Sujet Précédent Sujet Suivant

Plantage de PC sous Vista SP2 .

aldebaran95 Messages postés 265 Statut Membre -  
jacques.gache Messages postés 34829 Statut Contributeur sécurité -
Bonjour,

Cette nuit mon pc a visiblement bugué car le laissant allumé toutes les nuits,je l'ai retrouvé sur la page d'accueil windows ce matin (la page où on nous demande le mot de passe).
J'ai donc entré mon mot de passe et là,gros lag. Le pc ne se bootait pas.J'ai dû l'éteindre 2 fois manuellement pour qu'il affiche enfin le bureau après plusieurs minutes laborieuses.
Là,plus moyen de lancer internet ou d'ouvrir un document, l'icône de la souris reste en recherche et le disque dur semble avoir dur mal a tourner,il fait un petit bruit de frottement.

J'ai voulu faire une restauration système,plus rien ! tous mes points de restauration ont été éffacés .
J'ai nettoyé le disque dur,j'ai passé Ccleaner (en nettoyage système et en registre),rien n'y fait.

Mon antivirus c'est Avast et j'ai Ad Aware en protection résidente en plus du pare-feu windows.

Là je suis actuellement en mode sans échec avec prise en charge du réseau,tout marche nickel , le disque dur ne fait aucun bruit ,je suppose donc que le disque dur est hors de cause ...

Auriez vous une solution ?

Merci.

A voir également:

6 réponses

Réponse 1 / 6
aldebaran95 Messages postés 265 Statut Membre 13
 
Ok merci.

J'ai justement partitioné mon DD comme indiqué .
Quant à l'image,le seul pc sur lequel j'ai oublié de le faire,c'est celui ci ....

Sinon,il n'y a pas un moyen de réparer le registre ? j'avais fait une manip via la console et le pc avait remit les clés de registre en état mais plus moyen de me rappeler la manip.

Un rapport Hijackthis serait utile ?
0
aldebaran95 Messages postés 265 Statut Membre 13
 
Je joint un rapport Hijackthis a tout hasard :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:22:56, on 07/06/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Users\OLIVE\Downloads\hijackthis_telechargement_01net.exe
C:\Users\OLIVE\AppData\Local\Temp\01net\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1060933&SSPV=IENOSGTB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - (no file)
R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFree.dll
O1 - Hosts: ::1 localhost
O2 - BHO: uTorrentBar_FR - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - (no file)
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\OLIVE\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: Freecorder - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - (no file)
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFree.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Lancer Voissa Anonymo - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} - C:\Program Files\Voissa anonymo\Voissaanonymo.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers2.touslesdrivers.com/maconfig/MaConfig_5_2_2_0.cab
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\AtService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
0
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618
 
bonjour, perso je préfèrerais avoir un zhpdig il sera plus complet , mais déjà arrête de télécharger sur 01.net pour info ils modifient les outils en y intégrant des choses comme une toolbar et sont rémunéré à chaque installation

bon tu pourrais faire se qui suit , merci


1) passes pré scan

telecharge et enregistre Pre_Scan sur ton bureau :

http://forums-fec.be/gen-hackman/Pre_Scan.exe
http://general-changelog-team.fr/fr/downloads/viewdownload/41-outils-de-gen-hackman/52-pre-scan

Avertissement :Il y aura une extinction du bureau pendant le scan --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan_la_date_et_l'heure.txt" sur le bureau.

si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Kill"

si l'outil est bloqué par l'infection utilise cette version avec extension .pif :

http://forums-fec.be/gen-hackman/Pre_Scan.pif

ou cette version renommée winlogon.exe :

http://forums-fec.be/gen-hackman/winlogon.exe

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan


NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)

Heberge le rapport sur http://pjjoint.malekal.com puis donne le lien obtenu en echange sur le forum où tu te fais aider




2) postes un zhpdiag

Ouvre ce lien et télécharge ZHPDiag :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

cliques sur télécharger "celui du bas"

ou directement ici: ftp://zebulon.fr/ZHPDiag2.exe



Enregistres le sur ton Bureau.

Une fois le téléchargement achevé

pour XP, double-clique sur ZHPDiag

pour Vista,et seven tu fais un clic droit sur l'icône et exécute en tant qu'administrateur.

N'oublies pas de cocher la case qui permet de mettre un raccourci sur le Bureau.

/|\ l'outil a créé 2 icônes ZHPDiag et ZHPFix.

Double cliques sur le raccourci ZHPDiag sur ton Bureau pour XP sinon clique droit et en tant que administrateur !!

Cliques sur la loupe pour lancer l'analyse.

si tu as un message te demandant la validation pour SIGCHECK acceptes avec OK cela est pour nous faire un rapport plus complet et pouvoir en faire une lecture plus approfondis

Laisses l'outil travailler, il peut être assez long

A la fin de l'analyse,clique sur l'appareil photo et enregistre le rapport sur ton Bureau.


Fermes ZHPDiag en fin d'analyse.


Pour me le transmettre clique sur ce lien :

https://www.cjoint.com/


Clique sur Parcourir et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\bureau\.ZHPDiag.txt

ou directement en choisissant bureau et ZHPDiag.txt clique dessus

Clique sur Ouvrir.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cj200905/cib7SU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.


et si problème passe par celui ci : http://threat-rc.com/
ou
http://pjjoint.malekal.com/
0
aldebaran95 Messages postés 265 Statut Membre 13
 
Ok,merci Jacques,toujours aussi précis dans les démarches,ça fait plaisir .
Je ferais ça demain car la manoeuvre est assez lourde.

Je te tiens au courant .
0
aldebaran95 Messages postés 265 Statut Membre 13
 
Bon,je m'y suis mis ce matin,ben c'est pas gagné ....

Le pre-scan se lance nickel en mode sans échec mais lorsque le pc redémarre en mode normale ,ça bug .
J'ai insisté plusieurs fois , au mieux le scan winlogon se lance mais se retrouve bloqué dés le début,au pire,explorer plante et je n'ai plus aucune icone.
De plus,aucun rapport n'a été mis sur le bureau, j'ai essayé les 2 versions de winlogo que tu as mis en lien pourtant.

J'ai quand même fait un rapport ZHPdiag mais pas moyen d'envoyer le lien ici,je suppose que le mode sans échec bloque cette possibilité.
J'ai voulu l'envoyer par mail sur le pc de ma femme,impossible aussi de joindre un fichier.
Je te le transmet donc en copier/collé,je n'ai pas le choix.

Rapport de ZHPDiag v1.31.095 par Nicolas Coolman, Update du 24/05/2012
Run by OLIVE at 08/06/2012 09:00:48
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 13.0 v13.0 (Defaut)
GCIE: Google Chrome v19.0.1084.52

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 3070 MB (79% free)
System Restore: Désactivé (Disabled)
System drive C: has 149 GB (83%) free of 179 GB

---\\ Logged in mode
~ Computer Name: PC-DE-OLIVE
~ User Name: OLIVE
~ All Users Names: OLIVE, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\OLIVE\AppData\Roaming\
~ %Desktop% : C:\Users\OLIVE\Desktop\
~ %Favorites% : C:\Users\OLIVE\Favorites\
~ %LocalAppData% : C:\Users\OLIVE\AppData\Local\
~ %StartMenu% : C:\Users\OLIVE\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 149 Go of 179 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 9 Go of 298 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 45 Go of 119 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Not Inserted)
H:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.10/04/2009 - 22:27:38.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.1D94FA7C81D2FFE494AF094619BA706F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/05/2012 - 08:15:41.) -- C:\Windows\System32\wininet.dll [1127424]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.10/04/2009 - 22:28:14.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.10/04/2009 - 22:32:28.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.10/04/2009 - 20:39:18.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.10/04/2009 - 20:42:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.10/04/2009 - 20:45:38.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.10/04/2009 - 22:32:50.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.10/04/2009 - 20:45:24.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.10/04/2009 - 20:45:58.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.10/04/2009 - 22:32:56.) -- C:\Windows\system32\Drivers\volsnap.sys [226280]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/952
~ Mes musiques (My Musics) : 1/1075
~ Mes Favoris (My Favorites) : 1/24
~ Mes Documents (My Documents) : 1/6
~ Mon Bureau (My Desktop) : 1/13
~ Menu demarrer (Programs) : 1/27
~ Scan Hidden Files in 00mn 02s



---\\ Processus lancés
[MD5.0830E6BA8463BEF96CF69C1993F74A4B] - (.Lavasoft Limited - Ad-Aware Tray Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [1187072] [PID.1588]
[MD5.CC926B0811C3FA2363C98711410FEF24] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [4540928] [PID.1956]
[MD5.55AFD4A9D5ED4AD40D5215CCDF4D65F3] - (.Lavasoft Limited - Ad-Aware Service Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2152720] [PID.]
[MD5.0615B72D5E241103769003452B4AFB1C] - (...) -- C:\Program Files\Lavasoft\Ad-Aware\AWSC.exe [1101960] [PID.]
[MD5.5DAF7081A4BB112FA3F1915819330A3E] - (...) -- C:\Program Files\ZHPDiag\pv.exe [61440] [PID.]
~ Scan Processes Running in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\OLIVE\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] https://isearch.avg.com/
G0 - GCSP: Preference [User Data\Default] https://isearch.avg.com/
G1 - GCS: Preference [User Data\Default] None
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\OLIVE\AppData\Roaming\Mozilla\Firefox\Profiles\u3objlzb.default\prefs.js
M3 - MFPP: Plugins - [OLIVE] -- C:\Users\OLIVE\AppData\Roaming\Mozilla\Firefox\Profiles\u3objlzb.default\searchplugins\conduit.xml
M3 - MFPP: Plugins - [OLIVE] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [OLIVE] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [OLIVE] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [OLIVE] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [OLIVE] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [OLIVE] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [OLIVE] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M2 - MFEP: prefs.js [OLIVE - u3objlzb.default\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] [] Freecorder Community Toolbar v3.13.0.6 (.Conduit Ltd..)
M2 - MFEP: prefs.js [OLIVE - u3objlzb.default\{33e0daa6-3af3-d8b5-6752-10e949c61516}] [] Complitly - Speed up your search with your personal search suggestions tool v1.1 (.SimplyGen Ltd..)
M2 - MFEP: prefs.js [OLIVE - u3objlzb.default\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}] [greasemonkey] Greasemonkey v0.9.20 (.Aaron Boodman; http://youngpup.net/
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win # 5.2.2.0.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.10411.0.) -- C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.1] - (.VideoLAN - VLC media player Web Plugin 2.0.0.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
R3 - URLSearchHook: (no name) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.VideoLAN - VLC media player Web Plugin 2.0.0.) (No version) -- (.not file.)
R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files\Freecorder\prxtbFree.dll
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Conduit Ltd. - Conduit Toolbar.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) (No version) -- (.not file.)
R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files\Freecorder\prxtbFree.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 03s
~ Nombre de lignes (Lines number): 15260



