Sujet Précédent Sujet Suivant

Plusieurs infections...

Résolu/Fermé
chantalou66 Messages postés 157 Date d'inscription lundi 15 juin 2009 Statut Membre Dernière intervention 31 juillet 2013 - 11 août 2012 à 19:17
chantalou66 Messages postés 157 Date d'inscription lundi 15 juin 2009 Statut Membre Dernière intervention 31 juillet 2013 - 18 août 2012 à 09:08
Bonjour à toutes et à tous, je suis revenue de vacances et malheureusement ma fille s'est bien servie de mon pc, aussi j'ai trouvé ceci :

http://img404.imageshack.us/img404/4553/rapportsuperantispy.jpg ainsi que :
http://img254.imageshack.us/img254/2131/virusnonsupprime.jpg
J'avais également un virus que fsécure , après scan m'a à priori enlevé...
Pourriez-vous me dire s'il ne reste pas des séquelles en dll par exemple ou autres car je suis quand même inquiète.
J'ai scanné avec Ccleaner et malwarebyte anti malware, là c'est OK, sur Superanti spyware, j'ai bien sur tout supprimé et également avec spybot où j'ai supprimé pas moins de 40 problèmes, en dernier lieu, j'ai booté avec msss 64 où rien n'a été trouvé, c'est déjà pas mal.
Voilà, si quelqu'un pourrait me dire si tout est réellement OK, ce serait très sympa, merci et bon week-end.


87 réponses

Précédent
Réponse 21 / 87
chantalou66 Messages postés 157 Date d'inscription lundi 15 juin 2009 Statut Membre Dernière intervention 31 juillet 2013 3
12 août 2012 à 10:11
Voici également , après une sauvegarde, le rapport otl, après suppression, comme indiqué par malekal.
Error: Unable to interpret <OTL logfile created on: 12/08/2012 09:51:12 - Run 1> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\CAUSSAT\Desktop> in the current context!
Error: Unable to interpret <64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 9.0.8112.16421)> in the current context!
Error: Unable to interpret <Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <3,93 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 58,47% Memory free> in the current context!
Error: Unable to interpret <7,86 Gb Paging File | 6,06 Gb Available in Paging File | 77,05% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): c:\pagefile.sys 4025 6037 [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)> in the current context!
Error: Unable to interpret <Drive C: | 453,66 Gb Total Space | 353,63 Gb Free Space | 77,95% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive G: | 68,93 Gb Total Space | 7,16 Gb Free Space | 10,39% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive H: | 396,64 Gb Total Space | 50,20 Gb Free Space | 12,66% Space Free | Partition Type: FAT32> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: CAUSSAT-PC | User Name: CAUSSAT | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Processes (SafeList) ==========/color> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <PRC - [2012/08/12 09:45:51 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\CAUSSAT\Desktop\OTL.exe> in the current context!
Error: Unable to interpret <PRC - [2012/08/11 21:52:43 | 000,307,856 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe> in the current context!
Error: Unable to interpret <PRC - [2012/05/29 11:21:43 | 000,561,832 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Orange\Antivirus Firewall\Anti-Virus\fsgk32.exe> in the current context!
Error: Unable to interpret <PRC - [2012/05/29 11:21:32 | 001,028,776 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Orange\Antivirus Firewall\Anti-Virus\fssm32.exe> in the current context!
Error: Unable to interpret <PRC - [2012/04/11 09:57:52 | 000,918,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe> in the current context!
Error: Unable to interpret <PRC - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe> in the current context!
Error: Unable to interpret <PRC - [2012/01/23 06:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe> in the current context!
Error: Unable to interpret <PRC - [2011/11/08 10:30:51 | 000,488,104 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Orange\Antivirus Firewall\Anti-Virus\fsav32.exe> in the current context!
Error: Unable to interpret <PRC - [2011/05/23 12:57:44 | 000,061,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Orange\Antivirus Firewall\ORSP Client\fsorsp.exe> in the current context!
Error: Unable to interpret <PRC - [2009/11/18 18:08:32 | 000,201,128 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Orange\Antivirus Firewall\Common\FSM32.EXE> in the current context!
Error: Unable to interpret <PRC - [2009/11/18 18:08:32 | 000,188,840 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Orange\Antivirus Firewall\Common\FSMA32.EXE> in the current context!
Error: Unable to interpret <PRC - [2009/11/18 18:08:32 | 000,090,536 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Orange\Antivirus Firewall\Common\FSHDLL32.EXE> in the current context!
