 - [342190025] ----D- C:\Program Files\Samsung
O43 - CFD: 12/08/2011 - 10:45:50 - [15141852] R---D- C:\Program Files\Skype
O43 - CFD: 30/12/2008 - 03:41:36 - [14268848] ----D- C:\Program Files\Synaptics
O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 12/06/2011 - 00:13:08 - [0] ----D- C:\Program Files\Utherverse Digital Inc
O43 - CFD: 09/05/2009 - 10:39:20 - [33338768] ----D- C:\Program Files\VideoLAN
O43 - CFD: 30/12/2008 - 03:40:50 - [2240787] ----D- C:\Program Files\Vimicro Corporation
O43 - CFD: 27/07/2011 - 21:31:54 - [11445584] ----D- C:\Program Files\vp5e
O43 - CFD: 30/12/2008 - 03:39:18 - [8724802] ----D- C:\Program Files\WIDCOMM
O43 - CFD: 10/08/2011 - 10:26:48 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 10/08/2011 - 10:26:48 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 10/08/2011 - 10:26:46 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 10/08/2011 - 10:26:48 - [7084664] ----D- C:\Program Files\Windows Journal
O43 - CFD: 26/08/2011 - 08:25:02 - [147801020] ----D- C:\Program Files\Windows Live
O43 - CFD: 22/03/2009 - 12:21:24 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 12/08/2011 - 10:17:46 - [9116344] ----D- C:\Program Files\Windows Mail
O43 - CFD: 10/08/2011 - 10:26:48 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 22/03/2009 - 05:51:48 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 10/08/2011 - 10:26:48 - [13528738] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 12/08/2011 - 10:18:26 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 10/08/2011 - 10:26:48 - [6674851] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 13/03/2010 - 14:30:26 - [3882468] ----D- C:\Program Files\WinRAR
O43 - CFD: 27/07/2011 - 11:12:02 - [19295040] ----D- C:\Program Files\Yuna Software
O43 - CFD: 07/09/2011 - 20:16:46 - [4013926] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 23/12/2009 - 01:02:40 - [0] ----D- C:\Program Files\Zylom Games
O43 - CFD: 10/08/2011 - 10:40:22 - [6777445] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 01/07/2011 - 20:07:10 - [92089804] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 30/12/2008 - 04:31:36 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 15/02/2010 - 14:46:10 - [1619968] ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD: 11/04/2009 - 09:54:28 - [11406075] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 30/12/2008 - 03:37:22 - [7675408] ----D- C:\Program Files\Common Files\Intel
O43 - CFD: 14/08/2011 - 17:26:00 - [1258951] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 19/06/2011 - 19:24:46 - [470607859] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 30/12/2008 - 03:44:26 - [568832] ----D- C:\Program Files\Common Files\MSSoap
O43 - CFD: 23/12/2009 - 01:01:38 - [0] ----D- C:\Program Files\Common Files\Real
O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 10/08/2011 - 10:26:46 - [54252477] ----D- C:\Program Files\Common Files\System
O43 - CFD: 22/03/2009 - 12:17:00 - [312132573] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 10/08/2011 - 10:40:22 - [763] ----D- C:\ProgramData\Adobe
O43 - CFD: 11/11/2010 - 00:15:52 - [36633316] ----D- C:\ProgramData\Alwil Software
O43 - CFD: 29/01/2011 - 18:33:02 - [88562176] ----D- C:\ProgramData\Apple
O43 - CFD: 01/07/2011 - 20:07:04 - [66637608] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 22/03/2009 - 05:51:48 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 03/03/2011 - 23:39:42 - [1348] ----D- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 12/08/2011 - 10:44:00 - [11347070] ----D- C:\ProgramData\Easybits GO
O43 - CFD: 22/03/2009 - 05:51:48 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 06/09/2011 - 20:46:48 - [13766] ----D- C:\ProgramData\Google Updater
O43 - CFD: 30/12/2008 - 03:37:22 - [956] ----D- C:\ProgramData\Intel
O43 - CFD: 02/08/2009 - 23:27:22 - [15190] ----D- C:\ProgramData\McAfee
O43 - CFD: 22/03/2009 - 05:51:48 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 10/02/2010 - 17:18:04 - [3284868] ----D- C:\ProgramData\Messenger Plus!
O43 - CFD: 26/08/2011 - 08:23:36 - [176257075] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 12/08/2011 - 01:27:52 - [53418] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 22/03/2009 - 05:51:48 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 10/08/2011 - 10:22:36 - [189747] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 17/12/2009 - 22:57:48 - [78] ----D- C:\ProgramData\Real
O43 - CFD: 30/12/2008 - 03:37:54 - [143] ----D- C:\ProgramData\Roaming
O43 - CFD: 12/07/2010 - 22:21:44 - [96] ----D- C:\ProgramData\RoboForm
O43 - CFD: 30/12/2008 - 03:49:22 - [172032] ----D- C:\ProgramData\SAMSUNG
O43 - CFD: 12/08/2011 - 10:45:38 - [79217045] ----D- C:\ProgramData\Skype
O43 - CFD: 11/08/2011 - 00:07:46 - [40646824] ----D- C:\ProgramData\Skype Extras
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 01/05/2011 - 12:21:50 - [155] ----D- C:\ProgramData\Sun
O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 17/08/2009 - 23:18:18 - [0] ----D- C:\ProgramData\Zylom
O43 - CFD: 29/01/2011 - 18:39:16 - [541235] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 12/04/2011 - 18:40:12 - [26280] ----D- C:\Users\steph\AppData\Roaming\.freeciv
O43 - CFD: 05/04/2009 - 14:24:18 - [4759877] ----D- C:\Users\steph\AppData\Roaming\Adobe
O43 - CFD: 29/01/2011 - 18:43:50 - [199383] ----D- C:\Users\steph\AppData\Roaming\Apple Computer
O43 - CFD: 12/06/2011 - 00:08:42 - [0] ----D- C:\Users\steph\AppData\Roaming\Atari
O43 - CFD: 04/03/2011 - 13:34:42 - [1191] ----D- C:\Users\steph\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 02/05/2009 - 23:19:24 - [3026] ----D- C:\Users\steph\AppData\Roaming\flightgear.org
O43 - CFD: 18/04/2010 - 23:00:28 - [97] ----D- C:\Users\steph\AppData\Roaming\fltk.org
O43 - CFD: 12/08/2011 - 10:43:46 - [865488] ----D- C:\Users\steph\AppData\Roaming\go
O43 - CFD: 15/07/2009 - 17:15:34 - [2721] ----D- C:\Users\steph\AppData\Roaming\Hamachi
O43 - CFD: 22/03/2009 - 05:56:42 - [0] ----D- C:\Users\steph\AppData\Roaming\Identities
O43 - CFD: 17/08/2011 - 01:24:20 - [0] ----D- C:\Users\steph\AppData\Roaming\Intel
O43 - CFD: 04/03/2011 - 13:42:52 - [0] ----D- C:\Users\steph\AppData\Roaming\Leadertech
O43 - CFD: 22/03/2009 - 06:37:18 - [3136298] ----D- C:\Users\steph\AppData\Roaming\Macromedia
O43 - CFD: 16/05/2009 - 21:41:42 - [4329] ----D- C:\Users\steph\AppData\Roaming\ManyCam
O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\steph\AppData\Roaming\Media Center Programs
O43 - CFD: 02/05/2011 - 11:13:38 - [21666724] -S--D- C:\Users\steph\AppData\Roaming\Microsoft
O43 - CFD: 29/07/2009 - 21:03:50 - [4415163] ----D- C:\Users\steph\AppData\Roaming\Microsoft Games
O43 - CFD: 15/07/2010 - 00:42:34 - [590043] ----D- C:\Users\steph\AppData\Roaming\moovida-1
O43 - CFD: 04/08/2009 - 23:23:40 - [2988755] ----D- C:\Users\steph\AppData\Roaming\Mozilla
O43 - CFD: 08/08/2010 - 11:32:26 - [466] ----D- C:\Users\steph\AppData\Roaming\OfferBox
O43 - CFD: 02/05/2011 - 11:27:08 - [1708476] ----D- C:\Users\steph\AppData\Roaming\OpenOffice.org
O43 - CFD: 10/05/2010 - 21:22:46 - [0] ----D- C:\Users\steph\AppData\Roaming\PeerNetworking
O43 - CFD: 23/12/2009 - 01:01:38 - [204267] ----D- C:\Users\steph\AppData\Roaming\Real
O43 - CFD: 29/03/2011 - 20:00:38 - [8993] ----D- C:\Users\steph\AppData\Roaming\Rovio
O43 - CFD: 27/12/2010 - 21:05:22 - [6117474] ----D- C:\Users\steph\AppData\Roaming\SecondLife
O43 - CFD: 07/09/2011 - 20:11:04 - [11400655] ----D- C:\Users\steph\AppData\Roaming\Skype
O43 - CFD: 28/05/2011 - 16:01:42 - [424584] ----D- C:\Users\steph\AppData\Roaming\skypePM
O43 - CFD: 25/04/2011 - 18:37:28 - [11943] ----D- C:\Users\steph\AppData\Roaming\Synthesia
O43 - CFD: 26/12/2010 - 23:43:00 - [374742810] ----D- C:\Users\steph\AppData\Roaming\thriXXX
O43 - CFD: 26/12/2010 - 21:32:04 - [2639] ----D- C:\Users\steph\AppData\Roaming\Utherverse
O43 - CFD: 29/07/2010 - 23:35:42 - [494] ----D- C:\Users\steph\AppData\Roaming\Vivox
O43 - CFD: 09/05/2009 - 10:39:50 - [371392] ----D- C:\Users\steph\AppData\Roaming\vlc
O43 - CFD: 19/03/2011 - 15:50:44 - [0] ----D- C:\Users\steph\AppData\Roaming\Windows Live Writer
O43 - CFD: 13/03/2010 - 14:30:42 - [12] ----D- C:\Users\steph\AppData\Roaming\WinRAR
O43 - CFD: 25/11/2009 - 21:23:08 - [4094] ----D- C:\Users\steph\AppData\Roaming\Wormux
O43 - CFD: 10/08/2011 - 10:39:20 - [53090037] ----D- C:\Users\steph\AppData\Local\Adobe
O43 - CFD: 29/01/2011 - 18:35:28 - [69018920] ----D- C:\Users\steph\AppData\Local\Apple
O43 - CFD: 21/06/2011 - 19:38:38 - [5458275] ----D- C:\Users\steph\AppData\Local\Apple Computer
O43 - CFD: 22/03/2009 - 05:55:12 - [0] -SH-D- C:\Users\steph\AppData\Local\Application Data
O43 - CFD: 12/06/2011 - 00:19:34 - [0] ----D- C:\Users\steph\AppData\Local\Conduit
O43 - CFD: 31/03/2010 - 20:21:02 - [264775115] ----D- C:\Users\steph\AppData\Local\Google
O43 - CFD: 22/03/2009 - 05:55:12 - [0] -SH-D- C:\Users\steph\AppData\Local\Historique
O43 - CFD: 27/07/2011 - 21:32:02 - [1367277] ----D- C:\Users\steph\AppData\Local\LiveCraft
O43 - CFD: 26/08/2011 - 12:10:34 - [1826223297] ----D- C:\Users\steph\AppData\Local\Microsoft
O43 - CFD: 20/01/2010 - 18:56:24 - [2015810] ----D- C:\Users\steph\AppData\Local\Microsoft Games
O43 - CFD: 21/10/2009 - 18:32:14 - [0] ----D- C:\Users\steph\AppData\Local\Microsoft Help
O43 - CFD: 08/08/2010 - 11:30:20 - [234375] ----D- C:\Users\steph\AppData\Local\moovida Air
O43 - CFD: 04/08/2009 - 23:23:22 - [58170213] ----D- C:\Users\steph\AppData\Local\Mozilla
O43 - CFD: 06/01/2011 - 22:45:46 - [152805294] ----D- C:\Users\steph\AppData\Local\SecondLife
O43 - CFD: 07/09/2011 - 20:14:18 - [2631797732] ----D- C:\Users\steph\AppData\Local\Temp
O43 - CFD: 22/03/2009 - 05:55:12 - [0] -SH-D- C:\Users\steph\AppData\Local\Temporary Internet Files
O43 - CFD: 05/04/2009 - 14:24:18 - [1875184212] ----D- C:\Users\steph\AppData\Local\VirtualStore
O43 - CFD: 19/03/2011 - 15:50:46 - [373674] ----D- C:\Users\steph\AppData\Local\Windows Live Writer
~ Scan Program Folder in 00mn 22s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.34DD3245D753E0BD31E1F593F1654C79] - 07/09/2011 - 19:00:07 ---A- . (...) -- C:\WinChk.txt [2150]
O44 - LFC:[MD5.E78AFBEF25819951FF2DF746030976EF] - 07/09/2011 - 18:42:06 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1620125]
O44 - LFC:[MD5.32497DF9AD0D790B664DB6167052A2F9] - 07/09/2011 - 18:07:13 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.A1713657C6BD8E0A26E47D722D2B6DDD] - 04/09/2011 - 22:00:34 ---A- . (...) -- C:\Windows\setupact.log [138157]
O44 - LFC:[MD5.DEE796D390675293F3B678DE2FBBB665] - 27/08/2011 - 15:06:59 ---A- . (...) -- C:\Windows\IE9_main.log [25327]
O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 27/08/2011 - 15:05:07 ---A- . (...) -- C:\Windows\system32\icrav03.rat [8798]
O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 27/08/2011 - 15:05:07 ---A- . (...) -- C:\Windows\system32\ticrf.rat [1988]
O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 27/08/2011 - 15:04:52 ---A- . (...) -- C:\Windows\system32\ieuinit.inf [72822]
O44 - LFC:[MD5.BF897D63FF3AB8DA41DD456B248FB1C7] - 26/08/2011 - 16:02:03 ---A- . (...) -- C:\Windows\MEMORY.DMP [354663522]
O44 - LFC:[MD5.ED72F576F2584362CC9D5BCE003B17A0] - 26/08/2011 - 07:19:44 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1527530]
O44 - LFC:[MD5.FC8D0D305DB657ABD22563C9A811857B] - 26/08/2011 - 07:19:44 ---A- . (...) -- C:\Windows\system32\perfc009.dat [104914]
O44 - LFC:[MD5.91EF7D5E8F7F1F6F1D14F785DC27CC6C] - 26/08/2011 - 07:19:44 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [127504]
O44 - LFC:[MD5.E42FB8AB58AD95A65CB9688B68324EFC] - 26/08/2011 - 07:19:44 ---A- . (...) -- C:\Windows\system32\perfh009.dat [598900]
O44 - LFC:[MD5.2CB274A78E0D456C84531014F92B81D6] - 26/08/2011 - 07:19:44 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [681798]
O44 - LFC:[MD5.7D9923D572F4D01741507F01506DF89B] - 22/08/2011 - 11:53:15 ---A- . (...) -- C:\Windows\win.ini [1175]
O44 - LFC:[MD5.48B129FD2DC9F3C898BEF48A4F08A0B0] - 22/08/2011 - 11:40:39 ---A- . (...) -- C:\Windows\dmi.ini [73]
O44 - LFC:[MD5.2340832B8B1EFB379280A30140D1B7ED] - 14/08/2011 - 16:05:08 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\system32\java.exe [145184]
O44 - LFC:[MD5.FD8AB373BD7834A65114DD899199D00B] - 14/08/2011 - 16:05:08 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\system32\javaw.exe [145184]
O44 - LFC:[MD5.4EDDB64328BE19A164657230C647913E] - 14/08/2011 - 16:05:08 ---A- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\Windows\system32\javaws.exe [157472]
O44 - LFC:[MD5.C394C16CDDF813ED31880125DEC61E00] - 14/08/2011 - 16:05:03 ---A- . (...) -- C:\Windows\system32\jupdate-1.6.0_26-b03.log [3765]
O44 - LFC:[MD5.D1D5607E93D49397FC3B23D613EA046A] - 12/08/2011 - 09:36:17 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [397264]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 12/08/2011 - 09:17:02 --HA- . (...) -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf [0]
O44 - LFC:[MD5.10F813FA685730E17034DC56A7BF6C48] - 10/08/2011 - 19:42:49 ---A- . (...) -- C:\Windows\PFRO.log [124536]
O44 - LFC:[MD5.5A04176D92DBDCA782BFD70C26A0DA03] - 27/06/1994 - 01:03:58 ---A- . (...) -- C:\Windows\system32\dva.386 [1966]
~ Scan Files in 00mn 15s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 06/01/2009 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]
O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 06/01/2009 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]
O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 06/01/2009 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]