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: uTorrentBar_FR - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} Clé orpheline
O2 - BHO: Freecorder - {1392b8d2-5c05-419f-a8f6-b9f15a596612} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Freecorder\prxtbFree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} . (.Bioscrypt Inc. - SSO IE Listener.) -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Ask Toolbar - [HKLM]{D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - [HKLM]{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (...) -- (.not file.)
O3 - Toolbar: Freecorder Toolbar - [HKLM]{1392b8d2-5c05-419f-a8f6-b9f15a596612} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Freecorder\prxtbFree.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
O4 - HKCU\..\Run: [Advanced SystemCare 5] . (.IObit - Advanced SystemCare 5 Tray.) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 5] . (.IObit - Advanced SystemCare 5 Tray.) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 5] . (.IObit - Advanced SystemCare 5 Tray.) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-1959498384-218811378-2899222492-1000\..\Run: [Advanced SystemCare 5] . (.IObit - Advanced SystemCare 5 Tray.) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\OLIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\OLIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\OLIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\OLIVE\Desktop\Ad-Aware.lnk . (.Lavasoft Limited.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
O4 - Global Startup: C:\Users\OLIVE\Desktop\Calculator.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\calc.exe
O4 - Global Startup: C:\Users\OLIVE\Desktop\Microsoft Office - Raccourci.lnk . (...) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O4 - Global Startup: C:\Users\OLIVE\Desktop\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\OLIVE\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\OLIVE\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\OLIVE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 5.lnk . (.IObit.) -- C:\Program Files\IObit\Advanced SystemCare 5\ASC.exe
O4 - Global Startup: C:\Users\OLIVE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk . (.Belarc, Inc..) -- C:\Program Files\Belarc\Advisor\BelarcAdvisor.exe
O4 - Global Startup: C:\Users\OLIVE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\Integrator.exe
O4 - Global Startup: C:\Users\OLIVE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\OLIVE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\OLIVE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\OLIVE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\OLIVE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\OLIVE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\XnView.lnk . (.XnView, http://www.xnview.com.) -- C:\Program Files\XnView\xnview.exe
~ Scan Global Startup in 00mn 00s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files\MICROS~2\Office12\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Tools Menu Item - {C80DDAAA-310C-459B-9535-8370B4EBDA1F} . (...) -- C:\Program Files\Voissa anonymo\Voissaanonymo.ico
O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (...) -- C:\Program Files\Voissa anonymo\Voissaanonymo.ico
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - https://www.touslesdrivers.com/index.php?v_page=29
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8E8E3B3-49BC-4B3F-A056-71B8DD2F3DF3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B8E8E3B3-49BC-4B3F-A056-71B8DD2F3DF3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B8E8E3B3-49BC-4B3F-A056-71B8DD2F3DF3}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} . (.Belarc, Inc. - Belarc VoilaX Control.) -- C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --
O18 - Handler: dvd - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: its - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: mhtml - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: tv - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: vbscript - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Cognizance Corporation - Application Protection Hook.) - C:\Windows\System32\APSHook.dll
~ Scan AppInit DLL in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) . (.IObit - Advanced SystemCare Service.) - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) . (.AuthenTec, Inc. - AFSS Service.) - C:\Program Files\Fingerprint Sensor\AtService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Lavasoft Ad-Aware Service (Lavasoft Ad-Aware Service) . (.Lavasoft Limited - Ad-Aware Service Application.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 179.4.) - C:\Windows\System32\nvvsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Servic (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\ASUS\wallpapers\ASUS3.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Windows\ASUS\wallpapers\ASUS3.jpg
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Ad-Aware Update (Weekly).job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
~ Scan Scheduled Task in 00mn 00s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: ASUS CopyProtect - (.ASUS.) [HKLM] -- {6B77A7F6-DD63-4F13-A6FF-83137A5AC354}
O42 - Logiciel: ASUS Data Security Manager - (.ASUS.) [HKLM] -- {1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}
O42 - Logiciel: ASUS LifeFrame3 - (.ASUS.) [HKLM] -- {1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
O42 - Logiciel: ASUS Live Update - (.ASUS.) [HKLM] -- {E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}
O42 - Logiciel: ASUS MultiFrame - (.Pas de propriétaire.) [HKLM] -- {9D48531D-2135-49FC-BC29-ACCDA5396A76}
O42 - Logiciel: ASUS Power4Gear eXtreme - (.ASUS.) [HKLM] -- {9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
O42 - Logiciel: ASUS Security Protect Manager - (.ASUSTeK Computer Inc..) [HKLM] -- {D8D4AF9A-6ADE-4B14-A7F5-BA858792729E}
O42 - Logiciel: ASUS SmartLogon - (.ASUS.) [HKLM] -- {64452561-169F-4A36-A2FF-B5E118EC65F5}
O42 - Logiciel: ASUS Splendid Video Enhancement Technology - (.ASUS.) [HKLM] -- {0969AF05-4FF6-4C00-9406-43599238DE0D}
O42 - Logiciel: ASUS Virtual Camera - (.ASUS.) [HKLM] -- {EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
O42 - Logiciel: ATK Generic Function Service - (.ATK.) [HKLM] -- {D3D54F3E-C5C3-443D-978F-87A72E5616E8}
O42 - Logiciel: ATK Hotkey - (.ASUS.) [HKLM] -- {7C05592D-424B-46CB-B505-E0013E8E75C9}
O42 - Logiciel: ATK Media - (.ASUS.) [HKLM] -- {D1E5870E-E3E5-4475-98A6-ADD614524ADF}
O42 - Logiciel: ATKOSD2 - (.ASUS.) [HKLM] -- {3B05F2FB-745B-4012-ADF2-439F36B2E70B}
O42 - Logiciel: Ad-Aware - (.Lavasoft Limited.) [HKLM] -- {97BD5533-8B5B-42FA-ADAE-A6F8DB997D7C}
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems.) [HKLM] -- ShockwaveFlash
O42 - Logiciel: Adobe Reader 9.4.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Advanced SystemCare 5 - (.IObit.) [HKLM] -- Advanced SystemCare 5_is1
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Asus_Camera_ScreenSaver - (.ASUS.) [HKLM] -- Asus_Camera_ScreenSaver
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Auslogics Disk Defrag - (.Auslogics Software Pty Ltd.) [HKLM] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1
O42 - Logiciel: AuthenTec Fingerprint Software - (.AuthenTec, Inc..) [HKLM] -- {EF04F9A0-EF1B-41C2-A78B-50C62290064A}
O42 - Logiciel: Belarc Advisor 8.2 - (.Belarc Inc..) [HKLM] -- Belarc Advisor
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] -- {415B2719-AD3A-4944-B404-C472DB6085B3}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {83770D14-21B9-44B3-8689-F7B523F94560}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
O42 - Logiciel: CustoPackTools - (.neOceane.) [HKLM] -- CustoPackTools
O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite
O42 - Logiciel: Dolby Control Center - (.Dolby.) [HKLM] -- {DE66EFAD-B9CC-4FD4-9157-6C18E5100161}
O42 - Logiciel: Express Gate - (.Nom de votre société.) [HKLM] -- {27D51A76-371D-48B6-B06E-4137A15B7583}
O42 - Logiciel: Freecorder 5 - (.Applian Technologies Inc..) [HKLM] -- Freecorder5.11
O42 - Logiciel: Freecorder Toolbar - (.Freecorder.) [HKLM] -- Freecorder Toolbar
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
O42 - Logiciel: Glary Utilities 2.44.0.1450 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: ITECIR - (.ITE.) [HKLM] -- {40580068-9B10-40B5-9548-536CE88AB23C}
O42 - Logiciel: IZArc 4.1.6 - (.Ivan Zahariev.) [HKLM] -- {97C82B44-D408-4F14-9252-47FC1636D23E}_is1
O42 - Logiciel: ImgBurn 2.3.2.0 Fr - (.Pas de propriétaire.) [HKLM] -- {75ADEFA2-D4FF-4B37-9E93-4306E6AC176B}_is1
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: Logiciel Intel(R) PROSet/Wireless WiFi - (.Intel Corporation.) [HKLM] -- {C8005A7B-9638-41DD-B83B-AF277754E211}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {1B19A54C-3692-4D12-BFD9-1362DD34CE78}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft IntelliPoint 8.2 - (.Microsoft Corporation.) [HKLM] -- Microsoft IntelliPoint 8.2
O42 - Logiciel: Microsoft IntelliPoint 8.2 - (.Microsoft Corporation.) [HKLM] -- {942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}
O42 - Logiciel: Microsoft IntelliType Pro 8.2 - (.Microsoft Corporation.) [HKLM] -- Microsoft IntelliType Pro 8.2
O42 - Logiciel: Microsoft IntelliType Pro 8.2 - (.Microsoft Corporation.) [HKLM] -- {9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95120000-0122-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Mozilla Firefox 13.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 13.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: NB Probe - (.Pas de propriétaire.) [HKLM] -- {6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {8AAB4176-A747-493A-A42C-B63CFADFD8E3}
O42 - Logiciel: Net4Switch - (.ASUS.) [HKLM] -- {9D6D7811-43B3-463C-BC79-5D1755269989}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: P4P - (.P4P.) [HKLM] -- {FC3D290D-79BE-44B7-ABF9-FDD110925930}
O42 - Logiciel: PeaZip 4.5 - (.Giorgio Tani.) [HKLM] -- {5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1
O42 - Logiciel: PhotoFiltre Studio X - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre Studio X
O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01 - (.Pas de propriétaire.) [HKLM] -- {59F6A514-9813-47A3-948C-8A155460CC2A}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: STDU Viewer version 1.6.131.0 - (.STDUtility.) [HKLM] -- STDU Viewer_is1
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E34960DB-2A93-45DB-A208-02650F7AB09C}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{293FB6BE-D3EB-4162-B522-F9108040B9FE}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{31C0F635-15AD-4AA3-A3C6-B542B403D0EE}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3069CE04-082C-4669-9BA1-E6AA66330C1F}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{ABB5F56F-FC55-4C7E-9622-B8A1E670BAFC}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B4C12F08-B0EF-4CC4-AD5F-381DD62BF640}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AEA16A27-0B97-4670-818F-A98D06EC0A6F}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edit - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{075C2272-0881-46D3-B3A5-1D83D6940270}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-B - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FF2E1543-EDB3-4B96-989C-A97DA428D88E}
O42 - Logiciel: VLC media player 2.0.1 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Voissa Anonymo - (.Cedrat Net.) [HKLM] -- Voissa Anonymo 2_is1
O42 - Logiciel: WinFlash - (.Pas de propriétaire.) [HKLM] -- {DE10AB76-4756-4913-BE25-55D1C1051F9A}
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {230B83A5-7D88-4B95-B71E-F44C0C78B002}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: Wireless Console 2 - (.ATK.) [HKLM] -- {83F73CB1-7705-49D1-9852-84D839CA2A45}
O42 - Logiciel: XBMC - (.Team XBMC.) [HKCU] -- XBMC
O42 - Logiciel: XnView 1.98.7 - (.Gougelet Pierre-e.) [HKLM] -- XnView_is1
O42 - Logiciel: avast! Free Antivirus v7.0.1426.0 - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent

---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ASUS]
[HKCU\Software\ATK0100]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\AskToolbarInfo]
[HKCU\Software\AppDataLow\Software\AskToolbar]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Freecorder]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\ApplianTechnologies]
[HKCU\Software\Ask&Record]
[HKCU\Software\Ask.com]
[HKCU\Software\Auslogics]
[HKCU\Software\Belarc]
[HKCU\Software\BitComet]
[HKCU\Software\BitTorrent]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\DT Soft]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\IGearSettings]
[HKCU\Software\IM Providers]
[HKCU\Software\ITConcepts]
[HKCU\Software\IZSoftware]
[HKCU\Software\Lavasoft]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Sysinternals]
[HKCU\Software\cybelsoft]
[HKCU\Software\eMule]
[HKCU\Software\g3n-h@ckm@n]
[HKCU\Software\???????????????]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ASPG]
[HKLM\Software\ASUS]
[HKLM\Software\ATK0100]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AsLdr]
[HKLM\Software\Atheros]
[HKLM\Software\Authentec]
[HKLM\Software\Belarc]
[HKLM\Software\Bunndle]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\DT Soft]
[HKLM\Software\DeviceVM]
[HKLM\Software\Dolby]
[HKLM\Software\Freecorder]
[HKLM\Software\GlarySoft]
[HKLM\Software\Google]
[HKLM\Software\IObit]
[HKLM\Software\ITConcepts]
[HKLM\Software\Infineon]
[HKLM\Software\Intel]
[HKLM\Software\Lavasoft]
[HKLM\Software\Macromedia]
[HKLM\Software\Motorola]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\PeaZip]
[HKLM\Software\PeaZip_additional]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Siemens]
[HKLM\Software\SmartPCFixer]
[HKLM\Software\Sonic]
[HKLM\Software\Trad-FR]
[HKLM\Software\TrendMicro]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\XnView]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]
[HKLM\Software\neOceane]
[HKLM\Software\uTorrentBar_FR]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/05/2012 - 20:38:39 - [3,348] ----D C:\Program Files\7-Zip
O43 - CFD: 09/05/2012 - 20:41:28 - [232,755] ----D C:\Program Files\Adobe
O43 - CFD: 08/05/2012 - 22:28:38 - [117,550] ----D C:\Program Files\AGEIA Technologies
O43 - CFD: 09/05/2012 - 21:13:05 - [1,696] ----D C:\Program Files\Ask.com
O43 - CFD: 08/05/2012 - 03:52:11 - [91,111] ----D C:\Program Files\ASUS
O43 - CFD: 08/05/2012 - 03:36:32 - [18,243] ----D C:\Program Files\ASUS Security Center
O43 - CFD: 08/05/2012 - 03:53:26 - [9,837] ----D C:\Program Files\Atheros
O43 - CFD: 08/05/2012 - 03:23:17 - [0,443] ----D C:\Program Files\ATKGFNEX
O43 - CFD: 09/05/2012 - 20:46:17 - [9,129] ----D C:\Program Files\Auslogics
O43 - CFD: 12/05/2012 - 17:16:27 - [308,763] ----D C:\Program Files\AVAST Software
O43 - CFD: 09/05/2012 - 20:47:56 - [5,242] ----D C:\Program Files\Belarc
O43 - CFD: 29/05/2012 - 23:45:24 - [4,805] ----D C:\Program Files\CCleaner
O43 - CFD: 09/05/2012 - 20:54:09 - [12,221] ----D C:\Program Files\CDBurnerXP
O43 - CFD: 08/05/2012 - 03:53:16 - [6,262] ----D C:\Program Files\Cisco
O43 - CFD: 08/06/2012 - 07:49:17 - [570,304] ----D C:\Program Files\Common Files
O43 - CFD: 12/05/2012 - 18:04:04 - [0,609] ----D C:\Program Files\Conduit
O43 - CFD: 01/06/2012 - 16:21:38 - [66,291] ----D C:\Program Files\CustoPackTools
O43 - CFD: 09/05/2012 - 20:58:26 - [25,686] ----D C:\Program Files\DAEMON Tools Lite
O43 - CFD: 08/05/2012 - 03:27:51 - [35,322] ----D C:\Program Files\Dolby
O43 - CFD: 08/05/2012 - 04:05:38 - [10,100] ----D C:\Program Files\Fingerprint Sensor
O43 - CFD: 13/05/2012 - 09:53:21 - [10,323] ----D C:\Program Files\F
0
Réponse 2 / 6
aldebaran95 Messages postés 265 Statut Membre 13
 
J'ai aussi trouvé un rapport MBR,je ne sais pas ce que c'est ,je le poste quand même:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: ASUSTeK Computer Inc.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: ASUSTeK Computer Inc.
System Product Name: M70Vn
Logical Drives Mask: 0x000000fc

Kernel Drivers (total 126):
0x82E44000 \SystemRoot\system32\ntkrnlpa.exe
0x82E11000 \SystemRoot\system32\hal.dll
0x80401000 \SystemRoot\system32\kdcom.dll
0x80408000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x80478000 \SystemRoot\system32\PSHED.dll
0x80489000 \SystemRoot\system32\BOOTVID.dll
0x80491000 \SystemRoot\system32\CLFS.SYS
0x804D2000 \SystemRoot\system32\CI.dll
0x80601000 \SystemRoot\system32\drivers\Wdf01000.sys
0x80672000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80680000 \SystemRoot\system32\drivers\acpi.sys
0x806C6000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806CF000 \SystemRoot\system32\drivers\msisadrv.sys
0x806D7000 \SystemRoot\system32\drivers\pci.sys
0x806FE000 \SystemRoot\System32\drivers\partmgr.sys
0x8070E000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x80711000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8071B000 \SystemRoot\system32\drivers\volmgr.sys
0x8072A000 \SystemRoot\System32\drivers\volmgrx.sys
0x80774000 \SystemRoot\System32\drivers\mountmgr.sys
0x8B00B000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x8B2C0000 \SystemRoot\system32\drivers\atapi.sys
0x8B2C8000 \SystemRoot\system32\drivers\ataport.SYS
0x8B2E6000 \SystemRoot\system32\drivers\msahci.sys
0x8B2F0000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x8B2FE000 \SystemRoot\system32\drivers\fltmgr.sys
0x8B330000 \SystemRoot\system32\drivers\fileinfo.sys
0x8B340000 \SystemRoot\System32\Drivers\AsDsm.sys
0x8B34A000 \SystemRoot\system32\DRIVERS\Lbd.sys
0x8B359000 \SystemRoot\system32\DRIVERS\lullaby.sys
0x8B361000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8B400000 \SystemRoot\system32\drivers\ndis.sys
0x8B50B000 \SystemRoot\system32\drivers\msrpc.sys
0x8B536000 \SystemRoot\system32\drivers\NETIO.SYS
0x8B60E000 \SystemRoot\System32\drivers\tcpip.sys
0x8B6F8000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8B802000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8B912000 \SystemRoot\system32\drivers\volsnap.sys
0x8B953000 \SystemRoot\System32\Drivers\mup.sys
0x8B962000 \SystemRoot\System32\drivers\ecache.sys
0x8B989000 \SystemRoot\system32\drivers\disk.sys
0x8B99A000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8B9BB000 \SystemRoot\system32\drivers\crcdisk.sys
0x8F6C1000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8F6CC000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8F6D5000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8F6E0000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8F71E000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8F72D000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8F807000 \SystemRoot\system32\DRIVERS\NETwNv32.sys
0x8FF3F000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x8FF99000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x8FFA9000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x8FFB7000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0x8FFC8000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0x8B713000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0x8FFDC000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8FFEF000 \SystemRoot\system32\DRIVERS\kbfiltr.sys
0x8F7BA000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8F7C5000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8B765000 \SystemRoot\system32\DRIVERS\itecir.sys
0x8F7D0000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8FFF7000 \SystemRoot\system32\DRIVERS\ATKACPI.sys
0x8B9D1000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8B7BD000 \SystemRoot\system32\DRIVERS\storport.sys
0x8F7E8000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8B571000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8F7F3000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8B588000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8B5AB000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8B5BA000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8B5CE000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8B5E3000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8F800000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8B3D3000 \SystemRoot\system32\DRIVERS\ks.sys
0x8F6B6000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x80784000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
0x8B600000 \SystemRoot\system32\DRIVERS\umbus.sys
0x807C4000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x805B2000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8B5F3000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8B94B000 \SystemRoot\System32\Drivers\Null.SYS
0x8B000000 \SystemRoot\System32\Drivers\Beep.SYS
0x805C3000 \SystemRoot\System32\drivers\vga.sys
0x805CF000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x805F0000 \SystemRoot\System32\drivers\watchdog.sys
0x92602000 \SystemRoot\system32\drivers\rdpencdd.sys
0x9260A000 \SystemRoot\System32\Drivers\Msfs.SYS
0x92615000 \SystemRoot\System32\Drivers\Npfs.SYS
0x92623000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x9262C000 \SystemRoot\system32\DRIVERS\tdx.sys
0x9264E000 \SystemRoot\system32\DRIVERS\smb.sys
0x92662000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x92679000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x9267B000 \SystemRoot\system32\drivers\afd.sys
0x926C3000 \SystemRoot\System32\Drivers\AswRdr.SYS
0x926CA000 \SystemRoot\System32\DRIVERS\netbt.sys
0x926FC000 \SystemRoot\system32\DRIVERS\pacer.sys
0x92712000 \SystemRoot\system32\DRIVERS\netbios.sys
0x92720000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x9275C000 \SystemRoot\system32\drivers\nsiproxy.sys
0x92766000 \SystemRoot\System32\Drivers\dfsc.sys
0x9277D000 \SystemRoot\system32\DRIVERS\dc3d.sys
0x92787000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x9278E000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x92797000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x927A7000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x927B0000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x927B8000 \SystemRoot\system32\DRIVERS\point32.sys
0x927C1000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8F400000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x81440000 \SystemRoot\System32\win32k.sys
0x927CE000 \SystemRoot\System32\drivers\Dxapi.sys
0x81650000 \SystemRoot\System32\drivers\dxg.sys
0x81680000 \SystemRoot\System32\TSDDD.dll
0x81700000 \SystemRoot\System32\framebuf.dll
0x81710000 \SystemRoot\System32\ATMFD.DLL
0x9AA06000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9AA30000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9AA3A000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9AA53000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9AA68000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x9AA87000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9AAC0000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9AAD8000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x772E0000 \Windows\System32\ntdll.dll