Error: Unable to interpret <PRC - [2009/11/18 18:06:20 | 000,221,608 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Orange\Antivirus Firewall\Anti-Virus\fsgk32st.exe> in the current context!
Error: Unable to interpret <PRC - [2009/08/21 02:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe> in the current context!
Error: Unable to interpret <PRC - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe> in the current context!
Error: Unable to interpret <PRC - [2009/06/04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe> in the current context!
Error: Unable to interpret <PRC - [2008/12/08 15:16:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Modules (No Company Name) ==========/color> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <MOD - [2009/11/18 18:07:10 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Orange\Antivirus Firewall\FSGUI\strres.eng> in the current context!
Error: Unable to interpret <MOD - [2009/11/18 18:06:54 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Orange\Antivirus Firewall\FSGUI\fsavures.eng> in the current context!
Error: Unable to interpret <MOD - [2009/11/18 18:06:40 | 000,090,536 | ---- | M] () -- C:\Program Files (x86)\Orange\Antivirus Firewall\FSGUI\aboutres.dll> in the current context!
Error: Unable to interpret <MOD - [2009/11/18 18:06:36 | 000,442,792 | ---- | M] () -- C:\Program Files (x86)\Orange\Antivirus Firewall\FSGUI\about.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Win32 Services (SafeList) ==========/color> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SRV:[b]64bit:/b - [2011/09/27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)> in the current context!
Error: Unable to interpret <SRV:[b]64bit:/b - [2009/08/06 06:30:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)> in the current context!
Error: Unable to interpret <SRV:[b]64bit:/b - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)> in the current context!
Error: Unable to interpret <SRV:[b]64bit:/b - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)> in the current context!
Error: Unable to interpret <SRV - [2012/08/02 22:21:28 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)> in the current context!
Error: Unable to interpret <SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)> in the current context!
Error: Unable to interpret <SRV - [2012/04/22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)> in the current context!
Error: Unable to interpret <SRV - [2012/04/11 09:57:52 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)> in the current context!
Error: Unable to interpret <SRV - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)> in the current context!
Error: Unable to interpret <SRV - [2012/01/23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)> in the current context!
Error: Unable to interpret <SRV - [2011/05/23 12:57:44 | 000,061,088 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Orange\Antivirus Firewall\ORSP Client\fsorsp.exe -- (FSORSPClient)> in the current context!
Error: Unable to interpret <SRV - [2010/06/26 10:38:41 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)> in the current context!
Error: Unable to interpret <SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)> in the current context!
Error: Unable to interpret <SRV - [2009/11/18 18:08:32 | 000,188,840 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Orange\Antivirus Firewall\Common\FSMA32.EXE -- (FSMA)> in the current context!
Error: Unable to interpret <SRV - [2009/11/18 18:07:30 | 000,846,248 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Orange\Antivirus Firewall\FWES\program\fsdfwd.exe -- (FSDFWD)> in the current context!
Error: Unable to interpret <SRV - [2009/11/18 18:06:20 | 000,221,608 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Orange\Antivirus Firewall\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)> in the current context!
Error: Unable to interpret <SRV - [2009/08/21 02:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)> in the current context!
Error: Unable to interpret <SRV - [2009/07/28 21:25:34 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)> in the current context!
Error: Unable to interpret <SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)> in the current context!
Error: Unable to interpret <SRV - [2009/06/04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe -- (Greg_Service)> in the current context!
Error: Unable to interpret <SRV - [2009/04/29 05:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)> in the current context!