O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 06/01/2009 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]
O58 - SDL:[MD5.1CFEBA39FC613E45B49D3EDDFBCDA289] - 06/01/2009 - 04:13:00 ---A- . (.Agere Systems - SoftModem Device Driver.) -- C:\Windows\system32\drivers\AGRSM.sys [1203776]
O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 06/01/2009 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]
O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 06/01/2009 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]
O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 06/01/2009 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]
O58 - SDL:[MD5.861CB512E4E850E87DD2316F88D69330] - 11/11/2010 - 12:32:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [19544]
O58 - SDL:[MD5.FF83C93AEEE8B0CF4B464CA667A67ACD] - 11/11/2010 - 12:32:20 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [54104]
O58 - SDL:[MD5.8DB043BF96BB6D334E5B4888E709E1C7] - 11/11/2010 - 12:32:32 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [25432]
O58 - SDL:[MD5.17230708A2028CD995656DF455F2E303] - 08/08/2011 - 12:36:43 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [441176]
O58 - SDL:[MD5.DBEDD9D43B00630966EF05D2D8D04CEE] - 11/11/2010 - 12:36:32 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [309848]
O58 - SDL:[MD5.984CFCE2168286C2511695C2F9621475] - 11/11/2010 - 12:35:23 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [43608]
O58 - SDL:[MD5.08015D34F6FDD0B355805BAD978497C3] - 06/01/2009 - 08:30:53 ---A- . (.Broadcom Corporation - Pilote Ethernet 5.1 NDIS Broadcom Corporation.) -- C:\Windows\system32\drivers\bcm4sbxp.sys [45056]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 06/01/2009 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 06/01/2009 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 06/01/2009 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 06/01/2009 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 06/01/2009 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 06/01/2009 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.3EA1A20DC0CA1AD23E7AA8C37A91BCD1] - 06/01/2009 - 00:17:10 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\system32\drivers\btwaudio.sys [80424]
O58 - SDL:[MD5.195872E48A7FB01F8BC9B800F70F4054] - 06/01/2009 - 23:20:24 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\system32\drivers\btwavdt.sys [80936]
O58 - SDL:[MD5.0724E7D6C9B6A289EDDDA33FA8176E80] - 06/01/2009 - 23:20:26 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\system32\drivers\btwrchid.sys [16168]
O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 06/01/2009 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 06/01/2009 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]
O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 06/01/2009 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 06/01/2009 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 29/01/2011 - 13:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.7929A161F9951D173CA9900FE7067391] - 07/07/2009 - 09:50:26 ---A- . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\system32\drivers\hamachi.sys [25280]
O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 06/01/2009 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]
O58 - SDL:[MD5.707C1692214B1C290271067197F075F6] - 06/01/2009 - 09:44:44 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [324120]
O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 06/01/2009 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]
O58 - SDL:[MD5.496DB78E6A0C4C44023D9A92B4A7AC31] - 06/01/2009 - 03:10:57 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [1380864]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 06/01/2009 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 06/01/2009 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 06/01/2009 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]
O58 - SDL:[MD5.EBC507F129DF8F0E0CA270DCFC0CF87F] - 06/01/2009 - 02:43:12 ---A- . (.SAMSUNG ELECTRONICS CO., LTD. - Non PnP Driver.) -- C:\Windows\system32\drivers\KMDFMEMIO.sys [13312]
O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 06/01/2009 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]
O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 06/01/2009 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]
O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 06/01/2009 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]
O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 06/01/2009 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]
O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 06/01/2009 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 06/01/2009 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.35D5458D9A1B26B2005ABFFBF4C1C5E7] - 06/01/2009 - 03:23:20 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw3v32.sys [2225664]
O58 - SDL:[MD5.9CA26DCCF0B84A6FF2B54FBB2A94520B] - 06/01/2009 - 22:30:50 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw5v32.sys [3662848]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 06/01/2009 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 06/01/2009 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.A103162C62C336C2CB3C5E1E2773D17B] - 06/01/2009 - 19:29:26 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda32v.sys [44576]
O58 - SDL:[MD5.C526B4A24EF951EF219C3BFA1534B152] - 06/01/2009 - 20:24:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 176.) -- C:\Windows\system32\drivers\nvlddmkm.sys [7548000]
O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 06/01/2009 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]
O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 06/01/2009 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]
O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 06/01/2009 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 06/01/2009 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.B0878F280FA335AC67F056A9BFE06E04] - 06/01/2009 - 09:59:18 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2152088]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 06/01/2009 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 06/01/2009 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 06/01/2009 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 06/01/2009 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 06/01/2009 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.451E8037E2EB6DA6BDF0A66F65D1810B] - 06/01/2009 - 06:39:08 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [193456]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 06/01/2009 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 06/01/2009 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 06/01/2009 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 06/01/2009 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]
O58 - SDL:[MD5.C30A79CFEE47F1A9633F403C5ACE872F] - 06/01/2009 - 08:30:28 ---A- . (.Vimicro Corporation - Vimicro USB Video Class Camera.) -- C:\Windows\system32\drivers\vmc302.sys [242048]
O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 06/01/2009 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]
O58 - SDL:[MD5.F603B2714642AE5C5BF6C4639DE4DADD] - 06/01/2009 - 09:02:00 ---A- . (.Marvell - Miniport Driver for Marvell Yukon Ethernet Controller..) -- C:\Windows\system32\drivers\yk60x86.sys [303616]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 06/01/2009 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 06/01/2009 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 06/01/2009 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 06/01/2009 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 06/01/2009 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 06/01/2009 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 06/01/2009 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 06/01/2009 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 06/01/2009 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 06/01/2009 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 06/01/2009 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 06/01/2009 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 06/01/2009 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 06/01/2009 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 06/01/2009 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]
~ Scan Drivers in 00mn 06s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 04/07/2011 - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt(aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 30/12/2008 - C:\Windows\system32\DRIVERS\kmdfmemio.sys - SAMSUNG Kernel Driver(KMDFMEMIO) .(.SAMSUNG ELECTRONICS CO., LTD. - Non PnP Driver.) - LEGACY_KMDFMEMIO
~ Scan Services in 00mn 01s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\searchplugins\conduit.xml
O69 - SBI: prefs.js [steph - ud0pvjks.default] user_pref("CT2567681.SearchEngine", "Recherche||http://search.conduit.com/Results.aspx?
O69 - SBI: prefs.js [steph - ud0pvjks.default] user_pref("CT2567681.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2567681
O69 - SBI: prefs.js [steph - ud0pvjks.default] user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2567681
O69 - SBI: prefs.js [steph - ud0pvjks.default] user_pref("browser.startup.homepage", "http://search.conduit.com/?ctid=CT2567681&SearchSource=13");
O69 - SBI: prefs.js [steph - ud0pvjks.default] user_pref("keyword.URL", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q=");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {7483C735-B153-4703-883E-8340F264559E} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Messenger Plus Live France Customized Web Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {C8E6BAFD-3155-482B-B8A5-C489EFBE6E5C} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {CB92631F-B0A3-4B1E-935E-CD0B33BA48EB} - (hooseek) - http://www.hooseek.com
~ Scan Keys in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.ED324284FA119EF0F240AC9E2262D666] [SPRF][20/01/2011] (.Microsoft Corporation - Windows Media Component Setup Application.) -- C:\Users\steph\AppData\Local\Temp\wmpfirefoxplugin.exe [318904]
[MD5.80F4A456633F78A26A3C6B16E64EFEC5] [SPRF][28/09/2007] (.Microsoft - Uno Messenger.) -- C:\Windows\Downloaded Program Files\GAME_UNO1.dll [381960]
[MD5.DC38B1B71CB7FF8F4241333B9EC84F03] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfbmp13n.dll [57344]
[MD5.6CBA9ECE3186ADEAE144A79E3AC769FE] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfcmp13n.dll [401408]
[MD5.BDD316D6479220B8FA2A911262898640] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfeps13n.dll [65536]
[MD5.8B83DC9053B8164731B15AF455CBD9A9] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lffax13n.dll [98304]
[MD5.A63B94BB949D5E836F144A0A754E5451] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfgif13n.dll [69632]
[MD5.1E1FDE2FF4B0197EF8A36259244CF142] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpcd13n.dll [49152]
[MD5.9D9CA493D0864DF83D282E2393FE5825] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpcx13n.dll [53248]
[MD5.AD6D6FAC370748775FB9FB33A398BFF9] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpng13n.dll [159744]
[MD5.4A3A0CE4ED63580116A7354E06B42CDF] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpsd13n.dll [55808]
[MD5.BBBE68D622945FF8BC9CE847975B2389] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lftga13n.dll [53248]
[MD5.333F810C00745C05EDF17D6580A4601E] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lftif13n.dll [155648]
[MD5.9788C72C2EC7011E6CC40CFDD5CE2251] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltclr13n.dll [1693696]
[MD5.55D16BEB62D0B6C54CE315F7063FA7A1] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltdis13n.dll [299008]
[MD5.F56BA445D7D36EB4DDBFE4477BAD594D] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltefx13n.dll [206336]
[MD5.BF1727ED495670881E18E346D162CA3D] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltfil13n.dll [163840]
[MD5.209B65395E75CD957E14B8EC3C742A7B] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltimg13n.dll [450560]
[MD5.CEFC7E62D25BDC3A4501062718D0A65F] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltkrn13n.dll [462848]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544]
[MD5.E661E91B5929632665683222D509D271] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Minesweeper Flags for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MineSweeper.dll [130472]
[MD5.1E5CFDF9AEBDD84305A4C8154277A269] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Checkers for MSN Messenger.) -- C:\Windows\Downloaded Program Files\msgrchkr.dll [131472]
[MD5.A0F541D9D2CACEEC7A4A378CD0C31626] [SPRF][20/11/2006] (.Microsoft® Corporation - MSN Photo Upload Tool.) -- C:\Windows\Downloaded Program Files\MsnPUpld.dll [543544]
[MD5.4305F843E38ABB2186D0CD07982EBECD] [SPRF][15/06/2007] (.Oberon Media, Inc. - Oberon Game Host ActiveX Control.) -- C:\Windows\Downloaded Program Files\OberonGameHost.dll [632392]
[MD5.4690A678A1EC998100506D9A5809181A] [SPRF][20/11/2006] (.Eastman Kodak - PCDLIB32.) -- C:\Windows\Downloaded Program Files\pcdlib32.dll [212480]
[MD5.732CACA8E848F6E721B093E51FC50B1D] [SPRF][09/01/2007] (.Microsoft® Corporation - Outil MSN Téléchargement de photos.) -- C:\Windows\Downloaded Program Files\PURfr-fr.dll [110592]
~ Scan Files in 00mn 00s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{F286CD4E-3C37-4BC9-A286-412C1633240A}C:\program files\flightgear\bin\win32\fgfs.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\flightgear\bin\win32\fgfs.exe (.not file.)