Processes (total 28):
0 System Idle Process
4 System
424 C:\Windows\System32\smss.exe
492 csrss.exe
528 csrss.exe
536 C:\Windows\System32\wininit.exe
580 C:\Windows\System32\winlogon.exe
604 C:\Windows\System32\services.exe
620 C:\Windows\System32\lsass.exe
628 C:\Windows\System32\lsm.exe
772 C:\Windows\System32\svchost.exe
828 C:\Windows\System32\svchost.exe
952 C:\Windows\System32\svchost.exe
976 C:\Windows\System32\svchost.exe
1008 C:\Windows\System32\svchost.exe
1064 C:\Windows\System32\svchost.exe
1080 C:\Windows\System32\svchost.exe
1252 C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
1276 C:\Windows\System32\svchost.exe
1384 C:\Windows\System32\svchost.exe
1564 unsecapp.exe
1648 WmiPrvSE.exe
1904 C:\Program Files\Lavasoft\Ad-Aware\AWSC.exe
244 C:\Windows\explorer.exe
1608 C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
1592 C:\Pre_Scan\MBRCheck.exe
2008 C:\Pre_Scan\MBRCheck.exe
1952 C:\Pre_Scan\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000'00100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive1 at offset 0x00000000'00100000 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000002c'b6d00000 (NTFS)

PhysicalDrive0 Model Number: ST9320320AS, Rev: 0303
PhysicalDrive1 Model Number: ST9320320AS, Rev: 0303

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
298 GB \\.\PhysicalDrive1 Unknown MBR code
SHA1: 16FACB29D75458833E397367B1DA17929157C2B3

Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice:
0
Réponse 3 / 6
aldebaran95 Messages postés 265 Statut Membre 13
 
Et j'ai trouvé le rapport pre-scan,il était planqué dans mon C/: (désolé pour la masse de travail Jacques).

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 2.607 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤

~ Mis à jour le 07/06/2012 | 18.40 par g3n-h@ckm@n
~ Informations Evolution : https://gen-hackman.kanak.fr/
~ Informations sur les switchs Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Merci à Slyk & Saachaa pour leur apport à l'évolution de l'outil

~ Utilisateur : OLIVE (Administrateurs) | SID = S-1-5-21-1959498384-218811378-2899222492-1000
~ Ordinateur : PC-DE-OLIVE

~ Système d'exploitation : Windows Vista (TM) Home Premium (32 bits) HomePremium Service Pack 2
~ Enregistré sous : OLIVE
~ Processeur : Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
~ Identification : x86 Family 6 Model 23 Stepping 6

Pare-feu windows : Actif
Windows Defender : Inactif

~ Mémoire RAM = Total (KB) : 3143850 | Used (%) : 17 | Free (KB) : 2598300
~ Pagefile = Total (KB) : 6491500 | Free (KB) : 6211140
~ Virtuelle = Total (KB) : 2097020 | Free (KB) : 1957650

¤¤¤¤¤¤¤¤¤¤ | Scripts de boot

¤¤¤¤¤¤¤¤¤¤ | Drives

c:\ -> [Fixed] | [VistaOS] | Total : 183150 Mo | Free : 152940 Mo -> NTFS
d:\ -> [Fixed] | [DISQUE 1] | Total : 305240 Mo | Free : 9560 Mo -> NTFS
e:\ -> [Fixed] | [DATA] | Total : 122090 Mo | Free : 46000 Mo -> NTFS

Scan : 07:44:18 | 08/06/2012

¤¤¤¤¤¤¤¤¤¤ | Navigateurs

Internet Explorer : 9.0.8112.16421
Mozilla Firefox : 13.0 (fr)

¤ Par défaut :

[HKCR\http | command] : "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"

¤¤¤¤¤¤¤¤¤¤ | Frameworks

~ [02/11/2006 13:18:35] - C:\Windows\Microsoft.net\Framework\v1.0.3705
~ [02/11/2006 13:18:35] - C:\Windows\Microsoft.net\Framework\v1.1.4322
~ [02/11/2006 13:18:35] - C:\Windows\Microsoft.net\Framework\v1.0.3705
~ [02/11/2006 13:18:35] - C:\Windows\Microsoft.net\Framework\v1.1.4322
~ [02/11/2006 13:18:35] - C:\Windows\Microsoft.net\Framework\v2.0.50727
~ [02/11/2006 14:37:35] - C:\Windows\Microsoft.net\Framework\v3.0
~ [08/05/2012 05:48:03] - C:\Windows\Microsoft.net\Framework\v3.5

¤¤¤¤¤¤¤¤¤¤ | Windows Updates

Dernière(s) détection(s) : 2012-06-06 18:52:08
Dernier(s) téléchargement(s) : 2012-06-04 08:51:37
Dernière(s) installation(s) : 2012-06-04 18:56:46

¤¤¤¤¤¤¤¤¤¤ | Sessions | Profiles | Directories

~ [HKLM | ProfileList\S-1-5-21-1959498384-218811378-2899222492-1000] : ProfileImagePath -> C:\Users\OLIVE
~ [HKLM | ProfileList\S-1-5-21-1959498384-218811378-2899222492-1000] : RefCount -> 1
~ [HKLM | ProfileList\S-1-5-21-1959498384-218811378-2899222492-1000] : State -> 256

~ C:\Windows\system32\config\systemprofile
~ C:\Windows\ServiceProfiles\LocalService
~ C:\Windows\ServiceProfiles\NetworkService
~ C:\Users\OLIVE

¤¤¤¤¤¤¤¤¤¤ | Contrôle MD5

[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - [12/05/2012 14:24:20] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2858 Ko] - (6.0.6002.18005) - C:\Windows\explorer.exe
[MD5.37440D09DEAE0B672A04DCCF7ABF06BE] - [08/05/2012 05:17:43] - (.© Microsoft Corporation. All rights reserved. - Windows Explorer.) - [2855 Ko] - (6.0.6000.16771) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[MD5.E7156B0B74762D9DE0E66BDCDE06E5FB] - [08/05/2012 05:17:43] - (.© Microsoft Corporation. All rights reserved. - Windows Explorer.) - [2855 Ko] - (6.0.6000.20947) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[MD5.FFA764631CB70A30065C12EF8E174F9F] - [21/01/2008 04:24:24] - (.© Microsoft Corporation. All rights reserved. - Windows Explorer.) - [2858.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - [08/05/2012 05:17:43] - (.© Microsoft Corporation. All rights reserved. - Windows Explorer.) - [2858.5 Ko] - (6.0.6001.18164) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[MD5.50BA5850147410CDE89C523AD3BC606E] - [08/05/2012 05:17:43] - (.© Microsoft Corporation. All rights reserved. - Windows Explorer.) - [2859 Ko] - (6.0.6001.22298) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - [12/05/2012 14:24:20] - (.© Microsoft Corporation. All rights reserved. - Windows Explorer.) - [2858 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [21/01/2008 04:24:54] - (.© Microsoft Corporation. Tous droits réservés. - Processus d'exécuttion client-serveur.) - [6 Ko] - (6.0.6001.18000) - C:\Windows\System32\csrss.exe
[MD5.ABCA209EBA02CB59233614DB83B4F50D] - [21/01/2008 04:24:54] - (.© Microsoft Corporation. All rights reserved. - Client Server Runtime Process.) - [6 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe ->
[MD5.D4E6D91C1349B7BFB3599A6ADA56851B] - [12/05/2012 14:24:24] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [273 Ko] - (6.0.6002.18005) - C:\Windows\System32\services.exe
[MD5.2B336AB6286D6C81FA02CBAB914E3C6C] - [21/01/2008 04:24:48] - (.© Microsoft Corporation. All rights reserved. - Services and Controller app.) - [272.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[MD5.D4E6D91C1349B7BFB3599A6ADA56851B] - [12/05/2012 14:24:24] - (.© Microsoft Corporation. All rights reserved. - Services and Controller app.) - [273 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[MD5.98AF15A94CD6AC37248E72E5FE789B35] - [12/05/2012 14:23:11] - (.© Microsoft Corporation. All rights reserved. - Windows Session Manager.) - [62.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\smss.exe
[MD5.6701DDAF68BEDE6BBEEA9D514D73A35B] - [21/01/2008 04:23:50] - (.© Microsoft Corporation. All rights reserved. - Windows Session Manager.) - [62.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[MD5.98AF15A94CD6AC37248E72E5FE789B35] - [12/05/2012 14:23:11] - (.© Microsoft Corporation. All rights reserved. - Windows Session Manager.) - [62.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[MD5.0E135526E9785D085BCD9AEDE6FBCBF9] - [21/01/2008 04:24:49] - (.© Microsoft Corporation. Tous droits réservés. - Application d'ouverture de session Userinit.) - [24.5 Ko] - (6.0.6001.18000) - C:\Windows\System32\userinit.exe
[MD5.0E135526E9785D085BCD9AEDE6FBCBF9] - [21/01/2008 04:24:49] - (.© Microsoft Corporation. All rights reserved. - Userinit Logon Application.) - [24.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [21/01/2008 04:23:42] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [94.5 Ko] - (6.0.6001.18000) - C:\Windows\System32\wininit.exe
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - [21/01/2008 04:23:42] - (.© Microsoft Corporation. All rights reserved. - Windows Start-Up Application.) - [94.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[MD5.898E7C06A350D4A1A64A9EA264D55452] - [12/05/2012 14:23:12] - (.© Microsoft Corporation. Tous droits réservés. - Application d'ouverture de session Windows.) - [307 Ko] - (6.0.6002.18005) - C:\Windows\System32\winlogon.exe
[MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - [21/01/2008 04:24:49] - (.© Microsoft Corporation. All rights reserved. - Windows Logon Application.) - [307.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[MD5.898E7C06A350D4A1A64A9EA264D55452] - [12/05/2012 14:23:12] - (.© Microsoft Corporation. All rights reserved. - Windows Logon Application.) - [307 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[MD5.3911B972B55FEA0478476B2E777B29FA] - [08/05/2012 05:21:15] - (.© Microsoft Corporation. Tous droits réservés. - Ancillary Function Driver for WinSock.) - [267 Ko] - (6.0.6002.18457) - C:\Windows\System32\drivers\afd.sys
[MD5.763E172A55177E478CB419F88FD0BA03] - [21/01/2008 04:24:17] - (.© Microsoft Corporation. All rights reserved. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys
[MD5.48EB99503533C27AC6135648E5474457] - [08/05/2012 05:21:15] - (.© Microsoft Corporation. All rights reserved. - Ancillary Function Driver for WinSock.) - [267 Ko] - (6.0.6001.18639) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_d7d0e0cc5e7d461c\afd.sys
[MD5.C8AF25017CECB75906A571AC70D2D306] - [08/05/2012 05:21:15] - (.© Microsoft Corporation. All rights reserved. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6001.22905) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_d876efff77862705\afd.sys
[MD5.A201207363AA900ABF1A388468688570] - [12/05/2012 14:24:07] - (.© Microsoft Corporation. All rights reserved. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_d9d3bb9e5b8eea9c\afd.sys
[MD5.3911B972B55FEA0478476B2E777B29FA] - [08/05/2012 05:21:15] - (.© Microsoft Corporation. All rights reserved. - Ancillary Function Driver for WinSock.) - [267 Ko] - (6.0.6002.18457) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_d99fb42e5bb59d9b\afd.sys
[MD5.70EE0FC7A0F384DBD929A01384AEEB4B] - [08/05/2012 05:21:15] - (.© Microsoft Corporation. All rights reserved. - Ancillary Function Driver for WinSock.) - [267.5 Ko] - (6.0.6002.22629) - C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_da4bc33774b91967\afd.sys
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - [12/05/2012 14:24:11] - (.© Microsoft Corporation. All rights reserved. - ATAPI IDE Miniport Driver.) - [19.48 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\atapi.sys
[MD5.2D9C903DC76A66813D350A562DE40ED9] - [21/01/2008 04:23:00] - (.© Microsoft Corporation. All rights reserved. - ATAPI IDE Miniport Driver.) - [21.05 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[MD5.92210921EEFC081693F649C3631DEEC2] - [08/05/2012 11:34:20] - (.© Microsoft Corporation. All rights reserved. - ATAPI IDE Miniport Driver.) - [21.05 Ko] - (6.0.6001.18023) - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18023_none_dd25892021975283\atapi.sys
[MD5.76D70915EB81608DC6ACA87887FAB38F] - [08/05/2012 11:34:20] - (.© Microsoft Corporation. All rights reserved. - ATAPI IDE Miniport Driver.) - [21.05 Ko] - (6.0.6001.22120) - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22120_none_ddac250d3ab7a648\atapi.sys
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - [12/05/2012 14:24:11] - (.© Microsoft Corporation. All rights reserved. - ATAPI IDE Miniport Driver.) - [19.48 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[MD5.6B4BFFB9BECD728097024276430DB314] - [12/05/2012 14:24:05] - (.© Microsoft Corporation. All rights reserved. - SCSI CD-ROM Driver.) - [65.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\cdrom.sys
[MD5.1EC25CEA0DE6AC4718BF89F9E1778B57] - [21/01/2008 04:23:02] - (.© Microsoft Corporation. All rights reserved. - SCSI CD-ROM Driver.) - [65.5 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[MD5.6B4BFFB9BECD728097024276430DB314] - [12/05/2012 14:24:05] - (.© Microsoft Corporation. All rights reserved. - SCSI CD-ROM Driver.) - [65.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - [12/05/2012 14:23:57] - (.© Microsoft Corporation. All rights reserved. - MBT Transport driver.) - [181.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\netbt.sys
[MD5.7C5FEE5B1C5728507CD96FB4A13E7A02] - [21/01/2008 04:24:59] - (.© Microsoft Corporation. All rights reserved. - MBT Transport driver.) - [180 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6001.18000_none_6064c861f7442765\netbt.sys
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - [12/05/2012 14:23:57] - (.© Microsoft Corporation. All rights reserved. - MBT Transport driver.) - [181.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6002.18005_none_6250416df465f2b1\netbt.sys
[MD5.76B06EB8A01FC8624D699E7045303E54] - [12/05/2012 14:23:07] - (.© Microsoft Corporation. All rights reserved. - TDI Translation Driver.) - [70.5 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\tdx.sys
[MD5.D09276B1FAB033CE1D40DCBDF303D10F] - [21/01/2008 04:24:53] - (.© Microsoft Corporation. All rights reserved. - TDI Translation Driver.) - [70 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys
[MD5.76B06EB8A01FC8624D699E7045303E54] - [12/05/2012 14:23:07] - (.© Microsoft Corporation. All rights reserved. - TDI Translation Driver.) - [70.5 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - [12/05/2012 14:23:13] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [220.98 Ko] - (6.0.6002.18005) - C:\Windows\System32\drivers\volsnap.sys
[MD5.D8B4A53DD2769F226B3EB374374987C9] - [21/01/2008 04:23:21] - (.© Microsoft Corporation. All rights reserved. - Volume Shadow Copy Driver.) - [222.55 Ko] - (6.0.6001.18000) - C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - [12/05/2012 14:23:13] - (.© Microsoft Corporation. All rights reserved. - Volume Shadow Copy Driver.) - [220.98 Ko] - (6.0.6002.18005) - C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys

07:45:41

¤¤¤¤¤¤¤¤¤¤ | Processus

AAWService.exe (1232) -> Processus stoppé
explorer.exe (1812) -> Processus stoppé
AWSC.exe (1800) -> Processus stoppé
firefox.exe (1156) -> Processus stoppé
plugin-container.exe (1488) -> Processus stoppé
plugin-container.exe (1724) -> Processus stoppé

¤¤¤¤¤¤¤¤¤¤ | Processus en cours

Demarrage : MSE

424 | C:\Windows\System32\smss.exe - SYSTEM - Normal - \SystemRoot\System32\smss.exe - 4
492 | C:\Windows\system32\csrss.exe - SYSTEM - Normal - C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 - 480
528 | C:\Windows\system32\csrss.exe - SYSTEM - Normal - C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 - 520
536 | C:\Windows\system32\wininit.exe - SYSTEM - High - wininit.exe - 480
580 | C:\Windows\system32\winlogon.exe - SYSTEM - High - winlogon.exe - 520
604 | C:\Windows\system32\services.exe - SYSTEM - Normal - C:\Windows\system32\services.exe - 536
624 | C:\Windows\system32\lsass.exe - SYSTEM - Normal - C:\Windows\system32\lsass.exe - 536
632 | C:\Windows\system32\lsm.exe - SYSTEM - Normal - C:\Windows\system32\lsm.exe - 536
776 | C:\Windows\system32\svchost.exe - SYSTEM - Normal - C:\Windows\system32\svchost.exe -k DcomLaunch - 604
832 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k rpcss - 604
920 | C:\Windows\System32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted - 604
948 | C:\Windows\system32\svchost.exe - SYSTEM - Normal - C:\Windows\system32\svchost.exe -k netsvcs - 604
980 | C:\Windows\System32\svchost.exe - SYSTEM - Normal - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted - 604
1032 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k NetworkService - 604
1048 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalService - 604
1248 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork - 604
1348 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted - 604
1516 | C:\Windows\system32\wbem\unsecapp.exe - SYSTEM - Normal - C:\Windows\system32\wbem\unsecapp.exe -Embedding - 776
1612 | C:\Windows\system32\wbem\wmiprvse.exe - SYSTEM - Normal - C:\Windows\system32\wbem\wmiprvse.exe - 776
1280 | C:\Users\OLIVE\Downloads\winlogon.exe - OLIVE - Normal - "C:\Users\OLIVE\Downloads\winlogon.exe" - 1812
1780 | C:\Windows\system32\conime.exe - OLIVE - Normal - C:\Windows\system32\conime.exe - 1656
1480 | C:\Windows\system32\cmd.exe - OLIVE - Normal - C:\Windows\system32\cmd.exe /c %Homedrive%\Pre_Scan\Pv.exe -o"%i | %f - %u - %p - %l - %r">>%Homedrive%\Pre_Scan.txt - 1280
1700 | C:\Pre_Scan\Pv.exe - OLIVE - Normal - C:\Pre_Scan\Pv.exe -o"%i | %f - %u - %p - %l - %r" - 1480
996 | C:\Windows\system32\conime.exe - OLIVE - Normal - C:\Windows\system32\conime.exe - 1480

¤¤¤¤¤¤¤¤¤¤ | Winlogon

¤

[HKLM | Winlogon] | Shell : explorer.exe
[HKLM | Winlogon] | AutoRestartShell : 1 -> 0
[HKLM | Winlogon] | userinit : C:\Windows\system32\userinit.exe,
[HKLM | Winlogon] | PowerDownAfterShutdown : 0 -> 1
[HKLM | Winlogon] | System :
[HKLM | Winlogon] | VMApplet : rundll32 shell32,Control_RunDLL "sysdm.cpl"
[HKLM | Winlogon] | WinStationsDisabled : 0

¤¤¤¤¤¤¤¤¤¤ | Winlogon\Notify

¤¤¤¤¤¤¤¤¤¤ | Associations

[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : comfile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : C:\Windows\Explorer.exe /separate,/idlist,%I,%L -> C:\Windows\explorer.exe

¤

[Firefox | Command] | @ : C:\Program Files\Mozilla Firefox\firefox.exe -> "C:\Program Files\Mozilla Firefox\Firefox.exe"
[Firefox - Safemode | Command] | @ : "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
[IE | Command] | @ : C:\Program Files\Internet Explorer\iexplore.exe -> "C:\Program Files\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[Chrome | Command] | @ : "C:\Program Files\Google\Chrome\Application\chrome.exe" -> "C:\Users\OLIVE\AppData\Local\Google\Chrome\Application\Chrome.exe"
[Assoc | Applications] | @ : http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s

¤¤¤¤¤¤¤¤¤¤ | Corrections diverses

[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | HideDesktopIcons\NewStartPanel] | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> 0
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | HideDesktopIcons\ClassicStartMenu] | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> 0
[HKLM | HideDesktopIcons\ClassicStartMenu] | {9343812e-1c37-4a49-a12e-4b2d810d956b} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {F02C1A0D-BE21-4350-88B0-7367FC96EF3C} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {208D2C60-3AEA-1069-A2D7-08002B30309D} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {871C5380-42A0-1069-A2EA-08002B30309D} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {9343812e-1c37-4a49-a12e-4b2d810d956b} : 1 -> 0
[HKLM | Advanced\Folder\Hidden\SHOWALL] | CheckedValue : 1
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Explorer\Advanced] | Start_ShowMyMusic : 1
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Explorer\Advanced] | Start_ShowMyPics : 1
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Explorer\Advanced] | Start_ShowUser : 1
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Explorer\Advanced] | Start_ShowMyDocs : 1
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Explorer\Advanced] | Start_ShowHelp : 1
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Explorer\Advanced] | Start_EnableDragDrop : 1
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Explorer\Advanced] | Start_ShowMyComputer : 1
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Explorer\Advanced] | Start_ShowControlPanel : 1
[HKU\S-1-5-19 | Desktop] | Wallpaper : C:\windows\Web\Wallpaper\img24.jpg
[HKU\S-1-5-20 | Desktop] | Wallpaper : C:\windows\Web\Wallpaper\img24.jpg
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Desktop] | Wallpaper : C:\Windows\ASUS\wallpapers\ASUS3.jpg
[HKU\S-1-5-19 | Policies\Explorer] | NoDesktop : -> 0
[HKU\S-1-5-20 | Policies\Explorer] | NoDesktop : -> 0
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Policies\Explorer] | NoDesktop : -> 0
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000_Classes | Policies\Explorer] | NoDesktop : -> 0
[HKU\S-1-5-18 | Policies\Explorer] | NoDesktop : -> 0
[HKLM | policies\Explorer] | NoDesktop : -> 0
[HKU\S-1-5-19 | Explorer\Advanced] | Hidden : -> 0
[HKU\S-1-5-20 | Explorer\Advanced] | Hidden : -> 0
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Explorer\Advanced] | Hidden : 2 -> 0
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000_Classes | Explorer\Advanced] | Hidden : -> 0
[HKU\S-1-5-18 | Explorer\Advanced] | Hidden : -> 0

07:45:42

¤¤¤¤¤¤¤¤¤¤ | Services

[RPCSS] | Start : 2 : Actif
[Cmbatt] | Start : 3 : Inactif
[Compbatt] | Start : 0 : Actif
[Ndisuio] | Start : 3 : Actif
[Profsvc] | Start : 2 : Actif
[PlugPlay] | Start : 2 : Actif
[PEAUTH] | Start : 2 : Inactif
[Parvdm] | Start : 2 : Inactif
[NVSvc] | Start : 2 : Inactif
[nsi] | Start : 2 : Actif
[NLASvc] | Start : 2 : Actif
[MPSsvc] | Start : 2 : Actif
[MMCSS] | Start : 2 : Inactif
[luafv] | Start : 2 : Inactif
[lltdio] | Start : 2 : Inactif
[Iphlpsvc] | Start : 2 : Inactif
[IKEEXT] | Start : 2 : Actif
[IAStorDataMgrsvc] | Start : 2 : Inactif
[gpsvc] | Start : 2 : Inactif
[lmhosts] | Start : 2 : Actif
[LanmanWorkstation] | Start : 2 : Actif
[LanmanServer] | Start : 2 : Inactif
[agp440] | Start : 3 -> 2 : Inactif
[AudioEndpointBuilder] | Start : 2 : Inactif
[Audiosrv] | Start : 2 : Inactif
[BFE] | Start : 2 : Actif
[Bits] | Start : 2 : Inactif
[CryptSvc] | Start : 2 : Actif
[EapHost] | Start : 3 -> 2 : Actif
[Wlansvc] | Start : 2 : Actif
[SharedAccess] | Start : 4 -> 2 : Inactif
[windefend] | Start : 4 -> 2 : Inactif
[wuauserv] | Start : 2 : Inactif
[WerSvc] | Start : 2 : Inactif
[wscsvc] | Start : 2 : Inactif

07:45:42

¤¤¤¤¤¤¤¤¤¤ | Internet Explorer

[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Main] | Start Page : http://search.conduit.com?SearchSource=10&ctid=CT1060933&SSPV=IENOSGTB -> https://www.google.com/?gws_rd=ssl
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Main] | Local Page : C:\Windows\system32\blank.htm
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Main] | Search Page : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

[HKLM | Search] | SearchAssistant : -> http://www.google.com/toolbar/ie8/sidebar.html
[HKLM | Main] | Start Page : https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main] | Local Page : C:\Windows\System32\blank.htm
[HKLM | Main] | Default_Search_URL : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | Main] | Default_Page_URL : https://www.asus.com/fr/ -> https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main] | Search Page : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | AboutURLs] | Tabs : -> res://ieframe.dll/tabswelcome.htm

¤

[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | PhishingFilter] | Enabled : 2
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Internet settings] | ProxyOverride : <local> -> 0
[HKU\S-1-5-19 | Internet settings] | EnableHttp1_1 : 1
[HKU\S-1-5-20 | Internet settings] | EnableHttp1_1 : 1
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Internet settings] | EnableHttp1_1 : 1
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Internet settings] | MigrateProxy : 1
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Internet settings] | WarnonZoneCrossing : 0 -> 1
[HKU\S-1-5-19 | Internet settings] | AutoConfigProxy : wininet.dll
[HKU\S-1-5-20 | Internet settings] | AutoConfigProxy : wininet.dll
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | Internet settings] | AutoConfigProxy : wininet.dll

¤

[HKU\S-1-5-21-1959498384-218811378-2899222492-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] | (Bing) -> https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE8SRC
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}] | (Ask Search) -> http://www.search.ask.com/?l=dis{searchTerms}&locale=fr_FR&apn_ptnrs=J9&apn_dtid=YYYYYYYYFR&apn_uid=0B87713A-7B41-4348-86BF-3859876A9BF9&apn_sauid=4CE2F082-57B0-407D-B0E4-4C7364FB0B4D
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] | (Google) -> https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FDUM_frFR483
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] | (AVG Secure Search) -> https://isearch.avg.com/?cid={F5F4800A-267B-4667-BDBE-8DFB620BA193}&mid=28ca21938c1c47d0b71fd16a12f4c7f5-df9bd48a078f8ec0d67b76cc3c8d4db0ddc5aef2&lang=fr&ds=bm011&pr=sa&d=2012-05-09 20:37:36&v=11.0.0.9&sap=dsp&q={searchTerms}
[HKU\S-1-5-21-1959498384-218811378-2899222492-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] | (Freecorder Customized Web Search) -> http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933&SSPV=IENOSGBR

[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] | (@ieframe.dll,-12512) -> https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] | (Google) -> https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] | (Freecorder Customized Web Search) -> http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933&SSPV=IENOSGBR

[HKU\S-1-5-21-1959498384-218811378-2899222492-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] | () ->