Error: Unable to interpret <SRV - [2008/12/08 15:16:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Driver Services (SafeList) ==========/color> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2012/06/08 07:59:20 | 000,052,504 | ---- | M] (Toolwiz.com) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\KSafeDISK.sys -- (KSafeDISK)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2012/06/08 07:59:20 | 000,050,456 | ---- | M] (Toolwiz.com) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BTOWSVF.sys -- (BTOWSVF)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2012/06/08 07:59:20 | 000,033,048 | ---- | M] (Toolwiz.com) [File_System | System | Running] -- C:\Windows\SysNative\drivers\BTOWSFF.sys -- (BTOWSFF)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2012/05/09 09:43:03 | 000,055,960 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2012/04/22 13:51:38 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2012/03/09 04:30:58 | 003,580,928 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2012/02/24 17:11:52 | 000,022,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver.sys -- (SmbDrv)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2012/02/01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2012/01/19 00:30:42 | 000,435,240 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2012/01/09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2012/01/09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2011/12/15 02:46:42 | 000,222,904 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2011/10/20 11:24:06 | 000,157,696 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MxEFUF64.sys -- (MxEFUF)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2011/09/02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2011/09/02 08:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2011/09/02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2011/09/02 08:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2011/08/30 14:25:27 | 000,050,384 | ---- | M] (F-Secure Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\fses.sys -- (FSES)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2011/07/22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2011/07/12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2011/05/13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2011/05/13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2011/05/13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2010/12/11 10:54:51 | 000,049,752 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2010/11/20 09:37:43 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2010/11/20 09:37:43 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2010/08/16 16:31:18 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2010/08/16 16:31:16 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2010/07/01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2010/05/25 08:45:52 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2010/05/25 08:45:38 | 000,020,568 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2010/03/22 10:55:20 | 000,046,192 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2010/02/12 16:12:00 | 001,806,592 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2010/01/27 04:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/12/14 09:13:14 | 000,144,896 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/11/18 18:07:30 | 000,094,024 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fsdfw.sys -- (FSFW)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/09/02 19:54:20 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/08/10 05:07:14 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/07/13 23:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/06/24 12:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/06/22 18:38:34 | 000,116,992 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/06/22 18:26:40 | 000,113,792 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/06/10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/06/10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/06/10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/06/10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/05/06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/05/06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/04/29 05:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2009/03/09 14:00:34 | 000,034,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ustor2k.sys -- (USTOR2K)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2008/06/16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2008/05/29 17:51:36 | 000,044,544 | ---- | M] (Sonix) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ST50220.sys -- (ST50220)> in the current context!
Error: Unable to interpret <DRV:[b]64bit:/b - [2006/06/18 00:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)> in the current context!
Error: Unable to interpret <DRV - [2012/05/29 11:22:33 | 000,199,848 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Orange\Antivirus Firewall\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)> in the current context!
Error: Unable to interpret <DRV - [2011/08/17 11:37:25 | 000,042,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\fsbts.sys -- (fsbts)> in the current context!
Error: Unable to interpret <DRV - [2010/05/25 08:45:52 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)> in the current context!
Error: Unable to interpret <DRV - [2009/11/18 18:08:18 | 000,059,784 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Orange\Antivirus Firewall\HIPS\drivers\fshs.sys -- (F-Secure HIPS)> in the current context!
Error: Unable to interpret <DRV - [2009/11/18 18:06:22 | 000,016,768 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Orange\Antivirus Firewall\Anti-Virus\minifilter\fsvista.sys -- (fsvista)> in the current context!
Error: Unable to interpret <DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)> in the current context!
Error: Unable to interpret <DRV - [2009/03/26 05:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\DKbFltr.sys -- (DKbFltr)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Standard Registry (SafeList) ==========/color> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Internet Explorer ==========/color> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE:[b]64bit:/b - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&m=easynote_lj65&r=27360610r745l0314z175f48m2r22s> in the current context!
Error: Unable to interpret <IE:[b]64bit:/b - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}> in the current context!
Error: Unable to interpret <IE:[b]64bit:/b - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC> in the current context!
Error: Unable to interpret <IE:[b]64bit:/b - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.fr/?gws_rd=ssl [binary data]> in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\${searchCLSID}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_frFR385FR385> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACPW_frFR385FR385> in the current context!
Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== FireFox ==========/color> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - user.js - File not found> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll File not found> in the current context!
Error: Unable to interpret <FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found> in the current context!
Error: Unable to interpret <FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)> in the current context!
Error: Unable to interpret <FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context!
Error: Unable to interpret <FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)> in the current context!
Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\CAUSSAT\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\CAUSSAT\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files (x86)\VDownloader\Addons\npVDownloader.dll (Vitzo)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\Orange\Antivirus Firewall\NRS\litmus-ff@f-secure.com [2012/07/13 10:54:53 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@vdownloader.com: C:\Program Files (x86)\VDownloader\Addons\FireFox [2012/06/20 18:30:00 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012/05/05 11:12:51 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012/08/10 12:20:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CAUSSAT\AppData\Roaming\Mozilla\Firefox\Profiles\extensions> in the current context!
Error: Unable to interpret <[2012/08/10 11:51:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CAUSSAT\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions> in the current context!