O87 - FAEL: "UDP Query User{BAB473B4-EB90-45B1-AEBB-7F5F669B0D1A}C:\program files\flightgear\bin\win32\fgfs.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\flightgear\bin\win32\fgfs.exe (.not file.)
O87 - FAEL: "TCP Query User{CFDF7EC6-237A-4B22-AC02-91EEB02B21A2}C:\users\steph\appdata\roaming\imvuclient\1vivoxvoice.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\steph\appdata\roaming\imvuclient\1vivoxvoice.exe (.not file.)
O87 - FAEL: "UDP Query User{63307FAD-9224-4A2F-8002-536E191A816C}C:\users\steph\appdata\roaming\imvuclient\1vivoxvoice.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\steph\appdata\roaming\imvuclient\1vivoxvoice.exe (.not file.)
O87 - FAEL: "TCP Query User{44317244-983B-40F9-BCF2-2E44F8296F50}C:\program files\freeciv-2.2.1-sdl\freeciv-server.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\freeciv-2.2.1-sdl\freeciv-server.exe (.not file.)
O87 - FAEL: "UDP Query User{36CD0998-9BFF-46B3-A975-CBB95C190AB2}C:\program files\freeciv-2.2.1-sdl\freeciv-server.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\freeciv-2.2.1-sdl\freeciv-server.exe (.not file.)
O87 - FAEL: "TCP Query User{2A509099-BE01-47AF-B178-03FD2AC021D2}C:\program files\google\google earth\client\googleearth.exe" | In - Public - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "UDP Query User{A78FF0C7-39A5-4BAD-BC58-6927A2C9517A}C:\program files\google\google earth\client\googleearth.exe" | In - Public - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "TCP Query User{AE927486-05C6-4E16-9222-CD8E253A0922}C:\program files\utherverse digital inc\utherverse vww client\utherverse.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\utherverse digital inc\utherverse vww client\utherverse.e
O87 - FAEL: "UDP Query User{FAD59004-74B6-404D-8625-4C13C2F1A5E3}C:\program files\utherverse digital inc\utherverse vww client\utherverse.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\utherverse digital inc\utherverse vww client\utherverse.
O87 - FAEL: "TCP Query User{84B9DAE9-4A3D-4A27-AACD-2D26E721D8B3}C:\program files\secondlifeviewer2\slvoice.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\secondlifeviewer2\slvoice.exe (.not file.)
O87 - FAEL: "UDP Query User{10172EC5-69C4-4655-AA54-8329E613688D}C:\program files\secondlifeviewer2\slvoice.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\secondlifeviewer2\slvoice.exe (.not file.)
O87 - FAEL: "{898345DE-E5FF-47B9-9379-F2F65A1237A4}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "{782904A1-2CB7-4CB1-94A3-5A659E89081A}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{B7554155-80D8-4BBA-9D88-3C9F1E8B2215}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{7E4838A7-C7F8-41DC-AB12-60A9B115F8D5}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
~ Scan Firewall in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 8621 - (29/08/2011)
Clés trouvées (Keys found) : 14
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 10
Fichiers trouvés (Files found) : 1
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchTheWeb] =>Adware.IMBooster
[HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.ct2567681] =>Adware.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKLM\Software\ASKInstaller] =>Toolbar.AskBarDis
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Grand Virtual] =>Spyware.AgenceExclusive
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Spointer] =>Adware.SPointer
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\everest poker] =>Adware.Casino
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.AskSBar
C:\Program Files\Everest Poker =>Adware.Casino
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everest Poker =>Adware.Casino
C:\Users\steph\AppData\Roaming\OfferBox =>PUP.OfferBox
C:\Users\steph\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\steph\AppData\Local\moovida air =>Adware.SPointer
C:\Users\steph\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\steph\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\Conduit =>Toolbar.Conduit
C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\SearchPlugins\conduit.xml =>Toolbar.Conduit
~ Scan Additionnel in 00mn 09s
---\\ Recherche détournement de DNS routeur (O89)
Serveur : livebox.home
Address: 192.168.1.1
Nom : www.l.google.com
Addresses: 74.125.39.99
74.125.39.105
74.125.39.106
74.125.39.104
74.125.39.147
74.125.39.103
Aliases: www.google.fr
www.google.com
~ Scan DNS in 00mn 02s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 09/05/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 04/07/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SS - | Demand 26/08/2011 195336 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe
SR - | Auto 09/05/2011 349472 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 06/01/2009 819200 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SS - | Auto 02/05/2009 133104 | (gupdate1c9cb6791327190) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 02/05/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 02/05/2009 183280 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 01/07/2011 820520 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 06/01/2009 196608 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 06/01/2009 466944 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SS - | Auto 77480 | (Samsung Update Plus) . (...) - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
SR - | Auto 06/01/2009 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe
~ Scan Services in 00mn 03s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by steph at 07/09/2011 20:17:59
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
C:\Windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver
1 nt!IofCallDriver[0x8307D11B] -> \Device\Harddisk0\DR0[0x86B44770]
3 CLASSPNP[0x8BAA38B3] -> nt!IofCallDriver[0x8307D11B] -> \Device\Ide\IAAStorageDevice-1[0x8603F028]
kernel: MBR read successfully
user & kernel MBR OK
~ Scan MBR in 00mn 05s
End of the scan (1264 lines in 01mn 34s)(0)
Yop !
Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
Lance le, clique sur [Recherche] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[R1].txt
Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
Lance le, clique sur [Recherche] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[R1].txt
Bonsoir et merci a toi d'essayer de resoudre mon probleme :)
Rapport adwcleaner
# AdwCleaner v1.305 - Rapport créé le 08/09/2011 à 19:41:14
# Mis à jour le 07/09/11 à 19h par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : steph - PC-DE-STEPH (Administrateur)
# Exécuté depuis : C:\Users\steph\Downloads\adwcleaner0.exe
# Option [Recherche]
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Présent : C:\Users\steph\AppData\Roaming\OfferBox
Dossier Présent : C:\Users\steph\AppData\Local\Conduit
Dossier Présent : C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\Conduit
Fichier Présent : C:\Windows\system32\conduitEngine.tmp
Fichier Présent : C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\searchplugins\conduit.xml
***** [Registre] *****
Clé Présente : HKCU\Software\Offerbox
Clé Présente : HKCU\Software\AppDataLow\Software\PriceGong
Clé Présente : HKLM\SOFTWARE\Conduit
Clé Présente : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Navigateurs] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v3.5.8 (fr)
Profil : ud0pvjks.default
Fichier : C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\prefs.js
Présente : user_pref("CT2567681.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Présente : user_pref("CT2567681.CTID", "CT2567681");
Présente : user_pref("CT2567681.CurrentServerDate", "4-9-2011");
Présente : user_pref("CT2567681.DialogsAlignMode", "LTR");
Présente : user_pref("CT2567681.DownloadReferralCookieData", "");
Présente : user_pref("CT2567681.EMailNotifierPollDate", "Mon Nov 22 2010 09:02:20 GMT+0100");
Présente : user_pref("CT2567681.FeedLastCount129132852755156787", 70);
Présente : user_pref("CT2567681.FeedLastCount2929882609848814406", 697);
Présente : user_pref("CT2567681.FeedPollDate128746790824594437", "Mon Jul 26 2010 13:45:13 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate128746790988031938", "Mon Jul 26 2010 13:45:13 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate128746791145844439", "Mon Jul 26 2010 13:45:13 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate128746791280844460", "Mon Jul 26 2010 13:45:13 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate128746791444750814", "Mon Jul 26 2010 13:45:13 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate128746791615375007", "Mon Jul 26 2010 13:45:13 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate128746791787562545", "Mon Jul 26 2010 13:45:13 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214203", "Tue Aug 10 2010 13:56:39 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214209", "Tue Aug 10 2010 13:56:39 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214215", "Tue Aug 10 2010 13:56:39 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214221", "Tue Aug 10 2010 13:56:39 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214227", "Tue Aug 10 2010 13:56:39 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214233", "Tue Aug 10 2010 13:56:39 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214239", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214245", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214251", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214257", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214263", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214269", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214275", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214281", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214287", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214293", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214299", "Tue Aug 10 2010 10:22:06 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214305", "Tue Aug 10 2010 10:22:06 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214311", "Tue Aug 10 2010 10:22:08 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214317", "Tue Aug 10 2010 10:22:09 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783370573", "Tue Aug 10 2010 10:22:09 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129255209954290202", "Sun Jan 16 2011 20:52:26 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290208", "Sun Jan 16 2011 20:52:26 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290214", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290220", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290226", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290232", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290238", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290244", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290250", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290256", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290262", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290268", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290274", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290280", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290286", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290292", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290298", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290304", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290310", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290316", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290322", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedTTL128746791787562545", 5);
Présente : user_pref("CT2567681.FeedTTL129227257783214203", 30);
Présente : user_pref("CT2567681.FeedTTL129227257783214209", 2);
Présente : user_pref("CT2567681.FeedTTL129227257783214215", 2);
Présente : user_pref("CT2567681.FeedTTL129227257783214227", 2);
Présente : user_pref("CT2567681.FeedTTL129227257783214233", 30);
Présente : user_pref("CT2567681.FeedTTL129227257783214251", 5);
Présente : user_pref("CT2567681.FeedTTL129227257783214257", 5);
Présente : user_pref("CT2567681.FeedTTL129227257783214263", 5);
Présente : user_pref("CT2567681.FeedTTL129227257783214281", 5);
Présente : user_pref("CT2567681.FeedTTL129255209954290202", 30);
Présente : user_pref("CT2567681.FeedTTL129255209954290208", 2);
Présente : user_pref("CT2567681.FeedTTL129255209954290214", 2);
Présente : user_pref("CT2567681.FeedTTL129255209954290226", 2);
Présente : user_pref("CT2567681.FeedTTL129255209954290232", 30);
Présente : user_pref("CT2567681.FeedTTL129255209954290250", 5);
Présente : user_pref("CT2567681.FeedTTL129255209954290256", 5);
Présente : user_pref("CT2567681.FeedTTL129255209954290262", 5);
Présente : user_pref("CT2567681.FeedTTL129255209954290280", 5);
Présente : user_pref("CT2567681.FirstServerDate", "20-6-2010");
Présente : user_pref("CT2567681.FirstTime", true);
Présente : user_pref("CT2567681.FirstTimeFF3", true);
Présente : user_pref("CT2567681.FirstTimeSettingsDone", true);
Présente : user_pref("CT2567681.FixPageNotFoundErrors", true);
Présente : user_pref("CT2567681.GroupingServerCheckInterval", 1440);
Présente : user_pref("CT2567681.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Présente : user_pref("CT2567681.Initialize", true);
Présente : user_pref("CT2567681.InitializeCommonPrefs", true);
Présente : user_pref("CT2567681.InstallationAndCookieDataSentCount", 3);
Présente : user_pref("CT2567681.InstallationType", "UnknownIntegration");
Présente : user_pref("CT2567681.InstalledDate", "Sun Jun 20 2010 22:45:27 GMT+0200");
Présente : user_pref("CT2567681.InvalidateCache", false);
Présente : user_pref("CT2567681.IsGrouping", false);
Présente : user_pref("CT2567681.IsMulticommunity", false);
Présente : user_pref("CT2567681.IsOpenThankYouPage", false);
Présente : user_pref("CT2567681.IsOpenUninstallPage", true);
Présente : user_pref("CT2567681.LanguagePackLastCheckTime", "Sun Sep 04 2011 11:03:20 GMT+0200");
Présente : user_pref("CT2567681.LanguagePackReloadIntervalMM", 1440);
Présente : user_pref("CT2567681.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Présente : user_pref("CT2567681.LastLogin_2.6.0.15", "Sun Sep 04 2011 11:03:19 GMT+0200");
Présente : user_pref("CT2567681.LatestVersion", "3.6.0.10");
Présente : user_pref("CT2567681.Locale", "fr-fr");
Présente : user_pref("CT2567681.LoginCache", 4);
Présente : user_pref("CT2567681.MCDetectTooltipHeight", "83");
Présente : user_pref("CT2567681.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Présente : user_pref("CT2567681.MCDetectTooltipWidth", "295");
Présente : user_pref("CT2567681.RadioIsPodcast", false);
Présente : user_pref("CT2567681.RadioLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Présente : user_pref("CT2567681.RadioLastUpdateIPServer", "3");
Présente : user_pref("CT2567681.RadioLastUpdateServer", "129315462672570000");
Présente : user_pref("CT2567681.RadioMediaID", "9962");
Présente : user_pref("CT2567681.RadioMediaType", "Media Player");
Présente : user_pref("CT2567681.RadioMenuSelectedID", "EBRadioMenu_CT25676819962");
Présente : user_pref("CT2567681.RadioStationName", "California%20Rock");
Présente : user_pref("CT2567681.RadioStationURL", "hxxp://feedlive.net/california.asx");
Présente : user_pref("CT2567681.SHRINK_TOOLBAR", 1);