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{000209FF-0000-0000-C000-000000000046}] | (winword.exe) -> C:\Program Files\Microsoft Office\Office12
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0002df01-0000-0000-c000-000000000046}] | (iexplore.exe) -> %ProgramFiles%\Internet Explorer
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{003B91A6-61E3-4591-891D-01E94C8CB11E}] | (Silverlight.Configuration.exe) -> C:\Program Files\Microsoft Silverlight\5.1.10411.0\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03288CB3-3893-46D1-8D58-B2F8BB6FF5BF}] | (MSACCESS.EXE) -> C:\Program Files\Microsoft Office\Office12
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] | (tabtip.exe) -> %CommonProgramFiles%\Microsoft Shared\Ink
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] | (wpcer.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08E8D305-8D6D-49fe-8603-03A926E46AE0}] | (Adobe_Updater.exe) -> C:\Program Files\Common Files\Adobe\Updater6
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] | (Acrobat Elements.exe) -> %ProgramFiles%\adobe\acrobat 6.0\Acrobat Elements
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695}] | (winfxdocobj.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10483e7e-0e8b-4e16-9e77-6be5d991683b}] | (mstsc.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] | (wuapp.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{130c40f0-1bcb-4852-8b63-291cf90a600b}] | (msdt.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B3FB63-66F4-4EFC-B717-BB283B85E79B}] | (AcroBroker.exe) -> C:\Program Files\Adobe\Reader 9.0\Reader\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] | (dfsvc.exe) -> C:\Windows\microsoft.net\framework\v2.0.50727
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DC94C34-5E5C-4365-AE88-10DED0AD9857}] | (FreecorderAutoUpdateHelper.exe) -> C:\Users\OLIVE\AppData\Local\Conduit\CT1060933
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ec76a37-1762-46ff-9b14-765b3e6793be}] | (agcp.exe) -> C:\Program Files\Microsoft Silverlight\5.1.10411.0\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] | (ieinstal.exe) -> %ProgramFiles%\Internet Explorer
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BBE903C-2776-4574-9855-EC1597ABE3D6}] | (EXCEL.EXE) -> C:\Program Files\Microsoft Office\Office12
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{358E6F10-DE8A-4602-8424-179CA217F8EE}] | (AcroRd32Info.exe) -> C:\Program Files\Adobe\Reader 9.0\Reader
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41DDCE73-2089-472B-AE77-CF6B36B10413}] | (FreecorderToolbarHelper.exe) -> C:\Program Files\Freecorder
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43ABBB95-C0E9-497B-8BB9-B5FA08861705}] | (wlmail.exe) -> C:\Program Files\Windows Live\Mail\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] | (acrord32.exe) -> %ProgramFiles%\adobe\acrobat 7.0\reader
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C0B7A7C-8ECF-422f-9448-0874C41D4532}] | (WLLoginProxy.exe) -> %ProgramFiles%\Common Files\Microsoft Shared\Windows Live
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{592E7A9A-E0AD-40DB-91BA-58C82D0D2849}] | (uTorrentBar_FRAutoUpdateHelper.exe) -> C:\Users\OLIVE\AppData\Local\Conduit\CT2851639
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{616db3d0-90cb-4ff2-a22f-f5fc4abe3418}] | (OfficeLiveSignIn.exe) -> C:\Program Files\Microsoft\Office Live\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] | (wmplayer.exe) -> %ProgramFiles%\Windows Media Player
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] | (iedw.exe) -> %ProgramFiles%\Internet Explorer
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E2369A-75BA-41F9-8B9E-16059E5CF9A6}] | (AdobeARM.exe) -> C:\Program Files\Common Files\Adobe\ARM\1.0\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] | () ->
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B7FB824-0A43-4bc2-B58D-F6386FEEFD84}] | (CGuard.exe) -> Choice Guard
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] | (verclsid.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] | (ctfmon.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] | (helppane.exe) -> C:\Windows
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E1F80F4-953F-41E7-8460-E64AE5BE4ED3}] | (AdobeCollabSync.exe) -> C:\Program Files\Adobe\Reader 9.0\Reader
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] | (acrobat.exe) -> %ProgramFiles%\adobe\acrobat 7.0\Acrobat
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C6A861C-B233-4994-AFB1-C158EE4FC578}] | (AcroRd32.exe) -> C:\Program Files\Adobe\Reader 9.0\Reader
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] | (Acrobat Elements.exe) -> %ProgramFiles%\adobe\acrobat 7.0\Acrobat Elements
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] | (xpsviewer.exe) -> C:\Windows\system32\xpsviewer
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] | (SaUpdate.exe) -> C:\Program Files\Ask.com\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5B020FD-E04B-4e67-B65A-E7DEED25B2CF}] | (wisptis.exe) -> C:\Windows\System32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAD4AE2E-D834-46D4-8B09-490FAC9C722B}] | () ->
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] | (cmd.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB64A76C-9578-433f-949F-142997978A62}] | (asghost.exe) -> C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] | (GoogleUpdateBroker.exe) -> C:\Program Files\Google\Update\1.3.21.111
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] | (GoogleUpdate.exe) -> C:\Program Files\Google\Update
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D133B285-8A43-4EC7-93BE-9B909C2370F5}] | (msnmsgr.exe) -> C:\Program Files\Windows Live\Messenger\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d8a5d001-3352-40db-9d1c-ed46683193b5}] | (WindowsLiveWriter.exe) -> C:\Program Files\Windows Live\Writer\
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] | (notepad.exe) -> C:\Windows\System32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] | (acrord32.exe) -> %ProgramFiles%\adobe\acrobat 6.0\reader
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7502685-8A07-4042-9120-6362A5133573}] | (uTorrentBar_FRToolbarHelper.exe) -> C:\Program Files\uTorrentBar_FR
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] | (presentationhost.exe) -> C:\Windows\system32
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6A6CA96-B08E-4429-BA30-39232494F292}] | (MSPUB.EXE) -> C:\Program Files\Microsoft Office\Office12
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7629763-7562-4d3a-8468-6CA5563852B2}] | (INFOPATH.EXE) -> C:\Program Files\Microsoft Office\Office12
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] | (acrobat.exe) -> %ProgramFiles%\adobe\acrobat 6.0\Acrobat
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC88B53C-9B2A-1A25-5867-C8612E79DBF6}] | (POWERPNT.EXE) -> C:\Program Files\Microsoft Office\Office12

¤¤¤¤¤¤¤¤¤¤ | Firefox

Profile : u3objlzb.default

user_pref("browser.startup.homepage", "http://search.conduit.com/?ctid=CT1060933&SearchSource=13");
user_pref("browser.startup.homepage_override.buildID", "20120601045813");
user_pref("browser.startup.homepage_override.mstone", "13.0");
user_pref("browser.download.lastDir", "C:\\Users\\OLIVE\\Downloads");
Ligne supprimée : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
Ligne supprimée : user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Ligne supprimée : user_pref("CT1060933..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Ligne supprimée : user_pref("CT1060933..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Ligne supprimée : user_pref("CT1060933.AboutPrivacyUrl", "http://www.conduit.com");
Ligne supprimée : user_pref("CT1060933.GroupingServiceUrl", "http://grouping.services.conduit.com/");
Ligne supprimée : user_pref("CT1060933.HomepageBeforeUnload", "http://search.conduit.com/?ctid=CT1060933&SearchSource=13");
Ligne supprimée : user_pref("CT1060933.InstallationId", "ConduitNSISIntegration");
Ligne supprimée : user_pref("CT1060933.InstallationType", "ConduitNSISIntegration");
Ligne supprimée : user_pref("CT1060933.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
Ligne supprimée : user_pref("CT1060933.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=2&q=");
Ligne supprimée : user_pref("CT1060933.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Ligne supprimée : user_pref("CT1060933.TBHomePageUrl", "http://search.conduit.com/?ctid=CT1060933&SearchSource=13");
Ligne supprimée : user_pref("CT1060933.TrusteLinkUrl", "http://trust.conduit.com/CT1060933");
Ligne supprimée : user_pref("CT1060933.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCityToolbar.com,MyCollegeToolbar.com,MyFamilyToolbar.com,MyForumToolbar.com,MyLibraryToolbar.com,MyRadioToolbar.com,MyStoreToolbar.com,MyTownToolbar.com,MyUniversityToolbar.com,OurChurchToolbar.com,MyXangaToolbar.com,Media-Toolbar.com,LoyaltyToolbar.com,MyTeamToolbar.com,GreatToolbars.com,OurOrganizationToolbar.com,OurBusinessToolbar.com,Toolbar.fm");
Ligne supprimée : user_pref("CT1060933.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"http://appdownload.conduit.com/\",\"RevertSettingsEnabled\":\"FALSE\",\"urlBarHiddenEnabled\":\"TRUE\",\"notFoundHiddenEnabled\":\"TRUE\",\"searchInNewTabHiddenEnabled\":\"TRUE\"}");
Ligne supprimée : user_pref("CT1060933.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Ligne supprimée : user_pref("CT1060933.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Ligne supprimée : user_pref("CommunityToolbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT1060933&SearchSource=13");
Ligne supprimée : user_pref("CommunityToolbar.ConduitSearchList", "Freecorder Customized Web Search");
Ligne supprimée : user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT1060933/CT1060933", "\"d84035e9731211223d8a953c488bd4c31\"");
Ligne supprimée : user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", "\"1324192924\"");
Ligne supprimée : user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\"");
Ligne supprimée : user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Ligne supprimée : user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"4ead38b3e6bcd1:0\"");
Ligne supprimée : user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT1060933", "\"d76323372b05c3748a3d6b1c93a98292\"");
Ligne supprimée : user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en-us", "\"6a998dbe1a10be371b546957d8d4b125\"");
Ligne supprimée : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\OLIVE\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\u3objlzb.default\\conduitCommon\\modules\\3.13.0.6");
Ligne supprimée : user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com");
Ligne supprimée : user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com");
Ligne supprimée : user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}");
Ligne supprimée : user_pref("browser.startup.homepage", "http://search.conduit.com/?ctid=CT1060933&SearchSource=13");
Ligne supprimée : user_pref("keyword.URL", "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=2&q=");
Ligne supprimée : user_pref("CT1060933.SearchCaption", "Freecorder Customized Web Search");
Ligne supprimée : user_pref("CT1060933.SearchEngineBeforeUnload", "Freecorder Customized Web Search");
Ligne supprimée : user_pref("browser.search.defaultthis.engineName", "Freecorder Customized Web Search");

¤¤¤¤¤¤¤¤¤¤ | Extensions

C:\Users\OLIVE\AppData\Roaming\Mozilla\Firefox\Profiles\u3objlzb.default\extensions\ytvdw@pgport.com.xpi
C:\Users\OLIVE\AppData\Roaming\Mozilla\Firefox\Profiles\u3objlzb.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
C:\Users\OLIVE\AppData\Roaming\Mozilla\Firefox\Profiles\u3objlzb.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
C:\Users\OLIVE\AppData\Roaming\Mozilla\Firefox\Profiles\u3objlzb.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

¤¤¤¤¤¤¤¤¤¤ | Plugins

C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
C:\Program Files\Mozilla Firefox\searchplugins\google.xml
C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

¤¤¤¤¤¤¤¤¤¤ | DNS

[HKLM\SYSTEM\CCS | Tcpip\Parameters] | DhcpNameServer : 192.168.1.1
[HKLM\SYSTEM\ControlSet001 | Interfaces\{B8E8E3B3-49BC-4B3F-A056-71B8DD2F3DF3}] | DhcpNameServer : 192.168.1.1
[HKLM\SYSTEM\ControlSet002 | Interfaces\{B8E8E3B3-49BC-4B3F-A056-71B8DD2F3DF3}] | DhcpNameServer : 192.168.1.1
[HKLM\SYSTEM\ControlSet010 | Interfaces\{B8E8E3B3-49BC-4B3F-A056-71B8DD2F3DF3}] | DhcpNameServer : 192.168.1.1
[HKLM\SYSTEM\CurrentControlSet | Interfaces\{B8E8E3B3-49BC-4B3F-A056-71B8DD2F3DF3}] | DhcpNameServer : 192.168.1.1

¤¤¤¤¤¤¤¤¤¤ | Hosts

::1 localhost
# Start of entries inserted by Spybot - Search & Destroy
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.1-2005-search.com

[.......]

15241 ligne(s)

¤¤¤¤¤¤¤¤¤¤ | Traitement Fichiers | Dossiers | Registre

Supprimée : [HKCR\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}] | @ -> C:\Program Files\Ask.com\GenericAskToolbar.dll
Supprimée : [HKU\S-1-5-21-1959498384-218811378-2899222492-1000 | URLSearchHooks] | {00000000-6E41-4FD3-8538-502F5495E5FC} ->

07:49:17

Mise en quarantaine : C:\Program Files\Common Files\CPInstallAction.dll
Supprimée : [HKLM | MSConfig\startupreg\IntelliPoint] -> command
Supprimée : [HKLM | MSConfig\startupreg\itype] -> command

07:50:18

Mise en quarantaine : C:\Users\All Users\nvModes.dat
Mise en quarantaine : C:\Users\OLIVE\AppData\Roaming\InstallShield
Mise en quarantaine : C:\Users\OLIVE\AppData\Local\Temp\conduitinstaller.exe
Mise en quarantaine : C:\Users\OLIVE\AppData\Local\Temp\utt3EF5.tmp
Mise en quarantaine : C:\Users\OLIVE\AppData\Local\Temp\utt3EF6.tmp
Mise en quarantaine : C:\Users\OLIVE\AppData\Local\Temp\utt3F07.tmp
Mise en quarantaine : C:\Users\OLIVE\AppData\Local\Temp\utt3F08.tmp
Mise en quarantaine : C:\Users\OLIVE\AppData\Local\Temp\utt3F09.tmp
Mise en quarantaine : C:\Users\OLIVE\AppData\Local\Temp\utt4928.tmp
Mise en quarantaine : C:\Users\OLIVE\AppData\Local\Temp\utt4929.tmp
Mise en quarantaine : C:\Users\OLIVE\AppData\Local\Temp\utt492A.tmp
Mise en quarantaine : C:\Users\OLIVE\AppData\Local\Temp\utt492B.tmp
Mise en quarantaine : C:\Users\OLIVE\AppData\Local\Temp\utt493B.tmp
Mise en quarantaine : C:\Users\OLIVE\AppData\Local\Temp\01net\01NET.com.exe
Mise en quarantaine : C:\Users\OLIVE\AppData\Local\Temp\01net\HiJackThis.exe
Mise en quarantaine : C:\Users\OLIVE\AppData\Local\Temp\CT3128284\statisticsStub.exe

07:51:46

¤¤¤¤¤¤¤¤¤¤ | SafeBoot | Contrôle | Réparation

[HKLM | Safeboot] -> OK
[HKLM | Safeboot\Minimal] -> OK
[HKLM | Safeboot\Network] -> OK