Error: Unable to interpret <[2012/08/10 12:20:51 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\CAUSSAT\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com> in the current context!
Error: Unable to interpret <[2012/08/10 12:20:51 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\CAUSSAT\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\plugin@yontoo.com> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[color=#E56717]========== Chrome ==========/color> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <CHR - homepage: https://www.iwin.com/home?NMR=1 in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <O1 HOSTS File: ([2012/05/11 16:47:12 | 000,000,000 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts> in the current context!
Error: Unable to interpret <O2:[b]64bit:/b - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)> in the current context!
Error: Unable to interpret <O2:[b]64bit:/b - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O2:[b]64bit:/b - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()> in the current context!
Error: Unable to interpret <O2:[b]64bit:/b - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)> in the current context!
Error: Unable to interpret <O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)> in the current context!
Error: Unable to interpret <O2 - BHO: (Module complémentaire de navigateur pour la désactivation de Google Analytics) - {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} - C:\Program Files (x86)\Google\Google Analytics Opt-Out\gaoptout.dll (Google, Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Désactivation du cookie publicitaire) - {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} - C:\Program Files (x86)\Google\Advertising Cookie Opt-out\opt_out.dll (Google Inc)> in the current context!
Error: Unable to interpret <O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\Orange\Antivirus Firewall\NRS\iescript\baselitmus.dll (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3:[b]64bit:/b - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O3:[b]64bit:/b - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()> in the current context!
Error: Unable to interpret <O3:[b]64bit:/b - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Orange\Antivirus Firewall\NRS\iescript\baselitmus.dll (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!
Error: Unable to interpret <O3:[b]64bit:/b - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O3:[b]64bit:/b - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Orange\Antivirus Firewall\Common\FSM32.EXE (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files (x86)\Orange\Antivirus Firewall\FSGUI\TNBUtil.exe (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [uTorrent] C:\Users\CAUSSAT\Documents\Downloads\utorrent.exe (BitTorrent, Inc.)> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3> in the current context!
Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0> in the current context!
Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0> in the current context!
Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0> in the current context!
Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0> in the current context!
Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0> in the current context!
Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0> in the current context!
Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0> in the current context!
Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0> in the current context!
Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0> in the current context!
Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NolowDiskSpaceChecks = 1> in the current context!
Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3> in the current context!
Error: Unable to interpret <O8:[b]64bit:/b - Extra context menu item: Free YouTube Download - C:\Users\CAUSSAT\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Free YouTube Download - C:\Users\CAUSSAT\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()> in the current context!
Error: Unable to interpret <O9:[b]64bit:/b - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)> in the current context!
Error: Unable to interpret <O9 - Extra Button: PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Users\CAUSSAT\Desktop\PMU Poker.lnk ()> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Users\CAUSSAT\Desktop\PMU Poker.lnk ()> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)> in the current context!
Error: Unable to interpret <O9 - Extra Button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe (PokerStars)> in the current context!
Error: Unable to interpret <O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\fslsp_x64.dll (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\fslsp_x64.dll (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\fslsp_x64.dll (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\fslsp_x64.dll (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\fslsp_x64.dll (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\fslsp_x64.dll (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\fslsp_x64.dll (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\fslsp_x64.dll (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\fslsp_x64.dll (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\fslsp_x64.dll (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries64\000000000021 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\fslsp_x64.dll (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\Orange\Antivirus Firewall\FSPS\program\FSLSP.DLL (F-Secure Corporation)> in the current context!
Error: Unable to interpret <O13[b]64bit:/b - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O16:[b]64bit:/b - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.4.0)> in the current context!
Error: Unable to interpret <O16:[b]64bit:/b - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)> in the current context!
Error: Unable to interpret <O16:[b]64bit:/b - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)> in the current context!
Error: Unable to interpret <O16:[b]64bit:/b - DPF: {D27CDB6E-0000-0000-0000-000000000000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16:[b]64bit:/b - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)> in the current context!
Error: Unable to interpret <O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control)> in the current context!
Error: Unable to interpret <O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_1_2_1.cab (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Reg Error: Value error. (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16 - DPF: {D27CDB6E-0000-0000-0000-000000000000} Reg Error: Value error. (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} Reg Error: Value error. (Shockwave Flash Object)> in the current context!
Error: Unable to interpret <O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53EE9F0E-DC76-4C0D-A8FB-271F8A83D394}: NameServer = 80.10.246.2,80.10.246.129> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD9E2127-EC80-490B-8CFD-322553890C7B}: DhcpNameServer = 192.168.1.1> in the current context!