Présente : user_pref("CT2567681.SavedHomepage", "hxxp://www.google.fr");
Présente : user_pref("CT2567681.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2567681&octid=EB_ORIGINAL_CTID&SearchSource=1");
Présente : user_pref("CT2567681.SearchFromAddressBarIsInit", true);
Présente : user_pref("CT2567681.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q=");
Présente : user_pref("CT2567681.SearchInNewTabEnabled", true);
Présente : user_pref("CT2567681.SearchInNewTabIntervalMM", 1440);
Présente : user_pref("CT2567681.SearchInNewTabLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Présente : user_pref("CT2567681.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Présente : user_pref("CT2567681.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Présente : user_pref("CT2567681.SettingsCheckIntervalMin", 120);
Présente : user_pref("CT2567681.SettingsLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Présente : user_pref("CT2567681.SettingsLastUpdate", "1314606499");
Présente : user_pref("CT2567681.ThirdPartyComponentsInterval", 504);
Présente : user_pref("CT2567681.ThirdPartyComponentsLastCheck", "Tue Aug 23 2011 19:07:01 GMT+0200");
Présente : user_pref("CT2567681.ThirdPartyComponentsLastUpdate", "1279702307");
Présente : user_pref("CT2567681.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Présente : user_pref("CT2567681.UserID", "UN28418413445523527");
Présente : user_pref("CT2567681.ValidationData_Toolbar", 2);
Présente : user_pref("CT2567681.WeatherNetwork", "");
Présente : user_pref("CT2567681.WeatherPollDate", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.WeatherUnit", "C");
Présente : user_pref("CT2567681.alertChannelId", "960546");
Présente : user_pref("CT2567681.backendstorage.ct2567681ads1", "25374225323261647325323225334125354225374225323261696425323225334125323232323135362532322532432532327469746C65253232253341253232457370696F6E6E65253230746573253230706F746573253230257530363639253238257532354346257530333245257530333245257530333033257532303232257530333033253239257530364636253232253243253232616474657874312532322533412532326F254639253230736F6E74253230766F73253230616D69732532307472612545456E657225334625323225324325323261647465787432253232253341253232506F7572253230742545396C25453963686172676572253230636C697175657A2532306963692532302575323542432532322532432532326469737075726C2532322533412532327669706D6F62696C652E667225323225324325323261742532322533412532327325323225324325323261722532322533412532327425323225324325323275726C253232253341253232687474702533412F2F636C6B6164732E636F6D2F616453657276652F6164436C69636B2533466164696425334432323135362532367465726D253344656E742B756E69762B72656E6E65732B312532367469642533444354323536373638312532366174253344732532367473253344742532366172253344742532366B25334425323675253344736C2532322532432532326469722532322533412532326C747225323225374425324325374225323261696425323225334125323232333332332532322532432532327469746C652532322533412532322575323636362532305475253230617325323025323832253239253230616C657274652532306950686F6E6525753231323225323025753236363625323225324325323261647465787431253232253341253232766F756C657A2532306761676E6572253230756E2532306950686F6E652533462E2532306F6274656E697225323225324325323261647465787432253232253341253232766F7472652532306368616E636525323064652532306761676E65722532306D61696E74656E616E742575323542432532322532432532326469737075726C253232253341253232626C696E6B6F676F6C642E667225323225324325323261742532322533412532327325323225324325323261722532322533412532327425323225324325323275726C253232253341253232687474702533412F2F636C6B6164732E636F6D2F616453657276652F6164436C69636B2533466164696425334432333332332532367465726D253344656E742B756E69762B72656E6E65732B312532367469642533444354323536373638312532366174253344732532367473253344742532366172253344742532366B25334425323675253344736C2532322532432532326469722532322533412532326C74722532322537442535442532432532327372253232253341312532432532327363762532322533412532326E253232253744");
Présente : user_pref("CT2567681.backendstorage.ct2567681current_term", "656E742B756E69762B72656E6E65732B31");
Présente : user_pref("CT2567681.backendstorage.ct2567681sdate", "3233");
Présente : user_pref("CT2567681.backendstorage.facebook_ctid_connect_send", "73656E646564");
Présente : user_pref("CT2567681.backendstorage.for_aoi", "31333135313237303032");
Présente : user_pref("CT2567681.backendstorage.for_ccid", "52656E6E6573");
Présente : user_pref("CT2567681.backendstorage.for_cdtr5", "31333135313237303032");
Présente : user_pref("CT2567681.backendstorage.for_cid", "4652");
Présente : user_pref("CT2567681.backendstorage.for_ip", "322E322E3130322E3832");
Présente : user_pref("CT2567681.backendstorage.for_lcut", "31333135313237303032");
Présente : user_pref("CT2567681.backendstorage.for_pid", "31303132");
Présente : user_pref("CT2567681.backendstorage.for_rid", "4132");
Présente : user_pref("CT2567681.backendstorage.for_zoneid", "3130313035");
Présente : user_pref("CT2567681.backendstorage.hxxp://api16_thetrafficstat_net.pid2", "36343635393861383764633961636261");
Présente : user_pref("CT2567681.backendstorage.hxxp://api18_thetrafficstat_net.pid2", "36343635393861383764633961636261");
Présente : user_pref("CT2567681.backendstorage.hxxp://cmg1_conduit-widgets_com/miniquarium.miniquarium_closed", "66616C7365");
Présente : user_pref("CT2567681.backendstorage.hxxp://cmg1_conduit-widgets_com/miniquarium.state", "4F50454E");
Présente : user_pref("CT2567681.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
Présente : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_affid", "4672616E6365");
Présente : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_bguid", "4672616E63652D41423941363538392D423936452D464146352D414343362D333134434436313444364132");
Présente : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_lba", "3231393138373833");
Présente : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_lba1", "323031312D392D34");
Présente : user_pref("CT2567681.backendstorage.hxxp://www_toolbar-ads_com.ut", "30");
Présente : user_pref("CT2567681.clientLogIsEnabled", true);
Présente : user_pref("CT2567681.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Présente : user_pref("CT2567681.myStuffEnabled", true);
Présente : user_pref("CT2567681.myStuffPublihserMinWidth", 400);
Présente : user_pref("CT2567681.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Présente : user_pref("CT2567681.myStuffServiceIntervalMM", 1440);
Présente : user_pref("CT2567681.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Présente : user_pref("CT2567681.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Présente : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=");
Présente : user_pref("CommunityToolbar.ToolbarsList", "CT2567681");
Présente : user_pref("CommunityToolbar.ToolbarsList2", "CT2567681");
Présente : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Présente : user_pref("CommunityToolbar.alert.locale", "en");
Présente : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Présente : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Présente : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Présente : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Présente : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Présente : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Présente : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Présente : user_pref("CommunityToolbar.alert.userId", "{0fcd1893-e208-4bd7-936b-714f5cbc6589}");
Présente : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Jan 16 2011 20:52:26 GMT+0100");
Présente : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2567681");
Présente : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&SearchSource=3&q={searchTerms}");
Présente : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2567681&SearchSource=13");
Présente : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q=");
-\\ Google Chrome v [Impossible d'obtenir la version]
Fichier : C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [20477 octets] - [08/09/2011 19:41:14]
########## EOF - C:\AdwCleaner[R1].txt - [20606 octets] ##########
Rapport adwcleaner
# AdwCleaner v1.305 - Rapport créé le 08/09/2011 à 19:41:14
# Mis à jour le 07/09/11 à 19h par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : steph - PC-DE-STEPH (Administrateur)
# Exécuté depuis : C:\Users\steph\Downloads\adwcleaner0.exe
# Option [Recherche]
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Présent : C:\Users\steph\AppData\Roaming\OfferBox
Dossier Présent : C:\Users\steph\AppData\Local\Conduit
Dossier Présent : C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\Conduit
Fichier Présent : C:\Windows\system32\conduitEngine.tmp
Fichier Présent : C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\searchplugins\conduit.xml
***** [Registre] *****
Clé Présente : HKCU\Software\Offerbox
Clé Présente : HKCU\Software\AppDataLow\Software\PriceGong
Clé Présente : HKLM\SOFTWARE\Conduit
Clé Présente : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Navigateurs] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v3.5.8 (fr)
Profil : ud0pvjks.default
Fichier : C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\prefs.js
Présente : user_pref("CT2567681.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Présente : user_pref("CT2567681.CTID", "CT2567681");
Présente : user_pref("CT2567681.CurrentServerDate", "4-9-2011");
Présente : user_pref("CT2567681.DialogsAlignMode", "LTR");
Présente : user_pref("CT2567681.DownloadReferralCookieData", "");
Présente : user_pref("CT2567681.EMailNotifierPollDate", "Mon Nov 22 2010 09:02:20 GMT+0100");
Présente : user_pref("CT2567681.FeedLastCount129132852755156787", 70);
Présente : user_pref("CT2567681.FeedLastCount2929882609848814406", 697);
Présente : user_pref("CT2567681.FeedPollDate128746790824594437", "Mon Jul 26 2010 13:45:13 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate128746790988031938", "Mon Jul 26 2010 13:45:13 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate128746791145844439", "Mon Jul 26 2010 13:45:13 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate128746791280844460", "Mon Jul 26 2010 13:45:13 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate128746791444750814", "Mon Jul 26 2010 13:45:13 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate128746791615375007", "Mon Jul 26 2010 13:45:13 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate128746791787562545", "Mon Jul 26 2010 13:45:13 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214203", "Tue Aug 10 2010 13:56:39 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214209", "Tue Aug 10 2010 13:56:39 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214215", "Tue Aug 10 2010 13:56:39 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214221", "Tue Aug 10 2010 13:56:39 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214227", "Tue Aug 10 2010 13:56:39 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214233", "Tue Aug 10 2010 13:56:39 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214239", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214245", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214251", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214257", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214263", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214269", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214275", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214281", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214287", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214293", "Tue Aug 10 2010 13:56:40 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214299", "Tue Aug 10 2010 10:22:06 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214305", "Tue Aug 10 2010 10:22:06 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214311", "Tue Aug 10 2010 10:22:08 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783214317", "Tue Aug 10 2010 10:22:09 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129227257783370573", "Tue Aug 10 2010 10:22:09 GMT+0200");
Présente : user_pref("CT2567681.FeedPollDate129255209954290202", "Sun Jan 16 2011 20:52:26 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290208", "Sun Jan 16 2011 20:52:26 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290214", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290220", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290226", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290232", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290238", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290244", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290250", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290256", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290262", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290268", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290274", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290280", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290286", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290292", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290298", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290304", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290310", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290316", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedPollDate129255209954290322", "Sun Jan 16 2011 20:52:28 GMT+0100");
Présente : user_pref("CT2567681.FeedTTL128746791787562545", 5);
Présente : user_pref("CT2567681.FeedTTL129227257783214203", 30);
Présente : user_pref("CT2567681.FeedTTL129227257783214209", 2);
Présente : user_pref("CT2567681.FeedTTL129227257783214215", 2);
Présente : user_pref("CT2567681.FeedTTL129227257783214227", 2);
Présente : user_pref("CT2567681.FeedTTL129227257783214233", 30);
Présente : user_pref("CT2567681.FeedTTL129227257783214251", 5);
Présente : user_pref("CT2567681.FeedTTL129227257783214257", 5);
Présente : user_pref("CT2567681.FeedTTL129227257783214263", 5);
Présente : user_pref("CT2567681.FeedTTL129227257783214281", 5);
Présente : user_pref("CT2567681.FeedTTL129255209954290202", 30);
Présente : user_pref("CT2567681.FeedTTL129255209954290208", 2);
Présente : user_pref("CT2567681.FeedTTL129255209954290214", 2);
Présente : user_pref("CT2567681.FeedTTL129255209954290226", 2);
Présente : user_pref("CT2567681.FeedTTL129255209954290232", 30);
Présente : user_pref("CT2567681.FeedTTL129255209954290250", 5);
Présente : user_pref("CT2567681.FeedTTL129255209954290256", 5);
Présente : user_pref("CT2567681.FeedTTL129255209954290262", 5);
Présente : user_pref("CT2567681.FeedTTL129255209954290280", 5);
Présente : user_pref("CT2567681.FirstServerDate", "20-6-2010");
Présente : user_pref("CT2567681.FirstTime", true);
Présente : user_pref("CT2567681.FirstTimeFF3", true);
Présente : user_pref("CT2567681.FirstTimeSettingsDone", true);
Présente : user_pref("CT2567681.FixPageNotFoundErrors", true);
Présente : user_pref("CT2567681.GroupingServerCheckInterval", 1440);
Présente : user_pref("CT2567681.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Présente : user_pref("CT2567681.Initialize", true);
Présente : user_pref("CT2567681.InitializeCommonPrefs", true);
Présente : user_pref("CT2567681.InstallationAndCookieDataSentCount", 3);
Présente : user_pref("CT2567681.InstallationType", "UnknownIntegration");