¤

[HKLM | Minimal\AppMgmt] | @ : Service -> OK
[HKLM | Minimal\Base] | @ : Driver Group -> OK
[HKLM | Minimal\Boot Bus Extender] | @ : Driver Group -> OK
[HKLM | Minimal\Boot file system] | @ : Driver Group -> OK
[HKLM | Minimal\CryptSvc] | @ : Service -> OK
[HKLM | Minimal\DcomLaunch] | @ : Service -> OK
[HKLM | Minimal\dmadmin] | @ : -> Service
[HKLM | Minimal\dmboot.sys] | @ : -> Driver
[HKLM | Minimal\dmio.sys] | @ : -> Driver
[HKLM | Minimal\dmload.sys] | @ : -> Driver
[HKLM | Minimal\dmserver] | @ : -> Service
[HKLM | Minimal\EventLog] | @ : Service -> OK
[HKLM | Minimal\File system] | @ : Driver Group -> OK
[HKLM | Minimal\Filter] | @ : Driver Group -> OK
[HKLM | Minimal\HelpSvc] | @ : Service -> OK
[HKLM | Minimal\Netlogon] | @ : Service -> OK
[HKLM | Minimal\PCI Configuration] | @ : Driver Group -> OK
[HKLM | Minimal\PlugPlay] | @ : Service -> OK
[HKLM | Minimal\PNP Filter] | @ : Driver Group -> OK
[HKLM | Minimal\Primary disk] | @ : Driver Group -> OK
[HKLM | Minimal\RpcSs] | @ : Service -> OK
[HKLM | Minimal\SCSI Class] | @ : Driver Group -> OK
[HKLM | Minimal\sermouse.sys] | @ : Driver -> OK
[HKLM | Minimal\sr.sys] | @ : -> FSFilter System Recovery
[HKLM | Minimal\SRService] | @ : -> Service
[HKLM | Minimal\System Bus Extender] | @ : Driver Group -> OK
[HKLM | Minimal\vds] | @ : Service -> OK
[HKLM | Minimal\vga.sys] | @ : Driver -> OK
[HKLM | Minimal\vgasave.sys] | @ : Driver -> OK
[HKLM | Minimal\WinMgmt] | @ : Service -> OK
[HKLM | Minimal\{36FC9E60-C465-11CF-8056-444553540000}] | @ : Universal Serial Bus controllers -> OK
[HKLM | Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] | @ : CD-ROM Drive -> OK
[HKLM | Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] | @ : DiskDrive -> OK
[HKLM | Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] | @ : Standard floppy disk controller -> OK
[HKLM | Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] | @ : Hdc -> OK
[HKLM | Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] | @ : Keyboard -> OK
[HKLM | Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] | @ : Mouse -> OK
[HKLM | Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] | @ : PCMCIA Adapters -> OK
[HKLM | Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] | @ : SCSIAdapter -> OK
[HKLM | Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] | @ : System -> OK
[HKLM | Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] | @ : Floppy disk drive -> OK
[HKLM | Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] | @ : Volume shadow copy -> OK
[HKLM | Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] | @ : Volume -> OK
[HKLM | Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] | @ : Human Interface Devices -> OK

¤

[HKLM | Network\AFD] | @ : Service -> OK
[HKLM | Network\AppMgmt] | @ : Service -> OK
[HKLM | Network\Base] | @ : Driver Group -> OK
[HKLM | Network\Boot Bus Extender] | @ : Driver Group -> OK
[HKLM | Network\Boot file system] | @ : Driver Group -> OK
[HKLM | Network\Browser] | @ : Service -> OK
[HKLM | Network\CryptSvc] | @ : Service -> OK
[HKLM | Network\DcomLaunch] | @ : Service -> OK
[HKLM | Network\Dhcp] | @ : Service -> OK
[HKLM | Network\dmadmin] | @ : -> Service
[HKLM | Network\dmboot.sys] | @ : -> Driver
[HKLM | Network\dmio.sys] | @ : -> Driver
[HKLM | Network\dmload.sys] | @ : -> Driver
[HKLM | Network\dmserver] | @ : -> Service
[HKLM | Network\DnsCache] | @ : Service -> OK
[HKLM | Network\EventLog] | @ : Service -> OK
[HKLM | Network\File system] | @ : Driver Group -> OK
[HKLM | Network\Filter] | @ : Driver Group -> OK
[HKLM | Network\HelpSvc] | @ : Service -> OK
[HKLM | Network\ip6fw.sys] | @ : -> Driver
[HKLM | Network\ipnat.sys] | @ : Driver -> OK
[HKLM | Network\LanmanServer] | @ : Service -> OK
[HKLM | Network\LanmanWorkstation] | @ : Service -> OK
[HKLM | Network\LmHosts] | @ : Service -> OK
[HKLM | Network\Messenger] | @ : Service -> OK
[HKLM | Network\NDIS] | @ : Driver Group -> OK
[HKLM | Network\NDIS Wrapper] | @ : Driver Group -> OK
[HKLM | Network\Ndisuio] | @ : Service -> OK
[HKLM | Network\NetBIOS] | @ : Service -> OK
[HKLM | Network\NetBIOSGroup] | @ : Driver Group -> OK
[HKLM | Network\NetBT] | @ : Service -> OK
[HKLM | Network\NetDDEGroup] | @ : Driver Group -> OK
[HKLM | Network\Netlogon] | @ : Service -> OK
[HKLM | Network\NetMan] | @ : Service -> OK
[HKLM | Network\Network] | @ : Driver Group -> OK
[HKLM | Network\NetworkProvider] | @ : Driver Group -> OK
[HKLM | Network\NtLmSsp] | @ : -> Service
[HKLM | Network\PCI Configuration] | @ : Driver Group -> OK
[HKLM | Network\PlugPlay] | @ : Service -> OK
[HKLM | Network\PNP Filter] | @ : Driver Group -> OK
[HKLM | Network\PNP_TDI] | @ : Driver Group -> OK
[HKLM | Network\Primary disk] | @ : Driver Group -> OK
[HKLM | Network\rdpcdd.sys] | @ : -> Driver
[HKLM | Network\rdpdd.sys] | @ : -> Driver
[HKLM | Network\rdpwd.sys] | @ : -> Driver
[HKLM | Network\rdsessmgr] | @ : Service -> OK
[HKLM | Network\RpcSs] | @ : Service -> OK
[HKLM | Network\SCSI Class] | @ : Driver Group -> OK
[HKLM | Network\sermouse.sys] | @ : Driver -> OK
[HKLM | Network\sharedaccess] | @ : Service -> OK
[HKLM | Network\sr.sys] | @ : -> FSFilter System Recovery
[HKLM | Network\SRService] | @ : -> Service
[HKLM | Network\Streams Drivers] | @ : Driver Group -> OK
[HKLM | Network\SYMTDI] | @ : -> Service
[HKLM | Network\System Bus Extender] | @ : Driver Group -> OK
[HKLM | Network\Tcpip] | @ : Service -> OK
[HKLM | Network\TDI] | @ : Driver Group -> OK
[HKLM | Network\tdpipe.sys] | @ : -> Driver
[HKLM | Network\tdtcp.sys] | @ : -> Driver
[HKLM | Network\termservice] | @ : -> Service
[HKLM | Network\UploadMgr] | @ : -> Service
[HKLM | Network\vga.sys] | @ : Driver -> OK
[HKLM | Network\vgasave.sys] | @ : Driver -> OK
[HKLM | Network\WinMgmt] | @ : Service -> OK
[HKLM | Network\Wlansvc] | @ : Service -> OK
[HKLM | Network\WZCSVC] | @ : -> Service
[HKLM | Network\{36FC9E60-C465-11CF-8056-444553540000}] | @ : Universal Serial Bus controllers -> OK
[HKLM | Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] | @ : CD-ROM Drive -> OK
[HKLM | Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] | @ : DiskDrive -> OK
[HKLM | Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] | @ : Standard floppy disk controller -> OK
[HKLM | Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] | @ : Hdc -> OK
[HKLM | Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] | @ : Keyboard -> OK
[HKLM | Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] | @ : Mouse -> OK
[HKLM | Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] | @ : Net -> OK
[HKLM | Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] | @ : NetClient -> OK
[HKLM | Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] | @ : NetService -> OK
[HKLM | Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] | @ : NetTrans -> OK
[HKLM | Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] | @ : PCMCIA Adapters -> OK
[HKLM | Network\{4D36E97B-E32
0
Réponse 4 / 6
aldebaran95 Messages postés 265 Statut Membre 13
 
C'est bon ,j'ai trouvé la partie manquante :