Error: Unable to interpret <O18:[b]64bit:/b - Protocol\Handler\livecall - No CLSID value found> in the current context!
Error: Unable to interpret <O18:[b]64bit:/b - Protocol\Handler\ms-help - No CLSID value found> in the current context!
Error: Unable to interpret <O18:[b]64bit:/b - Protocol\Handler\ms-itss - No CLSID value found> in the current context!
Error: Unable to interpret <O18:[b]64bit:/b - Protocol\Handler\msnim - No CLSID value found> in the current context!
Error: Unable to interpret <O18:[b]64bit:/b - Protocol\Handler\wlmailhtml - No CLSID value found> in the current context!
Error: Unable to interpret <O18:[b]64bit:/b - Protocol\Handler\wlpg - No CLSID value found> in the current context!
Error: Unable to interpret <O18:[b]64bit:/b - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()> in the current context!
Error: Unable to interpret <O20:[b]64bit:/b - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interp
0
Réponse 22 / 87
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
12 août 2012 à 11:37
Bonjour,
Je n'ai pas demandé de lancer OTL, le rapport que tu as envoyé ne
contient que des erreurs!
======================
Lance ZHPDiag depuis le bureau, lance l'analyse en cliquant sur la loupe, héberge le rapport et colle le lien dans ta prochaine réponse
0
Réponse 23 / 87
chantalou66 Messages postés 157 Date d'inscription lundi 15 juin 2009 Statut Membre Dernière intervention 31 juillet 2013 3
12 août 2012 à 13:39
Comme tu l'as vu, je suis un peu perdue, j'exécute tes informations aussitôt.
0
Réponse 24 / 87
chantalou66 Messages postés 157 Date d'inscription lundi 15 juin 2009 Statut Membre Dernière intervention 31 juillet 2013 3
12 août 2012 à 13:43
Voici:
Rapport de ZHPDiag v1.31.13 par Nicolas Coolman, Update du 31/07/2012
Run by CAUSSAT at 12/08/2012 13:39:50
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v

---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4026 MB (55% free)
System Restore: Inconnu (Unknown)
System drive C: has 355 GB (78%) free of 454 GB

---\\ Logged in mode
~ Computer Name: CAUSSAT-PC
~ User Name: CAUSSAT
~ All Users Names: HomeGroupUser$, CAUSSAT, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\CAUSSAT\AppData\Roaming\
~ %Desktop% : C:\Users\CAUSSAT\Desktop\
~ %Favorites% : C:\Users\CAUSSAT\Favorites\
~ %LocalAppData% : C:\Users\CAUSSAT\AppData\Local\
~ %StartMenu% : C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 355 Go of 454 Go)
D:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.5A45FA344F4AD99D903F4B20E43B89EC] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/06/2012 - 13:05:28.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/3702
~ Mes musiques (My Musics) : 680/2023
~ Mes Videos (My Videos) : 1/112
~ Mes Favoris (My Favorites) : 1/230
~ Mes Documents (My Documents) : 5/3413
~ Mon Bureau (My Desktop) : 1/43
~ Menu demarrer (Programs) : 0/34
~ Scan Hidden Files in 00mn 06s



---\\ Processus lancés
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.]
[MD5.FBAF93425D4B5A6C48ABB5B7F81088CD] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\Orange\Antivirus Firewall\Common\FSM32.exe [201128] [PID.2436]
[MD5.3ACC71DF4F603B30497C76E048E6C4A7] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [307856] [PID.3132]
[MD5.FCB13D9E3D55075C8FACA9CA3C55B263] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3763200] [PID.2900]
~ Scan Processes Running in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\CAUSSAT\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.iwin.com/home?NMR=1
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [CAUSSAT - extensions\plugin@yontoo.com] [] Yontoo v1.20.00 (.Yontoo LLC.)