Présente : user_pref("CT2567681.InstalledDate", "Sun Jun 20 2010 22:45:27 GMT+0200");
Présente : user_pref("CT2567681.InvalidateCache", false);
Présente : user_pref("CT2567681.IsGrouping", false);
Présente : user_pref("CT2567681.IsMulticommunity", false);
Présente : user_pref("CT2567681.IsOpenThankYouPage", false);
Présente : user_pref("CT2567681.IsOpenUninstallPage", true);
Présente : user_pref("CT2567681.LanguagePackLastCheckTime", "Sun Sep 04 2011 11:03:20 GMT+0200");
Présente : user_pref("CT2567681.LanguagePackReloadIntervalMM", 1440);
Présente : user_pref("CT2567681.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Présente : user_pref("CT2567681.LastLogin_2.6.0.15", "Sun Sep 04 2011 11:03:19 GMT+0200");
Présente : user_pref("CT2567681.LatestVersion", "3.6.0.10");
Présente : user_pref("CT2567681.Locale", "fr-fr");
Présente : user_pref("CT2567681.LoginCache", 4);
Présente : user_pref("CT2567681.MCDetectTooltipHeight", "83");
Présente : user_pref("CT2567681.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Présente : user_pref("CT2567681.MCDetectTooltipWidth", "295");
Présente : user_pref("CT2567681.RadioIsPodcast", false);
Présente : user_pref("CT2567681.RadioLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Présente : user_pref("CT2567681.RadioLastUpdateIPServer", "3");
Présente : user_pref("CT2567681.RadioLastUpdateServer", "129315462672570000");
Présente : user_pref("CT2567681.RadioMediaID", "9962");
Présente : user_pref("CT2567681.RadioMediaType", "Media Player");
Présente : user_pref("CT2567681.RadioMenuSelectedID", "EBRadioMenu_CT25676819962");
Présente : user_pref("CT2567681.RadioStationName", "California%20Rock");
Présente : user_pref("CT2567681.RadioStationURL", "hxxp://feedlive.net/california.asx");
Présente : user_pref("CT2567681.SHRINK_TOOLBAR", 1);
Présente : user_pref("CT2567681.SavedHomepage", "hxxp://www.google.fr");
Présente : user_pref("CT2567681.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2567681&octid=EB_ORIGINAL_CTID&SearchSource=1");
Présente : user_pref("CT2567681.SearchFromAddressBarIsInit", true);
Présente : user_pref("CT2567681.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q=");
Présente : user_pref("CT2567681.SearchInNewTabEnabled", true);
Présente : user_pref("CT2567681.SearchInNewTabIntervalMM", 1440);
Présente : user_pref("CT2567681.SearchInNewTabLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Présente : user_pref("CT2567681.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Présente : user_pref("CT2567681.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Présente : user_pref("CT2567681.SettingsCheckIntervalMin", 120);
Présente : user_pref("CT2567681.SettingsLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Présente : user_pref("CT2567681.SettingsLastUpdate", "1314606499");
Présente : user_pref("CT2567681.ThirdPartyComponentsInterval", 504);
Présente : user_pref("CT2567681.ThirdPartyComponentsLastCheck", "Tue Aug 23 2011 19:07:01 GMT+0200");
Présente : user_pref("CT2567681.ThirdPartyComponentsLastUpdate", "1279702307");
Présente : user_pref("CT2567681.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Présente : user_pref("CT2567681.UserID", "UN28418413445523527");
Présente : user_pref("CT2567681.ValidationData_Toolbar", 2);
Présente : user_pref("CT2567681.WeatherNetwork", "");
Présente : user_pref("CT2567681.WeatherPollDate", "Sun Jan 16 2011 20:52:27 GMT+0100");
Présente : user_pref("CT2567681.WeatherUnit", "C");
Présente : user_pref("CT2567681.alertChannelId", "960546");
Présente : user_pref("CT2567681.backendstorage.ct2567681ads1", "25374225323261647325323225334125354225374225323261696425323225334125323232323135362532322532432532327469746C65253232253341253232457370696F6E6E65253230746573253230706F746573253230257530363639253238257532354346257530333245257530333245257530333033257532303232257530333033253239257530364636253232253243253232616474657874312532322533412532326F254639253230736F6E74253230766F73253230616D69732532307472612545456E657225334625323225324325323261647465787432253232253341253232506F7572253230742545396C25453963686172676572253230636C697175657A2532306963692532302575323542432532322532432532326469737075726C2532322533412532327669706D6F62696C652E667225323225324325323261742532322533412532327325323225324325323261722532322533412532327425323225324325323275726C253232253341253232687474702533412F2F636C6B6164732E636F6D2F616453657276652F6164436C69636B2533466164696425334432323135362532367465726D253344656E742B756E69762B72656E6E65732B312532367469642533444354323536373638312532366174253344732532367473253344742532366172253344742532366B25334425323675253344736C2532322532432532326469722532322533412532326C747225323225374425324325374225323261696425323225334125323232333332332532322532432532327469746C652532322533412532322575323636362532305475253230617325323025323832253239253230616C657274652532306950686F6E6525753231323225323025753236363625323225324325323261647465787431253232253341253232766F756C657A2532306761676E6572253230756E2532306950686F6E652533462E2532306F6274656E697225323225324325323261647465787432253232253341253232766F7472652532306368616E636525323064652532306761676E65722532306D61696E74656E616E742575323542432532322532432532326469737075726C253232253341253232626C696E6B6F676F6C642E667225323225324325323261742532322533412532327325323225324325323261722532322533412532327425323225324325323275726C253232253341253232687474702533412F2F636C6B6164732E636F6D2F616453657276652F6164436C69636B2533466164696425334432333332332532367465726D253344656E742B756E69762B72656E6E65732B312532367469642533444354323536373638312532366174253344732532367473253344742532366172253344742532366B25334425323675253344736C2532322532432532326469722532322533412532326C74722532322537442535442532432532327372253232253341312532432532327363762532322533412532326E253232253744");
Présente : user_pref("CT2567681.backendstorage.ct2567681current_term", "656E742B756E69762B72656E6E65732B31");
Présente : user_pref("CT2567681.backendstorage.ct2567681sdate", "3233");
Présente : user_pref("CT2567681.backendstorage.facebook_ctid_connect_send", "73656E646564");
Présente : user_pref("CT2567681.backendstorage.for_aoi", "31333135313237303032");
Présente : user_pref("CT2567681.backendstorage.for_ccid", "52656E6E6573");
Présente : user_pref("CT2567681.backendstorage.for_cdtr5", "31333135313237303032");
Présente : user_pref("CT2567681.backendstorage.for_cid", "4652");
Présente : user_pref("CT2567681.backendstorage.for_ip", "322E322E3130322E3832");
Présente : user_pref("CT2567681.backendstorage.for_lcut", "31333135313237303032");
Présente : user_pref("CT2567681.backendstorage.for_pid", "31303132");
Présente : user_pref("CT2567681.backendstorage.for_rid", "4132");
Présente : user_pref("CT2567681.backendstorage.for_zoneid", "3130313035");
Présente : user_pref("CT2567681.backendstorage.hxxp://api16_thetrafficstat_net.pid2", "36343635393861383764633961636261");
Présente : user_pref("CT2567681.backendstorage.hxxp://api18_thetrafficstat_net.pid2", "36343635393861383764633961636261");
Présente : user_pref("CT2567681.backendstorage.hxxp://cmg1_conduit-widgets_com/miniquarium.miniquarium_closed", "66616C7365");
Présente : user_pref("CT2567681.backendstorage.hxxp://cmg1_conduit-widgets_com/miniquarium.state", "4F50454E");
Présente : user_pref("CT2567681.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
Présente : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_affid", "4672616E6365");
Présente : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_bguid", "4672616E63652D41423941363538392D423936452D464146352D414343362D333134434436313444364132");
Présente : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_lba", "3231393138373833");
Présente : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_lba1", "323031312D392D34");
Présente : user_pref("CT2567681.backendstorage.hxxp://www_toolbar-ads_com.ut", "30");
Présente : user_pref("CT2567681.clientLogIsEnabled", true);
Présente : user_pref("CT2567681.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Présente : user_pref("CT2567681.myStuffEnabled", true);
Présente : user_pref("CT2567681.myStuffPublihserMinWidth", 400);
Présente : user_pref("CT2567681.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Présente : user_pref("CT2567681.myStuffServiceIntervalMM", 1440);
Présente : user_pref("CT2567681.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Présente : user_pref("CT2567681.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Présente : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=");
Présente : user_pref("CommunityToolbar.ToolbarsList", "CT2567681");
Présente : user_pref("CommunityToolbar.ToolbarsList2", "CT2567681");
Présente : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Présente : user_pref("CommunityToolbar.alert.locale", "en");
Présente : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Présente : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Présente : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Présente : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Présente : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Présente : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Présente : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Présente : user_pref("CommunityToolbar.alert.userId", "{0fcd1893-e208-4bd7-936b-714f5cbc6589}");
Présente : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Jan 16 2011 20:52:26 GMT+0100");
Présente : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2567681");
Présente : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&SearchSource=3&q={searchTerms}");
Présente : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2567681&SearchSource=13");
Présente : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q=");
-\\ Google Chrome v [Impossible d'obtenir la version]
Fichier : C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [20477 octets] - [08/09/2011 19:41:14]
########## EOF - C:\AdwCleaner[R1].txt - [20606 octets] ##########
Bien ;) repasse le en mode suppression et passe moi le rapport.
Puis :
--------------------------------------------------------------------------------------
* Télécharge AD-Remover(de la TeamXscript) sur ton Bureau.
Déconnecte toi et ferme toutes les applications en cours
* Double-clique sur l'icône AD-Remover
* Au menu principal, clique sur Scanner
* Confirme le lancement de l'analyse et laisse l'outil travailler
* Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-CLEAN.txt )
Puis :
--------------------------------------------------------------------------------------
* Télécharge AD-Remover(de la TeamXscript) sur ton Bureau.
Déconnecte toi et ferme toutes les applications en cours
* Double-clique sur l'icône AD-Remover
* Au menu principal, clique sur Scanner
* Confirme le lancement de l'analyse et laisse l'outil travailler
* Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-CLEAN.txt )
rapport adcleaner suppression
# AdwCleaner v1.305 - Rapport créé le 08/09/2011 à 19:46:32
# Mis à jour le 07/09/11 à 19h par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : steph - PC-DE-STEPH (Administrateur)
# Exécuté depuis : C:\Users\steph\Downloads\adwcleaner0.exe
# Option [Suppression]
***** [KillNav] *****
# firefox.exe [PID:2708] -> Tué
# iexplore.exe [PID:5496] -> Tué
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Users\steph\AppData\Roaming\OfferBox
Dossier Supprimé : C:\Users\steph\AppData\Local\Conduit
Dossier Supprimé : C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\Conduit
Fichier Supprimé : C:\Windows\system32\conduitEngine.tmp
Fichier Supprimé : C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\searchplugins\conduit.xml
***** [Registre] *****
Clé Supprimée : HKCU\Software\Offerbox
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Navigateurs] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v3.5.8 (fr)
Profil : ud0pvjks.default
Fichier : C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\prefs.js
Supprimée : user_pref("CT2567681.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Supprimée : user_pref("CT2567681.CTID", "CT2567681");
Supprimée : user_pref("CT2567681.CurrentServerDate", "4-9-2011");
Supprimée : user_pref("CT2567681.DialogsAlignMode", "LTR");
Supprimée : user_pref("CT2567681.DownloadReferralCookieData", "");
Supprimée : user_pref("CT2567681.EMailNotifierPollDate", "Mon Nov 22 2010 09:02:20 GMT+0100");
Supprimée : user_pref("CT2567681.FeedLastCount129132852755156787", 70);
Supprimée : user_pref("CT2567681.FeedLastCount2929882609848814406", 697);
Supprimée : user_pref("CT2567681.FeedPollDate128746790824594437", "Mon Jul 26 2010 13:45:13 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate128746790988031938", "Mon Jul 26 2010 13:45:13 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate128746791145844439", "Mon Jul 26 2010 13:45:13 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate128746791280844460", "Mon Jul 26 2010 13:45:13 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate128746791444750814", "Mon Jul 26 2010 13:45:13 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate128746791615375007", "Mon Jul 26 2010 13:45:13 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate128746791787562545", "Mon Jul 26 2010 13:45:13 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214203", "Tue Aug 10 2010 13:56:39 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214209", "Tue Aug 10 2010 13:56:39 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214215", "Tue Aug 10 2010 13:56:39 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214221", "Tue Aug 10 2010 13:56:39 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214227", "Tue Aug 10 2010 13:56:39 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214233", "Tue Aug 10 2010 13:56:39 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214239", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214245", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214251", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214257", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214263", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214269", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214275", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214281", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214287", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214293", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214299", "Tue Aug 10 2010 10:22:06 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214305", "Tue Aug 10 2010 10:22:06 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214311", "Tue Aug 10 2010 10:22:08 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214317", "Tue Aug 10 2010 10:22:09 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783370573", "Tue Aug 10 2010 10:22:09 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290202", "Sun Jan 16 2011 20:52:26 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290208", "Sun Jan 16 2011 20:52:26 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290214", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290220", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290226", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290232", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290238", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290244", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290250", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290256", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290262", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290268", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290274", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290280", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290286", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290292", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290298", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290304", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290310", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290316", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290322", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedTTL128746791787562545", 5);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214203", 30);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214209", 2);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214215", 2);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214227", 2);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214233", 30);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214251", 5);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214257", 5);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214263", 5);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214281", 5);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290202", 30);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290208", 2);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290214", 2);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290226", 2);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290232", 30);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290250", 5);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290256", 5);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290262", 5);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290280", 5);