O43 - CFD: 13/05/2012 - 09:53:21 - [10,323] ----D C:\Program Files\Freecorder
O43 - CFD: 01/06/2012 - 16:21:38 - [18,750] ----D C:\Program Files\Glary Utilities
O43 - CFD: 13/05/2012 - 03:29:04 - [284,806] ----D C:\Program Files\Google
O43 - CFD: 09/05/2012 - 21:00:45 - [2,163] ----D C:\Program Files\ImgBurn
O43 - CFD: 08/05/2012 - 03:52:53 - [67,618] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 08/05/2012 - 04:13:21 - [106,545] ----D C:\Program Files\Intel
O43 - CFD: 16/05/2012 - 09:29:37 - [5,314] ----D C:\Program Files\Internet Explorer
O43 - CFD: 09/05/2012 - 20:44:32 - [88,193] ----D C:\Program Files\IObit
O43 - CFD: 09/05/2012 - 21:01:54 - [13,644] ----D C:\Program Files\IZArc
O43 - CFD: 09/05/2012 - 21:16:57 - [42,417] ----D C:\Program Files\Lavasoft
O43 - CFD: 08/05/2012 - 21:53:32 - [6,206] ----D C:\Program Files\ma-config.com
O43 - CFD: 10/05/2012 - 04:04:51 - [0,718] ----D C:\Program Files\Microsoft
O43 - CFD: 08/05/2012 - 06:38:32 - [0,764] ----D C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 02/11/2006 - 14:37:34 - [89,117] ----D C:\Program Files\Microsoft Games
O43 - CFD: 08/05/2012 - 22:02:47 - [35,670] ----D C:\Program Files\Microsoft IntelliPoint
O43 - CFD: 08/05/2012 - 04:12:54 - [23,912] ----D C:\Program Files\Microsoft IntelliType Pro
O43 - CFD: 08/05/2012 - 03:07:19 - [569,087] ----D C:\Program Files\Microsoft Office
O43 - CFD: 08/05/2012 - 07:40:02 - [1,487] ----D C:\Program Files\Microsoft Office Outlook Connector
O43 - CFD: 08/05/2012 - 21:15:47 - [40,838] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 08/05/2012 - 07:36:33 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 08/05/2012 - 07:39:30 - [1,440] ----D C:\Program Files\Microsoft Sync Framework
O43 - CFD: 08/05/2012 - 03:07:18 - [0,014] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 08/05/2012 - 03:04:19 - [64,367] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 08/05/2012 - 06:07:52 - [3,554] ----D C:\Program Files\Microsoft Works
O43 - CFD: 08/05/2012 - 03:07:08 - [7,774] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 12/05/2012 - 14:43:23 - [94,740] ----D C:\Program Files\Movie Maker
O43 - CFD: 08/06/2012 - 07:39:27 - [37,181] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 08/06/2012 - 07:53:17 - [0,195] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 08/05/2012 - 03:07:22 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 08/05/2012 - 03:44:11 - [7,199] ----D C:\Program Files\P4G
O43 - CFD: 08/05/2012 - 03:44:38 - [0,751] ----D C:\Program Files\P4P
O43 - CFD: 09/05/2012 - 20:37:57 - [19,040] ----D C:\Program Files\PeaZip
O43 - CFD: 09/05/2012 - 21:14:45 - [13,984] ----D C:\Program Files\PhotoFiltre Studio X
O43 - CFD: 08/05/2012 - 04:08:57 - [115,661] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:34 - [40,725] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 09/05/2012 - 21:13:30 - [59,439] ----D C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 09/05/2012 - 21:05:21 - [3,739] ----D C:\Program Files\STDU Viewer
O43 - CFD: 08/05/2012 - 03:47:00 - [0,716] ----D C:\Program Files\Synaptics
O43 - CFD: 02/11/2006 - 15:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 12/05/2012 - 18:14:56 - [0,840] ----D C:\Program Files\uTorrent
O43 - CFD: 09/05/2012 - 21:08:28 - [88,797] ----D C:\Program Files\VideoLAN
O43 - CFD: 09/05/2012 - 21:05:43 - [0,714] ----D C:\Program Files\Voissa anonymo
O43 - CFD: 12/05/2012 - 14:43:23 - [0,970] ----D C:\Program Files\Windows Calendar
O43 - CFD: 12/05/2012 - 14:43:22 - [2,610] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 12/05/2012 - 14:43:19 - [4,283] ----D C:\Program Files\Windows Defender
O43 - CFD: 13/05/2012 - 03:26:51 - [6,757] ----D C:\Program Files\Windows Journal
O43 - CFD: 08/05/2012 - 21:02:19 - [146,075] ----D C:\Program Files\Windows Live
O43 - CFD: 08/05/2012 - 07:35:05 - [0,234] ----D C:\Program Files\Windows Live SkyDrive
O43 - CFD: 17/05/2012 - 06:49:03 - [8,694] ----D C:\Program Files\Windows Mail
O43 - CFD: 12/05/2012 - 14:43:22 - [4,290] ----D C:\Program Files\Windows Media Player
O43 - CFD: 02/11/2006 - 14:37:34 - [7,589] ----D C:\Program Files\Windows NT
O43 - CFD: 12/05/2012 - 14:43:22 - [12,902] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 16/05/2012 - 11:26:18 - [0,128] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 12/05/2012 - 14:43:23 - [6,409] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 08/05/2012 - 03:51:22 - [2,115] ----D C:\Program Files\Wireless Console 2
O43 - CFD: 09/05/2012 - 21:07:09 - [92,943] ----D C:\Program Files\XBMC
O43 - CFD: 09/05/2012 - 21:07:09 - [16,174] ----D C:\Program Files\XnView
O43 - CFD: 08/06/2012 - 09:00:53 - [13,963] ----D C:\Program Files\ZHPDiag
O43 - CFD: 09/05/2012 - 20:41:45 - [6,211] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 08/05/2012 - 03:07:18 - [0,089] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 08/05/2012 - 03:40:50 - [4,554] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 08/05/2012 - 04:04:06 - [8,669] ----D C:\Program Files\Common Files\Intel
O43 - CFD: 08/05/2012 - 04:20:14 - [0,009] ----D C:\Program Files\Common Files\Intel Corporation
O43 - CFD: 08/05/2012 - 11:28:33 - [428,802] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 02/11/2006 - 13:18:33 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 13:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 09/05/2012 - 21:05:05 - [4,621] ----D C:\Program Files\Common Files\STDUtility
O43 - CFD: 13/05/2012 - 03:26:50 - [45,504] ----D C:\Program Files\Common Files\System
O43 - CFD: 08/05/2012 - 07:27:44 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 08/05/2012 - 22:28:04 - [32,560] ----D C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 25/05/2012 - 04:41:33 - [165,160] ----D C:\ProgramData\Adobe
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 08/05/2012 - 04:14:29 - [0,100] ----D C:\ProgramData\ASUS
O43 - CFD: 08/05/2012 - 03:52:23 - [0,026] ----D C:\ProgramData\Atheros
O43 - CFD: 12/05/2012 - 17:16:27 - [32,837] ----D C:\ProgramData\AVAST Software
O43 - CFD: 09/05/2012 - 20:37:10 - [0,000] --H-D C:\ProgramData\Common Files
O43 - CFD: 12/05/2012 - 17:49:03 - [0,286] ----D C:\ProgramData\CustoPackTools
O43 - CFD: 09/05/2012 - 21:33:53 - [0,001] ----D C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 08/05/2012 - 04:04:02 - [0,001] ----D C:\ProgramData\Intel
O43 - CFD: 09/05/2012 - 20:44:56 - [0,000] ----D C:\ProgramData\IObit
O43 - CFD: 09/05/2012 - 21:17:02 - [337,387] ----D C:\ProgramData\Lavasoft
O43 - CFD: 08/05/2012 - 21:53:28 - [1,197] ----D C:\ProgramData\ma-config.com
O43 - CFD: 10/05/2012 - 04:39:56 - [124,557] -S--D C:\ProgramData\Microsoft
O43 - CFD: 08/05/2012 - 20:53:18 - [0,065] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 09/05/2012 - 21:02:51 - [0,000] ----D C:\ProgramData\Mozilla
O43 - CFD: 16/05/2012 - 16:23:25 - [0,192] ----D C:\ProgramData\NVIDIA
O43 - CFD: 01/06/2012 - 16:21:38 - [0,002] ----D C:\ProgramData\P4G
O43 - CFD: 07/06/2012 - 14:43:56 - [94,356] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 02/11/2006 - 15:02:04 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 08/06/2012 - 08:32:15 - [0] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 12/05/2012 - 11:08:53 - [0,247] ----D C:\Users\OLIVE\AppData\Roaming\Adobe
O43 - CFD: 09/05/2012 - 22:20:36 - [0] ----D C:\Users\OLIVE\AppData\Roaming\Auslogics
O43 - CFD: 09/05/2012 - 20:48:45 - [0,158] ----D C:\Users\OLIVE\AppData\Roaming\BitComet
O43 - CFD: 09/05/2012 - 22:16:00 - [0] ----D C:\Users\OLIVE\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 07/06/2012 - 14:23:58 - [0] ----D C:\Users\OLIVE\AppData\Roaming\GetRightToGo
O43 - CFD: 09/05/2012 - 21:36:58 - [0,012] ----D C:\Users\OLIVE\AppData\Roaming\GlarySoft
O43 - CFD: 10/05/2012 - 04:30:39 - [0] ----D C:\Users\OLIVE\AppData\Roaming\Google
O43 - CFD: 09/05/2012 - 21:14:47 - [0,000] ----D C:\Users\OLIVE\AppData\Roaming\Identities
O43 - CFD: 08/05/2012 - 04:05:01 - [0,001] ----D C:\Users\OLIVE\AppData\Roaming\Intel
O43 - CFD: 08/05/2012 - 04:19:58 - [0,001] ----D C:\Users\OLIVE\AppData\Roaming\Intel Corporation
O43 - CFD: 12/05/2012 - 18:00:57 - [0,292] ----D C:\Users\OLIVE\AppData\Roaming\IObit
O43 - CFD: 08/05/2012 - 03:46:05 - [0,001] ----D C:\Users\OLIVE\AppData\Roaming\Macromedia
O43 - CFD: 02/11/2006 - 14:37:34 - [0] ----D C:\Users\OLIVE\AppData\Roaming\Media Center Programs
O43 - CFD: 25/05/2012 - 11:46:13 - [1,473] -S--D C:\Users\OLIVE\AppData\Roaming\Microsoft
O43 - CFD: 12/05/2012 - 11:06:17 - [18,904] ----D C:\Users\OLIVE\AppData\Roaming\Mozilla
O43 - CFD: 09/05/2012 - 21:15:49 - [0,001] ----D C:\Users\OLIVE\AppData\Roaming\PhotoFiltre Studio X
O43 - CFD: 12/05/2012 - 12:42:11 - [0] ----D C:\Users\OLIVE\AppData\Roaming\QuickScan
O43 - CFD: 07/06/2012 - 11:16:55 - [2,225] ----D C:\Users\OLIVE\AppData\Roaming\uTorrent
O43 - CFD: 06/06/2012 - 17:11:09 - [0,078] ----D C:\Users\OLIVE\AppData\Roaming\vlc
O43 - CFD: 12/05/2012 - 17:48:46 - [0,336] ----D C:\Users\OLIVE\AppData\Roaming\XnView
O43 - CFD: 09/05/2012 - 20:43:23 - [0,092] ----D C:\Users\OLIVE\AppData\Local\Adobe
O43 - CFD: 08/05/2012 - 02:48:19 - [0] ----D C:\Users\OLIVE\AppData\Local\Application Data
O43 - CFD: 08/05/2012 - 04:14:15 - [1,310] ----D C:\Users\OLIVE\AppData\Local\ASUS
O43 - CFD: 13/05/2012 - 09:53:20 - [0,126] ----D C:\Users\OLIVE\AppData\Local\Conduit
O43 - CFD: 12/05/2012 - 18:04:11 - [0,860] ----D C:\Users\OLIVE\AppData\Local\CRE
O43 - CFD: 09/05/2012 - 21:31:40 - [0] ----D C:\Users\OLIVE\AppData\Local\Downloaded Installations
O43 - CFD: 09/05/2012 - 20:59:36 - [0,030] ----D C:\Users\OLIVE\AppData\Local\eMule
O43 - CFD: 14/05/2012 - 12:06:19 - [130,436] ----D C:\Users\OLIVE\AppData\Local\FLVService
O43 - CFD: 12/05/2012 - 18:21:20 - [9,187] ----D C:\Users\OLIVE\AppData\Local\Google
O43 - CFD: 08/05/2012 - 02:48:19 - [0] ----D C:\Users\OLIVE\AppData\Local\Historique
O43 - CFD: 07/06/2012 - 10:45:30 - [77,904] ----D C:\Users\OLIVE\AppData\Local\Microsoft
O43 - CFD: 08/05/2012 - 03:03:43 - [0] ----D C:\Users\OLIVE\AppData\Local\Microsoft Help
O43 - CFD: 12/05/2012 - 11:05:12 - [54,148] ----D C:\Users\OLIVE\AppData\Local\Mozilla
O43 - CFD: 12/05/2012 - 18:18:36 - [0,118] ----D C:\Users\OLIVE\AppData\Local\STDUViewer
O43 - CFD: 08/06/2012 - 08:59:34 - [0,054] ----D C:\Users\OLIVE\AppData\Local\Temp
O43 - CFD: 08/05/2012 - 02:48:19 - [0] ----D C:\Users\OLIVE\AppData\Local\Temporary Internet Files
O43 - CFD: 12/05/2012 - 10:59:18 - [0,030] ----D C:\Users\OLIVE\AppData\Local\VirtualStore
O43 - CFD: 25/05/2012 - 22:00:46 - [0] ----D C:\Users\OLIVE\AppData\Local\Windows Live
O43 - CFD: 21/01/2008 - 04:42:46 - [0,015] R---D C:\Users\OLIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 08/05/2012 - 02:49:58 - [0,000] R---D C:\Users\OLIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/01/2008 - 04:42:46 - [0,001] R---D C:\Users\OLIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 09/05/2012 - 21:14:45 - [0] ----D C:\Users\OLIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
O43 - CFD: 08/05/2012 - 02:50:02 - [0,000] R---D C:\Users\OLIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 09/05/2012 - 21:07:09 - [0,003] ----D C:\Users\OLIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
~ Scan Program Folder in 00mn 26s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.E898DA40094005F04325CD9AECF3545E] - 08/06/2012 - 07:56:03 ---A- . (...) -- C:\Windows\ntbtlog.txt [554776]
O44 - LFC:[MD5.E72C5E18C3B2CF0C98CEE285C39CB15B] - 08/06/2012 - 07:55:27 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.99D992AC9CA283B92CFB1FBAE35F1043] - 08/06/2012 - 07:55:13 ---A- . (...) -- C:\aaw7boot.log [8517]
O44 - LFC:[MD5.B756FF8586A8E43C1F3663E641F9E583] - 08/06/2012 - 07:50:12 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [3616]
O44 - LFC:[MD5.B756FF8586A8E43C1F3663E641F9E583] - 08/06/2012 - 07:50:07 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [3616]
O44 - LFC:[MD5.A563F73C23637F3159FAB6B54E2E9778] - 08/06/2012 - 07:49:29 ---A- . (...) -- C:\Pre_Scan.txt [422890]
O44 - LFC:[MD5.60A1417AAE716341D5FFFDCA2BC138DA] - 08/06/2012 - 07:42:59 ---A- . (...) -- C:\Windows\WindowsUpdate.log [6176]
O44 - LFC:[MD5.3BC5FC04FC34230780BD9C2C5B8F73EB] - 07/06/2012 - 15:42:07 ---A- . (...) -- C:\Windows\PFRO.log [1548]
O44 - LFC:[MD5.6532DE44EB8B7892E2471501DE63DEAA] - 07/06/2012 - 14:11:40 ---A- . (...) -- C:\Windows\wininit.ini [525]
O44 - LFC:[MD5.4DE3A86D4FA6BB7CB384559BC08A34FD] - 07/06/2012 - 13:31:27 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [372104]
O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 07/06/2012 - 08:38:46 ---A- . (...) -- C:\Windows\System32\acovcnt.exe [45056]
O44 - LFC:[MD5.CB17A47D090938A02DACB066D6D5A124] - 06/06/2012 - 20:23:17 ---A- . (...) -- C:\Windows\System32\rp_rules.dat [44]
O44 - LFC:[MD5.8A3D5B46FF8C9CED46304F1EBB5F9AFE] - 06/06/2012 - 20:23:17 ---A- . (...) -- C:\Windows\System32\rp_stats.dat [64]
O44 - LFC:[MD5.B99516E55BD20C92FE0FA2AD8CBB9FAE] - 06/06/2012 - 13:43:26 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1470810]
O44 - LFC:[MD5.E4F633694F3AA7F00F67C820105BC00F] - 06/06/2012 - 13:43:26 ---A- . (...) -- C:\Windows\System32\perfc009.dat [101250]
O44 - LFC:[MD5.75276902AC093A70FB50FB838A3564BA] - 06/06/2012 - 13:43:26 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [123556]
O44 - LFC:[MD5.59A545441BC70DB59DC92D5F60DCF798] - 06/06/2012 - 13:43:26 ---A- . (...) -- C:\Windows\System32\perfh009.dat [587178]
O44 - LFC:[MD5.3F5F371407095634B64100F8D1E16A71] - 06/06/2012 - 13:43:26 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [669566]
O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 06/06/2012 - 10:30:29 ---A- . (...) -- C:\Windows\System32\config.nt [2577]
O44 - LFC:[MD5.81E695913FEFD4E23360A69C0F151797] - 31/05/2012 - 09:09:46 ---A- . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys [24408]
O44 - LFC:[MD5.6C52B933B9ACE73D134752B8C077EDDF] - 30/05/2012 - 17:01:44 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [419488]
O44 - LFC:[MD5.2C9341C5E30174AD972AFFED9A10D5E3] - 30/05/2012 - 17:01:44 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [70304]
O44 - LFC:[MD5.7A3EA5CA1AE2C8D94DCA120E0BEA0B02] - 30/05/2012 - 17:00:00 ---A- . (...) -- C:\Windows\System32\lsdelete.exe [16432]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/05/2012 - 10:26:12 --HA- . (...) -- C:\Windows\System32\Drivers\Msft_User_WpdFs_01_07_00.Wdf [0]
O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 16/05/2012 - 08:15:48 ---A- . (...) -- C:\Windows\System32\icrav03.rat [8798]
O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 16/05/2012 - 08:15:48 ---A- . (...) -- C:\Windows\System32\ticrf.rat [1988]
O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 16/05/2012 - 08:15:40 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822]
O44 - LFC:[MD5.0AE43C6C411254049279C2EE55630F95] - 12/05/2012 - 16:17:19 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\System32\Drivers\aswFsBlk.sys [20696]
O44 - LFC:[MD5.B32873E5A1443C0A1E322266E203BF10] - 12/05/2012 - 16:17:19 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [337880]
O44 - LFC:[MD5.6FF544175A9180C5D88534D3D9C9A9F7] - 12/05/2012 - 16:17:17 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\Drivers\aswTdi.sys [53848]
O44 - LFC:[MD5.DA12626FD9A67F4E917E2F2FBE1E1764] - 12/05/2012 - 16:17:17 ---A- . (.AVAST Software - avast! TDI Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr.sys [35672]
O44 - LFC:[MD5.DCB199B967375753B5019EC15F008F53] - 12/05/2012 - 16:17:15 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [612184]
O44 - LFC:[MD5.6693141560B1615D8DCCF0D8EB00087E] - 12/05/2012 - 16:17:14 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [57688]
O44 - LFC:[MD5.6964EE1C0160B21E00967681F9128568] - 12/05/2012 - 16:16:46 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [41184]
O44 - LFC:[MD5.4AD63592D55E91ABB4E29541358CEAEE] - 12/05/2012 - 16:16:46 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [201352]
O44 - LFC:[MD5.358A03A7A47F0AD71E84306AC635A626] - 12/05/2012 - 13:24:20 ---A- . (.Pas de propriétaire - Programme d'authentification du périphériqu.) -- C:\Windows\System32\EhStorAuthn.dll [117248]
O44 - LFC:[MD5.9A7E344C3D52EE1A2EF003B33B1C1BF1] - 12/05/2012 - 13:24:16 ---A- . (.Microsoft - NPS Migration Plugin.) -- C:\Windows\System32\IasMigPlugin.dll [454144]
O44 - LFC:[MD5.81638E6E467193699B5A800732ECBDE4] - 12/05/2012 - 13:23:11 ---A- . (.Microsoft - Classe d'assistance SMB (partage de fichier.) -- C:\Windows\System32\SMBHelperClass.dll [83456]
O44 - LFC:[MD5.52CB0185C73E1BA86CC7F726F22523C3] - 10/04/2009 - 22:28:22 ---A- . (...) -- C:\Windows\System32\msjetoledb40.dll [368640]
O44 - LFC:[MD5.AD4C3968CE1DB3A3A4632E1CDECA9555] - 10/04/2009 - 20:48:20 ---A- . (...) -- C:\Windows\System32\eaphost.tmf [344698]
O44 - LFC:[MD5.A3EB38D309C5682BBA0E23732C5D4AF2] - 10/04/2009 - 20:46:16 ---A- . (...) -- C:\Windows\System32\WFP.TMF [208966]
O44 - LFC:[MD5.4DF0D81B2B19B87DBFF241619DCDDC31] - 10/04/2009 - 20:43:52 ---A- . (...) -- C:\Windows\System32\dot3.tmf [442788]
O44 - LFC:[MD5.16D06DC26B8BD160AD81EE271D9577D8] - 10/04/2009 - 20:43:38 ---A- . (...) -- C:\Windows\System32\onex.tmf [392170]
O44 - LFC:[MD5.E9E66706083BFE4B0070EE0A5E8D42DB] - 10/04/2009 - 17:59:52 ---A- . (...) -- C:\Windows\System32\StructuredQuerySchema.bin [107612]
O44 - LFC:[MD5.B51BF7934D2B657454F66035AA5BFA03] - 10/04/2009 - 17:54:26 ---A- . (...) -- C:\Windows\System32\locale.nls [3662128]
O44 - LFC:[MD5.75DFEB04C0C978810720283C1B5CD7B1] - 06/03/2009 - 17:11:18 ---A- . (...) -- C:\Windows\System32\systemsf.ebd [130008]
O44 - LFC:[MD5.07400BC21119204892795F015052CDF4] - 19/02/2009 - 16:20:52 ---A- . (...) -- C:\Windows\System32\RacUR.xml [9212]
O44 - LFC:[MD5.6F7C27002EA0F9496070A1150C977DEC] - 19/02/2009 - 16:20:52 ---A- . (...) -- C:\Windows\System32\spcinstrumentation.man [9239]
O44 - LFC:[MD5.4C58B5E71FEEFD18BB7F537343C7219A] - 18/02/2009 - 10:43:20 ---A- . (...) -- C:\Windows\System32\RacUREx.xml [153]
O44 - LFC:[MD5.BCDBB5CEA1E8AEA0FA353691EB003728] - 18/02/2009 - 10:39:58 ---A- . (...) -- C:\Windows\System32\slmgr.vbs [92918]
~ Scan Files in 00mn 33s