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\CAUSSAT\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\CAUSSAT\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [vitzo.com/VDownloader] - (.Vitzo - VDownloader browser plug-in.) -- C:\Program Files (x86)\VDownloader\Addons\npVDownloader.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Vitzo - VDownloader browser plug-in.) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 0



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\CAUSSAT\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Users\CAUSSAT\Documents\Downloads\utorrent.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\CAUSSAT\Desktop\Audacity.lnk . (.The Audacity Team.) -- C:\Program Files (x86)\Audacity\audacity.exe
O4 - Global Startup: C:\Users\CAUSSAT\Desktop\Easy Burner.lnk . (.Secure Digital Services Limited.) -- C:\Program Files (x86)\EasyBurner\EasyBurner.exe
O4 - Global Startup: C:\Users\CAUSSAT\Desktop\Format Factory.lnk . (.Free Time.) -- C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
O4 - Global Startup: C:\Users\CAUSSAT\Desktop\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities\Integrator.exe
O4 - Global Startup: C:\Users\CAUSSAT\Desktop\Incoming - Raccourci.lnk . (...) -- C:\Users\CAUSSAT\Documents\Downloads\eMule\Incoming
O4 - Global Startup: C:\Users\CAUSSAT\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files (x86)\PhotoFiltre\PhotoFiltre.exe
O4 - Global Startup: C:\Users\CAUSSAT\Desktop\PMU Poker.lnk . (...) -- C:\Programs\PMU\PMU.exe
O4 - Global Startup: C:\Users\CAUSSAT\Desktop\Windows Live Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\CAUSSAT\Desktop\Windows Live Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe
O4 - Global Startup: C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
O4 - Global Startup: C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PMU Poker.lnk . (...) -- C:\Programs\PMU\PMU.exe
O4 - Global Startup: C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk . (.PokerStars.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe
O4 - Global Startup: C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk . (.Samsung.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - Global Startup: C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SUMo.lnk . (...) -- C:\Program Files (x86)\KC Softwares\SUMo\SUMo.exe (.not file.)
O4 - Global Startup: C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk . (.Vitzo.) -- C:\Program Files (x86)\VDownloader\VDownloader.exe
~ Scan Global Startup in 00mn 00s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files (x86)\MICROS~1\Office12\EXCEL.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files (x86)\MICROS~1\Office12\EXCEL.exe
O8 - Extra context menu item: Free YouTube Download . (...) -- C:\Users\CAUSSAT\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{53EE9F0E-DC76-4C0D-A8FB-271F8A83D394}: NameServer = 80.10.246.2,80.10.246.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD9E2127-EC80-490B-8CFD-322553890C7B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{53EE9F0E-DC76-4C0D-A8FB-271F8A83D394}: NameServer = 80.10.246.2,80.10.246.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{FD9E2127-EC80-490B-8CFD-322553890C7B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{53EE9F0E-DC76-4C0D-A8FB-271F8A83D394}: NameServer = 80.10.246.2,80.10.246.129
O17 - HKLM\System\CS2\Services\Tcpip\..\{FD9E2127-EC80-490B-8CFD-322553890C7B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\Adapters: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3185395089-4163042450-3081011260-1001Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3185395089-4163042450-3081011260-1001UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Scheduled scanning task.job
[MD5.13001914838576400EB9AFDE95AE71CE] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
[MD5.4DEA8FB70ED1801BC47911AEC99A0666] [APT] [GlaryInitialize] (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities\initialize.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-3185395089-4163042450-3081011260-1001Core] (.Google Inc..) -- C:\Users\CAUSSAT\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-3185395089-4163042450-3081011260-1001UA] (.Google Inc..) -- C:\Users\CAUSSAT\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [SidebarExecute] (...) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{007466DD-1B1B-477D-9145-20593569795D}] (...) -- C:\Program Files (x86)\Skype\Phone\Skype.exe (.not file.)
[MD5.BCA8449989EC83EFD50BD2A00C67144D] [APT] [{01906D9C-3C04-4D42-A172-D1F637D44003}] (...) -- C:\Programs\PMU\PMU.exe
[MD5.F3F709C2D49DD6636F4EDE5C2CAE5448] [APT] [{0AC1A888-95B3-4F97-81B9-644D75854047}] (.http://www.emule-project.net.) -- C:\Program Files (x86)\eMule\emule.exe
[MD5.F3F709C2D49DD6636F4EDE5C2CAE5448] [APT] [{1E5AE616-BEE7-41C7-88EC-B1826A986384}] (.http://www.emule-project.net.) -- C:\Program Files (x86)\eMule\emule.exe
[MD5.AFC67F5E272CA9E178DC7FBB3DEF35A0] [APT] [{2820A71C-9BC1-4A4D-B53F-F9E11ACBF632}] (.SUPERAntiSpyware.com.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[MD5.FF3ECDCB420DF97134678D51B7280326] [APT] [{6001885C-9908-4169-8D3D-0F3E00E9E91F}] (.F-Secure Corporation.) -- C:\Program Files (x86)\Orange\Antivirus Firewall\Uninstall\uninstaller.exe
[MD5.BCA8449989EC83EFD50BD2A00C67144D] [APT] [{75A21DB7-73C7-422A-9005-43BB6BAE9BFC}] (...) -- C:\Programs\PMU\PMU.exe
[MD5.624DDFA8AF97507E67FA07128F261813] [APT] [{82299A8E-D23F-409C-9F1A-B45415F33229}] (.PokerStars.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe
[MD5.157741E5407209C291646E25BC0892E9] [APT] [{AC3B9E43-1B3C-46C1-8861-52CCB1D6F95E}] (.Freemake.) -- C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe
[MD5.00000000000000000000000000000000] [APT] [{C26A8B91-5C4B-4733-979B-83CA0090FAA9}] (...) -- C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe (.not file.)