Supprimée : user_pref("CT2567681.FirstServerDate", "20-6-2010");
Supprimée : user_pref("CT2567681.FirstTime", true);
Supprimée : user_pref("CT2567681.FirstTimeFF3", true);
Supprimée : user_pref("CT2567681.FirstTimeSettingsDone", true);
Supprimée : user_pref("CT2567681.FixPageNotFoundErrors", true);
Supprimée : user_pref("CT2567681.GroupingServerCheckInterval", 1440);
Supprimée : user_pref("CT2567681.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Supprimée : user_pref("CT2567681.Initialize", true);
Supprimée : user_pref("CT2567681.InitializeCommonPrefs", true);
Supprimée : user_pref("CT2567681.InstallationAndCookieDataSentCount", 3);
Supprimée : user_pref("CT2567681.InstallationType", "UnknownIntegration");
Supprimée : user_pref("CT2567681.InstalledDate", "Sun Jun 20 2010 22:45:27 GMT+0200");
Supprimée : user_pref("CT2567681.InvalidateCache", false);
Supprimée : user_pref("CT2567681.IsGrouping", false);
Supprimée : user_pref("CT2567681.IsMulticommunity", false);
Supprimée : user_pref("CT2567681.IsOpenThankYouPage", false);
Supprimée : user_pref("CT2567681.IsOpenUninstallPage", true);
Supprimée : user_pref("CT2567681.LanguagePackLastCheckTime", "Sun Sep 04 2011 11:03:20 GMT+0200");
Supprimée : user_pref("CT2567681.LanguagePackReloadIntervalMM", 1440);
Supprimée : user_pref("CT2567681.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Supprimée : user_pref("CT2567681.LastLogin_2.6.0.15", "Sun Sep 04 2011 11:03:19 GMT+0200");
Supprimée : user_pref("CT2567681.LatestVersion", "3.6.0.10");
Supprimée : user_pref("CT2567681.Locale", "fr-fr");
Supprimée : user_pref("CT2567681.LoginCache", 4);
Supprimée : user_pref("CT2567681.MCDetectTooltipHeight", "83");
Supprimée : user_pref("CT2567681.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Supprimée : user_pref("CT2567681.MCDetectTooltipWidth", "295");
Supprimée : user_pref("CT2567681.RadioIsPodcast", false);
Supprimée : user_pref("CT2567681.RadioLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Supprimée : user_pref("CT2567681.RadioLastUpdateIPServer", "3");
Supprimée : user_pref("CT2567681.RadioLastUpdateServer", "129315462672570000");
Supprimée : user_pref("CT2567681.RadioMediaID", "9962");
Supprimée : user_pref("CT2567681.RadioMediaType", "Media Player");
Supprimée : user_pref("CT2567681.RadioMenuSelectedID", "EBRadioMenu_CT25676819962");
Supprimée : user_pref("CT2567681.RadioStationName", "California%20Rock");
Supprimée : user_pref("CT2567681.RadioStationURL", "hxxp://feedlive.net/california.asx");
Supprimée : user_pref("CT2567681.SHRINK_TOOLBAR", 1);
Supprimée : user_pref("CT2567681.SavedHomepage", "hxxp://www.google.fr");
Supprimée : user_pref("CT2567681.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2567681&octid=EB_ORIGINAL_CTID&SearchSource=1");
Supprimée : user_pref("CT2567681.SearchFromAddressBarIsInit", true);
Supprimée : user_pref("CT2567681.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q=");
Supprimée : user_pref("CT2567681.SearchInNewTabEnabled", true);
Supprimée : user_pref("CT2567681.SearchInNewTabIntervalMM", 1440);
Supprimée : user_pref("CT2567681.SearchInNewTabLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Supprimée : user_pref("CT2567681.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Supprimée : user_pref("CT2567681.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Supprimée : user_pref("CT2567681.SettingsCheckIntervalMin", 120);
Supprimée : user_pref("CT2567681.SettingsLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Supprimée : user_pref("CT2567681.SettingsLastUpdate", "1314606499");
Supprimée : user_pref("CT2567681.ThirdPartyComponentsInterval", 504);
Supprimée : user_pref("CT2567681.ThirdPartyComponentsLastCheck", "Tue Aug 23 2011 19:07:01 GMT+0200");
Supprimée : user_pref("CT2567681.ThirdPartyComponentsLastUpdate", "1279702307");
Supprimée : user_pref("CT2567681.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Supprimée : user_pref("CT2567681.UserID", "UN28418413445523527");
Supprimée : user_pref("CT2567681.ValidationData_Toolbar", 2);
Supprimée : user_pref("CT2567681.WeatherNetwork", "");
Supprimée : user_pref("CT2567681.WeatherPollDate", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.WeatherUnit", "C");
Supprimée : user_pref("CT2567681.alertChannelId", "960546");
Supprimée : user_pref("CT2567681.backendstorage.ct2567681ads1", "25374225323261647325323225334125354225374225323261696425323225334125323232323135362532322532432532327469746C65253232253341253232457370696F6E6E65253230746573253230706F746573253230257530363639253238257532354346257530333245257530333245257530333033257532303232257530333033253239257530364636253232253243253232616474657874312532322533412532326F254639253230736F6E74253230766F73253230616D69732532307472612545456E657225334625323225324325323261647465787432253232253341253232506F7572253230742545396C25453963686172676572253230636C697175657A2532306963692532302575323542432532322532432532326469737075726C2532322533412532327669706D6F62696C652E667225323225324325323261742532322533412532327325323225324325323261722532322533412532327425323225324325323275726C253232253341253232687474702533412F2F636C6B6164732E636F6D2F616453657276652F6164436C69636B2533466164696425334432323135362532367465726D253344656E742B756E69762B72656E6E65732B312532367469642533444354323536373638312532366174253344732532367473253344742532366172253344742532366B25334425323675253344736C2532322532432532326469722532322533412532326C747225323225374425324325374225323261696425323225334125323232333332332532322532432532327469746C652532322533412532322575323636362532305475253230617325323025323832253239253230616C657274652532306950686F6E6525753231323225323025753236363625323225324325323261647465787431253232253341253232766F756C657A2532306761676E6572253230756E2532306950686F6E652533462E2532306F6274656E697225323225324325323261647465787432253232253341253232766F7472652532306368616E636525323064652532306761676E65722532306D61696E74656E616E742575323542432532322532432532326469737075726C253232253341253232626C696E6B6F676F6C642E667225323225324325323261742532322533412532327325323225324325323261722532322533412532327425323225324325323275726C253232253341253232687474702533412F2F636C6B6164732E636F6D2F616453657276652F6164436C69636B2533466164696425334432333332332532367465726D253344656E742B756E69762B72656E6E65732B312532367469642533444354323536373638312532366174253344732532367473253344742532366172253344742532366B25334425323675253344736C2532322532432532326469722532322533412532326C74722532322537442535442532432532327372253232253341312532432532327363762532322533412532326E253232253744");
Supprimée : user_pref("CT2567681.backendstorage.ct2567681current_term", "656E742B756E69762B72656E6E65732B31");
Supprimée : user_pref("CT2567681.backendstorage.ct2567681sdate", "3233");
Supprimée : user_pref("CT2567681.backendstorage.facebook_ctid_connect_send", "73656E646564");
Supprimée : user_pref("CT2567681.backendstorage.for_aoi", "31333135313237303032");
Supprimée : user_pref("CT2567681.backendstorage.for_ccid", "52656E6E6573");
Supprimée : user_pref("CT2567681.backendstorage.for_cdtr5", "31333135313237303032");
Supprimée : user_pref("CT2567681.backendstorage.for_cid", "4652");
Supprimée : user_pref("CT2567681.backendstorage.for_ip", "322E322E3130322E3832");
Supprimée : user_pref("CT2567681.backendstorage.for_lcut", "31333135313237303032");
Supprimée : user_pref("CT2567681.backendstorage.for_pid", "31303132");
Supprimée : user_pref("CT2567681.backendstorage.for_rid", "4132");
Supprimée : user_pref("CT2567681.backendstorage.for_zoneid", "3130313035");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://api16_thetrafficstat_net.pid2", "36343635393861383764633961636261");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://api18_thetrafficstat_net.pid2", "36343635393861383764633961636261");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://cmg1_conduit-widgets_com/miniquarium.miniquarium_closed", "66616C7365");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://cmg1_conduit-widgets_com/miniquarium.state", "4F50454E");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_affid", "4672616E6365");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_bguid", "4672616E63652D41423941363538392D423936452D464146352D414343362D333134434436313444364132");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_lba", "3231393138373833");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_lba1", "323031312D392D34");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://www_toolbar-ads_com.ut", "30");
Supprimée : user_pref("CT2567681.clientLogIsEnabled", true);
Supprimée : user_pref("CT2567681.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Supprimée : user_pref("CT2567681.myStuffEnabled", true);
Supprimée : user_pref("CT2567681.myStuffPublihserMinWidth", 400);
Supprimée : user_pref("CT2567681.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Supprimée : user_pref("CT2567681.myStuffServiceIntervalMM", 1440);
Supprimée : user_pref("CT2567681.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Supprimée : user_pref("CT2567681.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Supprimée : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=");
Supprimée : user_pref("CommunityToolbar.ToolbarsList", "CT2567681");
Supprimée : user_pref("CommunityToolbar.ToolbarsList2", "CT2567681");
Supprimée : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Supprimée : user_pref("CommunityToolbar.alert.locale", "en");
Supprimée : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Supprimée : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Supprimée : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Supprimée : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Supprimée : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Supprimée : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Supprimée : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Supprimée : user_pref("CommunityToolbar.alert.userId", "{0fcd1893-e208-4bd7-936b-714f5cbc6589}");
Supprimée : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Jan 16 2011 20:52:26 GMT+0100");
Supprimée : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2567681");
Supprimée : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&SearchSource=3&q={searchTerms}");
Supprimée : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2567681&SearchSource=13");
Supprimée : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q=");
-\\ Google Chrome v [Impossible d'obtenir la version]
Fichier : C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [20608 octets] - [08/09/2011 19:41:14]
AdwCleaner[S1].txt - [20720 octets] - [08/09/2011 19:46:32]
########## EOF - C:\AdwCleaner[S1].txt - [20849 octets] ##########
# AdwCleaner v1.305 - Rapport créé le 08/09/2011 à 19:46:32
# Mis à jour le 07/09/11 à 19h par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : steph - PC-DE-STEPH (Administrateur)
# Exécuté depuis : C:\Users\steph\Downloads\adwcleaner0.exe
# Option [Suppression]
***** [KillNav] *****
# firefox.exe [PID:2708] -> Tué
# iexplore.exe [PID:5496] -> Tué
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Users\steph\AppData\Roaming\OfferBox
Dossier Supprimé : C:\Users\steph\AppData\Local\Conduit
Dossier Supprimé : C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\Conduit
Fichier Supprimé : C:\Windows\system32\conduitEngine.tmp
Fichier Supprimé : C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\searchplugins\conduit.xml
***** [Registre] *****
Clé Supprimée : HKCU\Software\Offerbox
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Navigateurs] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v3.5.8 (fr)
Profil : ud0pvjks.default
Fichier : C:\Users\steph\AppData\Roaming\Mozilla\Firefox\Profiles\ud0pvjks.default\prefs.js
Supprimée : user_pref("CT2567681.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Supprimée : user_pref("CT2567681.CTID", "CT2567681");
Supprimée : user_pref("CT2567681.CurrentServerDate", "4-9-2011");
Supprimée : user_pref("CT2567681.DialogsAlignMode", "LTR");
Supprimée : user_pref("CT2567681.DownloadReferralCookieData", "");
Supprimée : user_pref("CT2567681.EMailNotifierPollDate", "Mon Nov 22 2010 09:02:20 GMT+0100");
Supprimée : user_pref("CT2567681.FeedLastCount129132852755156787", 70);
Supprimée : user_pref("CT2567681.FeedLastCount2929882609848814406", 697);