---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Notification Packages . (...) -- C:\Windows\System32\ASWLNPkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ Scan Keys in 00mn 00s

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s

---\\ MountPoints2 Shell Key (O51) (None)

---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s

---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Advanced SystemCare 5 [Key] . (.IObit - Advanced SystemCare 5 Tray.) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
O53 - SMSR:HKLM\...\startupreg\ATKMEDIA [Key] . (.ASUS - ATK Media.) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
O53 - SMSR:HKLM\...\startupreg\ATKOSD2 [Key] . (.ASUS - ATKOSD2.) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O53 - SMSR:HKLM\...\startupreg\CognizanceTS [Key] . (.Cognizance Corporation - Terminal Services Virtual Channel Client.) -- C:\Program Files\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll
O53 - SMSR:HKLM\...\startupreg\Freecorder FLV Service [Key] . (.Applian Technologies, Inc. - FLV Service for Freecorder.) -- C:\Program Files\Freecorder\FLVSrvc.exe
O53 - SMSR:HKLM\...\startupreg\HControlUser [Key] . (.Pas de propriétaire - HControlUser.) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O53 - SMSR:HKLM\...\startupreg\IAStorIcon [Key] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O53 - SMSR:HKLM\...\startupreg\NvMediaCenter [Key] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O53 - SMSR:HKLM\...\startupreg\Windows Defender [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
~ Scan SMSR Keys in 00mn 00s

---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDesktop"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDesktop"=0
~ Scan Keys in 00mn 00s

---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Scan Drivers in 00mn 00s

---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis
O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s

---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\Firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (...) -- C:\Users\OLIVE\AppData\Local\Google\Chrome\Application\Chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\system32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\system32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\system32\ie4uinit.exe (.not file.)
~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (O69)
O69 - SBI: C:\Users\OLIVE\AppData\Roaming\Mozilla\Firefox\Profiles\u3objlzb.default\searchplugins\conduit.xml
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933..clientLogIsEnabled", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.AppTrackingLastCheckTime", "Wed May 30 2012 17:58:44 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.BrowserCompStateIsOpen_129681785283868963", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.BrowserCompStateIsOpen_129686665230467549", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.CTID", "CT1060933");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.CurrentServerDate", "8-6-2012");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.DSChangedManually", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.DSInstall", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.DialogsAlignMode", "LTR");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.DialogsGetterLastCheckTime", "Thu Jun 07 2012 21:58:47 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.DownloadReferralCookieData", "");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.FirstServerDate", "13-5-2012");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.FirstTime", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.FirstTimeFF3", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.FirstTimeHiddenVer", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.FixPageNotFoundErrors", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.GroupingServerCheckInterval", 1440);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.HPInstall", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.HasUserGlobalKeys", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.HomePageProtectorEnabled", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.Initialize", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.InitializeCommonPrefs", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.InstallationAndCookieDataSentCount", 3);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.InstalledDate", "Sun May 13 2012 09:53:12 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.InvalidateCache", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.IsAlertDBUpdated", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.IsGrouping", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.IsInitSetupIni", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.IsMulticommunity", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.IsOpenThankYouPage", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.IsOpenUninstallPage", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.IsProtectorsInit", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.LanguagePackLastCheckTime", "Thu Jun 07 2012 17:15:06 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.LanguagePackReloadIntervalMM", 1440);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.LastLogin_3.12.2.3", "Wed May 30 2012 17:58:36 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.LastLogin_3.13.0.6", "Fri Jun 08 2012 07:28:21 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.LatestVersion", "3.13.0.6");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.Locale", "en-us");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.MCDetectTooltipHeight", "83");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.MCDetectTooltipWidth", "295");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.MyStuffEnabledAtInstallation", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.OriginalFirstVersion", "3.12.2.3");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.RadioIsPodcast", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.RadioLastCheckTime", "Thu Jun 07 2012 17:15:06 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.RadioLastUpdateIPServer", "0");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.RadioLastUpdateServer", "129326918102570000");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.RadioMediaID", "21504191");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.RadioMediaType", "Media Player");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.RadioMenuSelectedID", "EBRadioMenu_CT106093321504191");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.RadioShrinkedFromSetup", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.RadioStationName", "KFOG");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.RadioStationURL", "http://live.cumulusstreaming.com/KFOG-FM");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.SavedHomepage", "chrome://branding/locale/browserconfig.properties");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.SearchFromAddressBarIsInit", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.SearchInNewTabEnabled", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.SearchInNewTabIntervalMM", 1440);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.SearchInNewTabLastCheckTime", "Thu Jun 07 2012 17:15:01 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.SearchProtectorEnabled", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.SearchProtectorToolbarDisabled", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.SendProtectorDataViaLogin", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.ServiceMapLastCheckTime", "Thu Jun 07 2012 17:15:01 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.SettingsLastCheckTime", "Fri Jun 08 2012 07:28:20 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.SettingsLastUpdate", "1337169810");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.ThirdPartyComponentsInterval", 504);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.ThirdPartyComponentsLastCheck", "Sun Jun 03 2012 11:12:54 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.ThirdPartyComponentsLastUpdate", "1331805997");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.ToolbarShrinkedFromSetup", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.UserID", "UN72533724421943197");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.ValidationData_Toolbar", 2);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.alertChannelId", "15651");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.autoDisableScopes", -1);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.backendstorage.autocompletepro_enable", "31");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.backendstorage.autocompletepro_enable_auto", "31");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.backendstorage.cbcountry_000", "4652");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.backendstorage.cbfirsttime", "53756E204D617920313320323031322030393A35333A313920474D542B30323030");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.backendstorage.printitgreenstatus", "74727565");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.backendstorage.shoppingapp.gk.exipres", "467269204D617920313820323031322030393A35333A313720474D542B30323030")[...]
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.backendstorage.shoppingapp.gk.geolocation", "6672616E6365");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.backendstorage.url_history0001", "687474703A2F2F7777772E796F75747562652E636F6D2F77617463683F763D7937794742347[...]
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.components.129677514212584059", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.components.129681785283868963", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.components.129686665230467549", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.globalFirstTimeInfoLastCheckTime", "Sat Jun 02 2012 11:50:35 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.homepageProtectorEnableByLogin", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.initDone", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.isAppTrackingManagerOn", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.isFirstRadioInstallation", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.myStuffEnabled", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.myStuffPublihserMinWidth", 400);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.myStuffServiceIntervalMM", 1440);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.navigateToUrlOnSearch", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.oldAppsList", "128346981843587669,128280995260143876,111,129272674122038321,129032145384800518,12903214824761[...]
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.revertSettingsEnabled", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.searchProtectorDialogDelayInSec", 10);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.searchProtectorEnableByLogin", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.testingCtid", "");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.toolbarAppMetaDataLastCheckTime", "Thu Jun 07 2012 17:15:06 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.toolbarContextMenuLastCheckTime", "Sun May 13 2012 09:53:00 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CT1060933.usagesFlag", 2);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\OLIVE\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\u3objlzb.def[...]
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.ToolbarsList", "CT1060933");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.ToolbarsList2", "CT1060933");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.ToolbarsList4", "CT1060933");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.globalUserId", "d5f30dad-c289-4a12-be42-d85c6631d402");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1060933");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Jun 03 2012 19:54:16 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.notifications.alertEnabled", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.notifications.locale", "en");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Jun 07 2012 17:25:36 GMT+0200");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.notifications.showTrayIcon", false);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.notifications.userId", "7926de93-8c37-47f0-bdd9-3ab24012bef9");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
O69 - SBI: prefs.js [OLIVE - u3objlzb.default] user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - https://isearch.avg.com/
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} [DefaultScope] - (Freecorder Customized Web Search) - http://search.conduit.com
~ Scan Keys in 00mn 00s

---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d'application.) -- C:\Windows\System32\aelupsvc.dll [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [125952]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d'accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d'interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d'événements système (SENS).) -- C:\Windows\System32\sens.dll [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449024]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1929952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1929952]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d'application.) -- C:\Windows\System32\appinfo.dll [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [153088]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [153088]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d'ordinateurs.) -- C:\Windows\System32\browser.dll [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - DLL du service Explorateur d'ordinateurs.) -- C:\Windows\System32\browser.dll [81920]
~ Scan Services in 00mn 00s

---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.42624123577F5FB2115F68688A173549] [SPRF][12/05/2012] (...) -- C:\ProgramData\1336819028.bdinstall.bin [194625]
[MD5.7EA0651D945DFC2F08A4519D705248CE] [SPRF][12/05/2012] (...) -- C:\ProgramData\1336819707.bdinstall.bin [21442]
[MD5.7D4A1ADFC8E09E7488716D7E96FA03B9] [SPRF][12/05/2012] (...) -- C:\ProgramData\1336822738.bdinstall.bin [213758]
[MD5.888864860B39A4083A451E0B185E5D30] [SPRF][12/05/2012] (...) -- C:\ProgramData\1336831471.bdinstall.bin [216692]
[MD5.88366676AC8C44105FD855C67A49A77C] [SPRF][12/05/2012] (...) -- C:\ProgramData\1336832587.bdinstall.bin [198536]
[MD5.976A60DC70BD5FB11B8BA69FA5C37AD2] [SPRF][08/06/2012] (...) -- C:\ProgramData\nvModes.dat [31871]
[MD5.3EF8A84CC1270AFC8923630951890BBB] [SPRF][08/06/2012] (...) -- C:\Users\OLIVE\AppData\Local\d3d9caps.dat [1356]
[MD5.E06350740405B1315B4059DD372FDB58] [SPRF][07/06/2012] (...) -- C:\Users\OLIVE\AppData\Local\Temp\~gu-ver.dat [131]
~ Scan Files in 00mn 00s

---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{F36B9AF4-5B61-4C62-83DE-7C7A168BC9CE}" | In - Public - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe
O87 - FAEL: "{4B18B29B-7D98-4A8F-8ED5-E4FC447F339A}" | In - Public - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe
O87 - FAEL: "{17CD7102-C64E-4BA0-80ED-16FD56C1EE92}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O87 - FAEL: "{0B2B9D81-1474-4E4C-9C5F-9A021E377804}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
~ Scan Firewall in 00mn 00s

---\\ Scan Additionnel (O88)
Database Version : 9171 - (24/05/2012)
Clés trouvées (Keys found) : 45
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 14
Fichiers trouvés (Files found) : 2

[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.AskSBar
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Toolbar.AskSBar
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Toolbar.AskSBar
[HKLM\Software\Classes\Toolbar.CT1060933] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar.CT2851639] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1392B8D2-5C05-419F-A8F6-B9F15A596612}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1392B8D2-5C05-419F-A8F6-B9F15A596612}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{1392B8D2-5C05-419F-A8F6-B9F15A596612}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392B8D2-5C05-419F-A8F6-B9F15A596612}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Toolbar.AskSBar
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.AskSBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.AskSBar
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.AskSBar
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.AskSBar
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.AskSBar
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar
[HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar
[HKCU\Software\Ask&Record] =>Toolbar.Agent
[HKCU\Software\Ask.com] =>Toolbar.AskBar
[HKCU\Software\Ask.com] =>Toolbar.AskBarDis
[HKCU\Software\AppDataLow\Software\AskToolbar] =>Toolbar.AskTBar
[HKCU\Software\AppDataLow\AskToolbarInfo] =>Toolbar.AskTBar
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>Toolbar.Conduit
[HKLM\Software\uTorrentBar_FR] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.AskSBar
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.AskSBar
C:\Program Files\Ask.com =>Toolbar.AskBar
C:\Program Files\Conduit =>Toolbar.Conduit
C:\Program Files\Freecorder =>Toolbar.Conduit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freecorder =>Toolbar.Conduit
C:\Users\OLIVE\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\OLIVE\AppData\
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
aldebaran95 Messages postés 265 Statut Membre 13
 
Ok,c'est parti mon kiki :

https://www.cjoint.com/?BFkc2tzWdFV
0
Réponse 6 / 6
antipolis a Messages postés 17152 Statut Membre 2 860
 
Bonjour.

Il ne vous reste plus que la "réinitialisation à l'état d'usine".

Une fiche pratique CCM pour vous :
https://www.commentcamarche.net/informatique/windows/123-restaurer-un-pc-a-l-etat-d-usine/
ATTENTION, vos données ainsi que les programmes que vous avez installés seront effacés.

Et je vais me repépéter pour au moins la 10² ième fois.
Utilisez deux partitions.
Une pour le système et les programmes,
l'autre pour les données.
Et, surtout si votre PC est aussi votre outil de travail,
===============================
FAITES DES IMAGES DE VOTRE SYSTEME,
FAITES DES SAUVEGARDES DE VOS DONNEES.
C'EST CERTAIN,
UN JOUR OU L'AUTRE, VOUS EN AUREZ BESOIN
===============================
Moins de 10 minutes pour restaurer "système" et "programmes".
Juste le temps d'une pose café.
No stress.

Mais vous n'êtes pas obligé de me croire.
-2
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618
 
bonjourle zhpdiag est pas complet essais de le poster sur cijoint ou autre !! si pas possible en mode normal essais en mode sans echec avec prise en charge réseau
0
aldebaran95 Messages postés 265 Statut Membre 13
 
En mode normal c'est pas possible,le pc bug.Là je suis en mode sans échec et ça ne prend aucun fichier joint , c'est pour ça que j'ai fait un copier/coller.
Je vais voir pour le fichier ZHPDiag .
0
aldebaran95 Messages postés 265 Statut Membre 13
 
Merci encore pour le temps que tu passes sur mon cas,je me doute que lire toutes ces lignes doit être un calvaire.
Je n'ai malheureusement pas le choix .
0
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618
 
En mode normal c'est pas possible,le pc bug.Là je suis en mode sans échec et ça ne prend aucun fichier joint

normal en mode sans echec pas de connection internet il faut redémarrer soit en mode normal et si pas possible faire le mode sans echec avec prise en charge réseau déjà dit https://forums.commentcamarche.net/forum/affich-25330542-plantage-de-pc-sous-vista-sp2#9
0
aldebaran95 Messages postés 265 Statut Membre 13
 
Oui Jacques,je suis en mode sans échec avec prise réseau depuis le début ,sinon je ne pourrai pas dial avec toi ici car je suis sur mon pc infecté là (je pensais que tu avais compris,j'aurai dû le préciser).
Je ne peux joindre aucun fichier,que ce soit sur le site Cjoint ou sur mon adresse mail, je ne sais pas si c'est le fait du mode sans échec avec prise réseau ou autre ...
0