Supprimée : user_pref("CT2567681.FeedPollDate128746790824594437", "Mon Jul 26 2010 13:45:13 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate128746790988031938", "Mon Jul 26 2010 13:45:13 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate128746791145844439", "Mon Jul 26 2010 13:45:13 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate128746791280844460", "Mon Jul 26 2010 13:45:13 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate128746791444750814", "Mon Jul 26 2010 13:45:13 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate128746791615375007", "Mon Jul 26 2010 13:45:13 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate128746791787562545", "Mon Jul 26 2010 13:45:13 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214203", "Tue Aug 10 2010 13:56:39 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214209", "Tue Aug 10 2010 13:56:39 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214215", "Tue Aug 10 2010 13:56:39 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214221", "Tue Aug 10 2010 13:56:39 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214227", "Tue Aug 10 2010 13:56:39 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214233", "Tue Aug 10 2010 13:56:39 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214239", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214245", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214251", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214257", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214263", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214269", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214275", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214281", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214287", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214293", "Tue Aug 10 2010 13:56:40 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214299", "Tue Aug 10 2010 10:22:06 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214305", "Tue Aug 10 2010 10:22:06 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214311", "Tue Aug 10 2010 10:22:08 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783214317", "Tue Aug 10 2010 10:22:09 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129227257783370573", "Tue Aug 10 2010 10:22:09 GMT+0200");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290202", "Sun Jan 16 2011 20:52:26 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290208", "Sun Jan 16 2011 20:52:26 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290214", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290220", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290226", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290232", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290238", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290244", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290250", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290256", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290262", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290268", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290274", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290280", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290286", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290292", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290298", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290304", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290310", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290316", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedPollDate129255209954290322", "Sun Jan 16 2011 20:52:28 GMT+0100");
Supprimée : user_pref("CT2567681.FeedTTL128746791787562545", 5);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214203", 30);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214209", 2);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214215", 2);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214227", 2);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214233", 30);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214251", 5);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214257", 5);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214263", 5);
Supprimée : user_pref("CT2567681.FeedTTL129227257783214281", 5);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290202", 30);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290208", 2);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290214", 2);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290226", 2);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290232", 30);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290250", 5);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290256", 5);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290262", 5);
Supprimée : user_pref("CT2567681.FeedTTL129255209954290280", 5);
Supprimée : user_pref("CT2567681.FirstServerDate", "20-6-2010");
Supprimée : user_pref("CT2567681.FirstTime", true);
Supprimée : user_pref("CT2567681.FirstTimeFF3", true);
Supprimée : user_pref("CT2567681.FirstTimeSettingsDone", true);
Supprimée : user_pref("CT2567681.FixPageNotFoundErrors", true);
Supprimée : user_pref("CT2567681.GroupingServerCheckInterval", 1440);
Supprimée : user_pref("CT2567681.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Supprimée : user_pref("CT2567681.Initialize", true);
Supprimée : user_pref("CT2567681.InitializeCommonPrefs", true);
Supprimée : user_pref("CT2567681.InstallationAndCookieDataSentCount", 3);
Supprimée : user_pref("CT2567681.InstallationType", "UnknownIntegration");
Supprimée : user_pref("CT2567681.InstalledDate", "Sun Jun 20 2010 22:45:27 GMT+0200");
Supprimée : user_pref("CT2567681.InvalidateCache", false);
Supprimée : user_pref("CT2567681.IsGrouping", false);
Supprimée : user_pref("CT2567681.IsMulticommunity", false);
Supprimée : user_pref("CT2567681.IsOpenThankYouPage", false);
Supprimée : user_pref("CT2567681.IsOpenUninstallPage", true);
Supprimée : user_pref("CT2567681.LanguagePackLastCheckTime", "Sun Sep 04 2011 11:03:20 GMT+0200");
Supprimée : user_pref("CT2567681.LanguagePackReloadIntervalMM", 1440);
Supprimée : user_pref("CT2567681.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Supprimée : user_pref("CT2567681.LastLogin_2.6.0.15", "Sun Sep 04 2011 11:03:19 GMT+0200");
Supprimée : user_pref("CT2567681.LatestVersion", "3.6.0.10");
Supprimée : user_pref("CT2567681.Locale", "fr-fr");
Supprimée : user_pref("CT2567681.LoginCache", 4);
Supprimée : user_pref("CT2567681.MCDetectTooltipHeight", "83");
Supprimée : user_pref("CT2567681.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Supprimée : user_pref("CT2567681.MCDetectTooltipWidth", "295");
Supprimée : user_pref("CT2567681.RadioIsPodcast", false);
Supprimée : user_pref("CT2567681.RadioLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Supprimée : user_pref("CT2567681.RadioLastUpdateIPServer", "3");
Supprimée : user_pref("CT2567681.RadioLastUpdateServer", "129315462672570000");
Supprimée : user_pref("CT2567681.RadioMediaID", "9962");
Supprimée : user_pref("CT2567681.RadioMediaType", "Media Player");
Supprimée : user_pref("CT2567681.RadioMenuSelectedID", "EBRadioMenu_CT25676819962");
Supprimée : user_pref("CT2567681.RadioStationName", "California%20Rock");
Supprimée : user_pref("CT2567681.RadioStationURL", "hxxp://feedlive.net/california.asx");
Supprimée : user_pref("CT2567681.SHRINK_TOOLBAR", 1);
Supprimée : user_pref("CT2567681.SavedHomepage", "hxxp://www.google.fr");
Supprimée : user_pref("CT2567681.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2567681&octid=EB_ORIGINAL_CTID&SearchSource=1");
Supprimée : user_pref("CT2567681.SearchFromAddressBarIsInit", true);
Supprimée : user_pref("CT2567681.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q=");
Supprimée : user_pref("CT2567681.SearchInNewTabEnabled", true);
Supprimée : user_pref("CT2567681.SearchInNewTabIntervalMM", 1440);
Supprimée : user_pref("CT2567681.SearchInNewTabLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Supprimée : user_pref("CT2567681.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Supprimée : user_pref("CT2567681.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Supprimée : user_pref("CT2567681.SettingsCheckIntervalMin", 120);
Supprimée : user_pref("CT2567681.SettingsLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Supprimée : user_pref("CT2567681.SettingsLastUpdate", "1314606499");
Supprimée : user_pref("CT2567681.ThirdPartyComponentsInterval", 504);
Supprimée : user_pref("CT2567681.ThirdPartyComponentsLastCheck", "Tue Aug 23 2011 19:07:01 GMT+0200");
Supprimée : user_pref("CT2567681.ThirdPartyComponentsLastUpdate", "1279702307");
Supprimée : user_pref("CT2567681.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Supprimée : user_pref("CT2567681.UserID", "UN28418413445523527");
Supprimée : user_pref("CT2567681.ValidationData_Toolbar", 2);
Supprimée : user_pref("CT2567681.WeatherNetwork", "");
Supprimée : user_pref("CT2567681.WeatherPollDate", "Sun Jan 16 2011 20:52:27 GMT+0100");
Supprimée : user_pref("CT2567681.WeatherUnit", "C");
Supprimée : user_pref("CT2567681.alertChannelId", "960546");
Supprimée : user_pref("CT2567681.backendstorage.ct2567681ads1", "25374225323261647325323225334125354225374225323261696425323225334125323232323135362532322532432532327469746C65253232253341253232457370696F6E6E65253230746573253230706F746573253230257530363639253238257532354346257530333245257530333245257530333033257532303232257530333033253239257530364636253232253243253232616474657874312532322533412532326F254639253230736F6E74253230766F73253230616D69732532307472612545456E657225334625323225324325323261647465787432253232253341253232506F7572253230742545396C25453963686172676572253230636C697175657A2532306963692532302575323542432532322532432532326469737075726C2532322533412532327669706D6F62696C652E667225323225324325323261742532322533412532327325323225324325323261722532322533412532327425323225324325323275726C253232253341253232687474702533412F2F636C6B6164732E636F6D2F616453657276652F6164436C69636B2533466164696425334432323135362532367465726D253344656E742B756E69762B72656E6E65732B312532367469642533444354323536373638312532366174253344732532367473253344742532366172253344742532366B25334425323675253344736C2532322532432532326469722532322533412532326C747225323225374425324325374225323261696425323225334125323232333332332532322532432532327469746C652532322533412532322575323636362532305475253230617325323025323832253239253230616C657274652532306950686F6E6525753231323225323025753236363625323225324325323261647465787431253232253341253232766F756C657A2532306761676E6572253230756E2532306950686F6E652533462E2532306F6274656E697225323225324325323261647465787432253232253341253232766F7472652532306368616E636525323064652532306761676E65722532306D61696E74656E616E742575323542432532322532432532326469737075726C253232253341253232626C696E6B6F676F6C642E667225323225324325323261742532322533412532327325323225324325323261722532322533412532327425323225324325323275726C253232253341253232687474702533412F2F636C6B6164732E636F6D2F616453657276652F6164436C69636B2533466164696425334432333332332532367465726D253344656E742B756E69762B72656E6E65732B312532367469642533444354323536373638312532366174253344732532367473253344742532366172253344742532366B25334425323675253344736C2532322532432532326469722532322533412532326C74722532322537442535442532432532327372253232253341312532432532327363762532322533412532326E253232253744");
Supprimée : user_pref("CT2567681.backendstorage.ct2567681current_term", "656E742B756E69762B72656E6E65732B31");
Supprimée : user_pref("CT2567681.backendstorage.ct2567681sdate", "3233");
Supprimée : user_pref("CT2567681.backendstorage.facebook_ctid_connect_send", "73656E646564");
Supprimée : user_pref("CT2567681.backendstorage.for_aoi", "31333135313237303032");
Supprimée : user_pref("CT2567681.backendstorage.for_ccid", "52656E6E6573");
Supprimée : user_pref("CT2567681.backendstorage.for_cdtr5", "31333135313237303032");
Supprimée : user_pref("CT2567681.backendstorage.for_cid", "4652");
Supprimée : user_pref("CT2567681.backendstorage.for_ip", "322E322E3130322E3832");
Supprimée : user_pref("CT2567681.backendstorage.for_lcut", "31333135313237303032");
Supprimée : user_pref("CT2567681.backendstorage.for_pid", "31303132");
Supprimée : user_pref("CT2567681.backendstorage.for_rid", "4132");
Supprimée : user_pref("CT2567681.backendstorage.for_zoneid", "3130313035");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://api16_thetrafficstat_net.pid2", "36343635393861383764633961636261");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://api18_thetrafficstat_net.pid2", "36343635393861383764633961636261");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://cmg1_conduit-widgets_com/miniquarium.miniquarium_closed", "66616C7365");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://cmg1_conduit-widgets_com/miniquarium.state", "4F50454E");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_affid", "4672616E6365");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_bguid", "4672616E63652D41423941363538392D423936452D464146352D414343362D333134434436313444364132");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_lba", "3231393138373833");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://www_blabbers_com/app/conduit.bbrs_lba1", "323031312D392D34");
Supprimée : user_pref("CT2567681.backendstorage.hxxp://www_toolbar-ads_com.ut", "30");
Supprimée : user_pref("CT2567681.clientLogIsEnabled", true);
Supprimée : user_pref("CT2567681.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Supprimée : user_pref("CT2567681.myStuffEnabled", true);
Supprimée : user_pref("CT2567681.myStuffPublihserMinWidth", 400);
Supprimée : user_pref("CT2567681.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Supprimée : user_pref("CT2567681.myStuffServiceIntervalMM", 1440);
Supprimée : user_pref("CT2567681.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Supprimée : user_pref("CT2567681.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Supprimée : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=");
Supprimée : user_pref("CommunityToolbar.ToolbarsList", "CT2567681");
Supprimée : user_pref("CommunityToolbar.ToolbarsList2", "CT2567681");
Supprimée : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Supprimée : user_pref("CommunityToolbar.alert.locale", "en");
Supprimée : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Supprimée : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Sep 04 2011 11:03:19 GMT+0200");
Supprimée : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Supprimée : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Supprimée : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Supprimée : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Supprimée : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Supprimée : user_pref("CommunityToolbar.alert.userId", "{0fcd1893-e208-4bd7-936b-714f5cbc6589}");
Supprimée : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Jan 16 2011 20:52:26 GMT+0100");
Supprimée : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2567681");
Supprimée : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&SearchSource=3&q={searchTerms}");
Supprimée : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2567681&SearchSource=13");
Supprimée : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q=");
-\\ Google Chrome v [Impossible d'obtenir la version]
Fichier : C:\Users\steph\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [20608 octets] - [08/09/2011 19:41:14]
AdwCleaner[S1].txt - [20720 octets] - [08/09/2011 19:46:32]
########## EOF - C:\AdwCleaner[S1].txt - [20849 octets] ##########
rapport ad remover
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 19:50:08 le 08/09/2011, Mode normal
Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X86)
steph@PC-DE-STEPH (SAMSUNG ELECTRONICS CO., LTD. R610)
============== RECHERCHE ==============
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everest Poker
Dossier trouvé: C:\Program Files\Everest Poker
Dossier trouvé: C:\Users\steph\AppData\LocalLow\Conduit
Dossier trouvé: C:\Users\steph\AppData\LocalLow\PriceGong
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2567681
Clé trouvée: HKLM\Software\ASKInstaller
Clé trouvée: HKCU\Software\Grand Virtual
Clé trouvée: HKCU\Software\Spointer
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Everest Poker
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchTheWeb
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.5.8 (fr)] ****
HKLM_MozillaPlugins\Adobe Reader (x)
Components\aboutCertError.js
Components\aboutPrivateBrowsing.js
Components\aboutRights.js
Components\aboutRobots.js
Components\aboutSessionRestore.js
Components\nsPostUpdateWin.js
-- C:\Users\steph\AppData\Roaming\Mozilla\FireFox\Profiles\ud0pvjks.default --
Extensions\{59994074-c06d-4a75-9768-49e5a8c21264} (Messenger Plus Live France Toolbar)
Extensions\{7a88e876-d715-4503-a7bf-a8eba13ca3f9} (SocialPlus)
Prefs.js - browser.download.lastDir, C:\\Users\\steph\\Pictures
Prefs.js - browser.search.selectedEngine, Messenger Plus Live France Customized Web Search
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.1.8
========================================
**** Internet Explorer Version [9.0.8112.16421] ****
HKCU_Main|Default_Page_URL - hxxp://fr.msn.com/?ocid=OIE9HP
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_Main|Start Page - hxxp://www.google.fr/
HKLM_Main|Default_Page_URL - hxxp:\\www.samsungcomputer.com
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKCU_URLSearchHooks|{59994074-c06d-4a75-9768-49e5a8c21264} (x)
HKCU_SearchScopes\{CB92631F-B0A3-4B1E-935E-CD0B33BA48EB} - "hooseek" (hxxp://www.hooseek.com/web?recherche={searchTerms})
HKCU_Toolbar\WebBrowser|{59994074-C06D-4A75-9768-49E5A8C21264} (x)
HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (x)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
HKCU_ElevationPolicy\{3BF5556C-0280-4573-8D89-22C71C3DDC0B} - C:\Windows\System32\Macromed\Flash\FlashUtil9f.exe (x)
HKLM_ElevationPolicy\dcf597b0-1b9e-4dbd-b403-4704d293b253 - C:\Program Files\Messenger_Plus_Live_France\Messenger_Plus_Live_FranceToolbarHelper.exe (x)
HKLM_ElevationPolicy\f3a21600-ff23-4010-9f5c-7586404c1586 - C:\Program Files\Eazel-FR\Eazel-FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 08/09/2011 19:50:30 (4052 Octet(s))
Fin à: 19:51:15, 08/09/2011
============== E.O.F ==============
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 19:50:08 le 08/09/2011, Mode normal
Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X86)
steph@PC-DE-STEPH (SAMSUNG ELECTRONICS CO., LTD. R610)
============== RECHERCHE ==============
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everest Poker
Dossier trouvé: C:\Program Files\Everest Poker
Dossier trouvé: C:\Users\steph\AppData\LocalLow\Conduit
Dossier trouvé: C:\Users\steph\AppData\LocalLow\PriceGong
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2567681
Clé trouvée: HKLM\Software\ASKInstaller
Clé trouvée: HKCU\Software\Grand Virtual
Clé trouvée: HKCU\Software\Spointer
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Everest Poker
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchTheWeb
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.5.8 (fr)] ****
HKLM_MozillaPlugins\Adobe Reader (x)
Components\aboutCertError.js
Components\aboutPrivateBrowsing.js
Components\aboutRights.js
Components\aboutRobots.js
Components\aboutSessionRestore.js
Components\nsPostUpdateWin.js
-- C:\Users\steph\AppData\Roaming\Mozilla\FireFox\Profiles\ud0pvjks.default --
Extensions\{59994074-c06d-4a75-9768-49e5a8c21264} (Messenger Plus Live France Toolbar)
Extensions\{7a88e876-d715-4503-a7bf-a8eba13ca3f9} (SocialPlus)
Prefs.js - browser.download.lastDir, C:\\Users\\steph\\Pictures
Prefs.js - browser.search.selectedEngine, Messenger Plus Live France Customized Web Search
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.1.8
========================================
**** Internet Explorer Version [9.0.8112.16421] ****
HKCU_Main|Default_Page_URL - hxxp://fr.msn.com/?ocid=OIE9HP
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_Main|Start Page - hxxp://www.google.fr/
HKLM_Main|Default_Page_URL - hxxp:\\www.samsungcomputer.com
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKCU_URLSearchHooks|{59994074-c06d-4a75-9768-49e5a8c21264} (x)
HKCU_SearchScopes\{CB92631F-B0A3-4B1E-935E-CD0B33BA48EB} - "hooseek" (hxxp://www.hooseek.com/web?recherche={searchTerms})
HKCU_Toolbar\WebBrowser|{59994074-C06D-4A75-9768-49E5A8C21264} (x)
HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (x)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
HKCU_ElevationPolicy\{3BF5556C-0280-4573-8D89-22C71C3DDC0B} - C:\Windows\System32\Macromed\Flash\FlashUtil9f.exe (x)
HKLM_ElevationPolicy\dcf597b0-1b9e-4dbd-b403-4704d293b253 - C:\Program Files\Messenger_Plus_Live_France\Messenger_Plus_Live_FranceToolbarHelper.exe (x)
HKLM_ElevationPolicy\f3a21600-ff23-4010-9f5c-7586404c1586 - C:\Program Files\Eazel-FR\Eazel-FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 08/09/2011 19:50:30 (4052 Octet(s))
Fin à: 19:51:15, 08/09/2011
============== E.O.F ==============
--------------------------------------------------------------------------------------
* Double-clique sur l'icône AD-Remover
Déconnecte toi et ferme toutes les applications en cours
* Au menu principal, clique sur Nettoyer
* Confirme le lancement de l'analyse et laisse l'outil travailler
* Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-CLEAN.txt )
Puis reposte moi un rapport ZHPDiag (en l'hébergeant stp, si pjjoint ne marche pas, essaye https://www.cjoint.com/
* Double-clique sur l'icône AD-Remover
Déconnecte toi et ferme toutes les applications en cours
* Au menu principal, clique sur Nettoyer
* Confirme le lancement de l'analyse et laisse l'outil travailler
* Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-CLEAN.txt )
Puis reposte moi un rapport ZHPDiag (en l'hébergeant stp, si pjjoint ne marche pas, essaye https://www.cjoint.com/
rapport nettoyage AD-remover
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 20:07:25 le 08/09/2011, Mode normal
Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X86)
steph@PC-DE-STEPH (SAMSUNG ELECTRONICS CO., LTD. R610)
============== ACTION(S) ==============
Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everest Poker
Dossier supprimé: C:\Program Files\Everest Poker
Dossier supprimé: C:\Users\steph\AppData\LocalLow\Conduit
Dossier supprimé: C:\Users\steph\AppData\LocalLow\PriceGong
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2567681
Clé supprimée: HKLM\Software\ASKInstaller
Clé supprimée: HKCU\Software\Grand Virtual
Clé supprimée: HKCU\Software\Spointer
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Everest Poker
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchTheWeb
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.5.8 (fr)] ****
HKLM_MozillaPlugins\Adobe Reader (x)
Components\aboutCertError.js
Components\aboutPrivateBrowsing.js
Components\aboutRights.js
Components\aboutRobots.js
Components\aboutSessionRestore.js
Components\nsPostUpdateWin.js
-- C:\Users\steph\AppData\Roaming\Mozilla\FireFox\Profiles\ud0pvjks.default --
Extensions\{59994074-c06d-4a75-9768-49e5a8c21264} (Messenger Plus Live France Toolbar)
Extensions\{7a88e876-d715-4503-a7bf-a8eba13ca3f9} (SocialPlus)
Prefs.js - browser.download.lastDir, C:\\Users\\steph\\Pictures
Prefs.js - browser.search.selectedEngine, Messenger Plus Live France Customized Web Search
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.1.8
========================================
**** Internet Explorer Version [9.0.8112.16421] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{59994074-c06d-4a75-9768-49e5a8c21264} (x)
HKCU_SearchScopes\{CB92631F-B0A3-4B1E-935E-CD0B33BA48EB} - "hooseek" (hxxp://www.hooseek.com/web?recherche={searchTerms})
HKCU_Toolbar\WebBrowser|{59994074-C06D-4A75-9768-49E5A8C21264} (x)
HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (x)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
HKCU_ElevationPolicy\{3BF5556C-0280-4573-8D89-22C71C3DDC0B} - C:\Windows\System32\Macromed\Flash\FlashUtil9f.exe (x)
HKLM_ElevationPolicy\dcf597b0-1b9e-4dbd-b403-4704d293b253 - C:\Program Files\Messenger_Plus_Live_France\Messenger_Plus_Live_FranceToolbarHelper.exe (x)
HKLM_ElevationPolicy\f3a21600-ff23-4010-9f5c-7586404c1586 - C:\Program Files\Eazel-FR\Eazel-FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
========================================
C:\Program Files\Ad-Remover\Quarantine: 200 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 16 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 08/09/2011 20:07:37 (4321 Octet(s))
C:\Ad-Report-SCAN[1].txt - 08/09/2011 19:50:30 (4190 Octet(s))
Fin à: 20:09:44, 08/09/2011
============== E.O.F ==============
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 20:07:25 le 08/09/2011, Mode normal
Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X86)
steph@PC-DE-STEPH (SAMSUNG ELECTRONICS CO., LTD. R610)
============== ACTION(S) ==============
Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everest Poker
Dossier supprimé: C:\Program Files\Everest Poker
Dossier supprimé: C:\Users\steph\AppData\LocalLow\Conduit
Dossier supprimé: C:\Users\steph\AppData\LocalLow\PriceGong
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2567681
Clé supprimée: HKLM\Software\ASKInstaller
Clé supprimée: HKCU\Software\Grand Virtual
Clé supprimée: HKCU\Software\Spointer
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Everest Poker
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchTheWeb
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.5.8 (fr)] ****
HKLM_MozillaPlugins\Adobe Reader (x)
Components\aboutCertError.js
Components\aboutPrivateBrowsing.js
Components\aboutRights.js
Components\aboutRobots.js
Components\aboutSessionRestore.js
Components\nsPostUpdateWin.js
-- C:\Users\steph\AppData\Roaming\Mozilla\FireFox\Profiles\ud0pvjks.default --
Extensions\{59994074-c06d-4a75-9768-49e5a8c21264} (Messenger Plus Live France Toolbar)
Extensions\{7a88e876-d715-4503-a7bf-a8eba13ca3f9} (SocialPlus)
Prefs.js - browser.download.lastDir, C:\\Users\\steph\\Pictures
Prefs.js - browser.search.selectedEngine, Messenger Plus Live France Customized Web Search
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.1.8
========================================
**** Internet Explorer Version [9.0.8112.16421] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{59994074-c06d-4a75-9768-49e5a8c21264} (x)
HKCU_SearchScopes\{CB92631F-B0A3-4B1E-935E-CD0B33BA48EB} - "hooseek" (hxxp://www.hooseek.com/web?recherche={searchTerms})
HKCU_Toolbar\WebBrowser|{59994074-C06D-4A75-9768-49E5A8C21264} (x)
HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (x)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
HKCU_ElevationPolicy\{3BF5556C-0280-4573-8D89-22C71C3DDC0B} - C:\Windows\System32\Macromed\Flash\FlashUtil9f.exe (x)
HKLM_ElevationPolicy\dcf597b0-1b9e-4dbd-b403-4704d293b253 - C:\Program Files\Messenger_Plus_Live_France\Messenger_Plus_Live_FranceToolbarHelper.exe (x)
HKLM_ElevationPolicy\f3a21600-ff23-4010-9f5c-7586404c1586 - C:\Program Files\Eazel-FR\Eazel-FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
========================================
C:\Program Files\Ad-Remover\Quarantine: 200 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 16 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 08/09/2011 20:07:37 (4321 Octet(s))
C:\Ad-Report-SCAN[1].txt - 08/09/2011 19:50:30 (4190 Octet(s))
Fin à: 20:09:44, 08/09/2011
============== E.O.F ==============
Re,
--------------------------------------------------------------------------------------
* Lance ZHPFix (si tu es sous Windows Vista ou Windows 7, lance le par un clic-droit dessus --> exécuter en temps qu'administrateur).
* Copie les lignes suivantes :
---------------------------------------------------
EmptyTemp
EmptyFlash
SysRestore
FirewallRAZ
G2 - GCE: Preference [User Data\Default] [bjeikeheijdjdfjbmknpefojickbkmom] Offerbox v.2.2.2468.40 (Activé)
M2 - MFEP: prefs.js [steph - ud0pvjks.default\{59994074-c06d-4a75-9768-49e5a8c21264}] [] Messenger Plus Live France Toolbar v2.6.0.15 (.Conduit Ltd..)
R3 - URLSearchHook: (no name) - {59994074-c06d-4a75-9768-49e5a8c21264} . (...) (No version) -- (.not file.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O4 - HKLM\..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\IMBooster.exe (.not file.)
O4 - Global Startup: C:\Users\steph\Desktop\Jeux.lnk - Clé orpheline
O4 - Global Startup: C:\Users\steph\Desktop\Ordinateur.lnk - Clé orpheline
[MD5.00000000000000000000000000000000] [APT] [Run RoboForm TaskBar Icon] (...) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (.not file.)
[HKCU\Software\Iminent]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Iminent]
O43 - CFD: 08/08/2010 - 11:36:00 - [0] ----D- C:\Program Files\Fluendo
O43 - CFD: 15/07/2010 - 00:42:34 - [590043] ----D- C:\Users\steph\AppData\Roaming\moovida-1
O43 - CFD: 08/08/2010 - 11:30:20 - [234375] ----D- C:\Users\steph\AppData\Local\moovida Air
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
---------------------------------------------------
* Clique sur l'icône représentant la lettre H (« coller les lignes Helper »)
* Les lignes se collent automatiquement dans ZHPFix.
* Clique sur le bouton « GO » pour lancer le nettoyage,
* Colle le contenu du rapport dans ta prochaine réponse.
--------------------------------------------------------------------------------------
* Désinstalle toutes les versions de Adobe Reader présentes dans l'ajout/suppression de programme
* Télécharge la nouvelle version ici en prenant soin de décocher la case du téléchargement de McAfee ou d'une barre d'outil google.
* Installe là
--------------------------------------------------------------------------------------
* Lance ZHPFix (si tu es sous Windows Vista ou Windows 7, lance le par un clic-droit dessus --> exécuter en temps qu'administrateur).
* Copie les lignes suivantes :
---------------------------------------------------
EmptyTemp
EmptyFlash
SysRestore
FirewallRAZ
G2 - GCE: Preference [User Data\Default] [bjeikeheijdjdfjbmknpefojickbkmom] Offerbox v.2.2.2468.40 (Activé)
M2 - MFEP: prefs.js [steph - ud0pvjks.default\{59994074-c06d-4a75-9768-49e5a8c21264}] [] Messenger Plus Live France Toolbar v2.6.0.15 (.Conduit Ltd..)
R3 - URLSearchHook: (no name) - {59994074-c06d-4a75-9768-49e5a8c21264} . (...) (No version) -- (.not file.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O4 - HKLM\..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\IMBooster.exe (.not file.)
O4 - Global Startup: C:\Users\steph\Desktop\Jeux.lnk - Clé orpheline
O4 - Global Startup: C:\Users\steph\Desktop\Ordinateur.lnk - Clé orpheline
[MD5.00000000000000000000000000000000] [APT] [Run RoboForm TaskBar Icon] (...) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (.not file.)
[HKCU\Software\Iminent]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Iminent]
O43 - CFD: 08/08/2010 - 11:36:00 - [0] ----D- C:\Program Files\Fluendo
O43 - CFD: 15/07/2010 - 00:42:34 - [590043] ----D- C:\Users\steph\AppData\Roaming\moovida-1
O43 - CFD: 08/08/2010 - 11:30:20 - [234375] ----D- C:\Users\steph\AppData\Local\moovida Air
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
---------------------------------------------------
* Clique sur l'icône représentant la lettre H (« coller les lignes Helper »)
* Les lignes se collent automatiquement dans ZHPFix.
* Clique sur le bouton « GO » pour lancer le nettoyage,
* Colle le contenu du rapport dans ta prochaine réponse.
--------------------------------------------------------------------------------------
* Désinstalle toutes les versions de Adobe Reader présentes dans l'ajout/suppression de programme
* Télécharge la nouvelle version ici en prenant soin de décocher la case du téléchargement de McAfee ou d'une barre d'outil google.
* Installe là