[MD5.81CAEE3FE3B9C05BE168BC951B9D502A] [APT] [{C3D96B12-FC0A-43C2-B452-D5307A16E759}] (.Stanley Huang.) -- C:\Program Files (x86)\MediaCoder\mediacoder.exe
[MD5.157741E5407209C291646E25BC0892E9] [APT] [{C77DA5E5-389F-4792-8F69-CC6443F6527C}] (.Freemake.) -- C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe
[MD5.00000000000000000000000000000000] [APT] [{CBB889C6-754C-4484-8C7B-377EDD325FBD}] (...) -- C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{D3850741-B0DF-4C5C-B9D6-DA79CE79750E}] (...) -- C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe (.not file.)
~ Scan Scheduled Task in 00mn 03s



---\\ Composants installés (ActiveSetup Installed Components) (O40) (None)

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/05/2012 - 10:50:33 - [501,156] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 17/07/2012 - 20:38:25 - [0,005] ----D C:\Program Files (x86)\Any Video to GIF Converter
O43 - CFD: 06/06/2012 - 11:22:20 - [0,029] ----D C:\Program Files (x86)\Apple Software Update
O43 - CFD: 07/07/2012 - 14:28:25 - [42,859] ----D C:\Program Files (x86)\Audacity
O43 - CFD: 16/06/2012 - 11:36:34 - [0,125] ----D C:\Program Files (x86)\Ciel
O43 - CFD: 29/12/2011 - 12:24:20 - [1,232] ----D C:\Program Files (x86)\Cobian Backup 10
O43 - CFD: 20/06/2012 - 18:25:55 - [548,895] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 14/07/2012 - 17:34:19 - [0,239] ----D C:\Program Files (x86)\Connectify
O43 - CFD: 29/12/2011 - 12:14:40 - [9,908] ----D C:\Program Files (x86)\Digital Photo Software
O43 - CFD: 25/04/2012 - 16:50:45 - [0,022] ----D C:\Program Files (x86)\EASEUS
O43 - CFD: 29/12/2011 - 12:25:13 - [8,047] ----D C:\Program Files (x86)\EasyBurner
O43 - CFD: 29/12/2011 - 12:24:24 - [10,401] ----D C:\Program Files (x86)\eMule
O43 - CFD: 17/07/2012 - 20:38:25 - [5,765] ----D C:\Program Files (x86)\Essentials Codec Pack
O43 - CFD: 29/12/2011 - 12:24:24 - [16,217] ----D C:\Program Files (x86)\ffdshow
O43 - CFD: 10/08/2012 - 12:20:54 - [0,022] ----D C:\Program Files (x86)\File Type Assistant
O43 - CFD: 10/08/2012 - 12:20:54 - [0,025] ----D C:\Program Files (x86)\FinalTorrent
O43 - CFD: 05/05/2012 - 11:12:52 - [46,099] ----D C:\Program Files (x86)\Freemake
O43 - CFD: 17/07/2012 - 20:50:12 - [113,250] ----D C:\Program Files (x86)\FreeTime
O43 - CFD: 11/08/2012 - 10:30:33 - [31,220] ----D C:\Program Files (x86)\Glary Utilities
O43 - CFD: 31/05/2012 - 08:15:32 - [28,557] ----D C:\Program Files (x86)\Google
O43 - CFD: 29/12/2011 - 12:24:26 - [0,061] ----D C:\Program Files (x86)\icons
O43 - CFD: 29/12/2011 - 12:24:26 - [26,352] ----D C:\Program Files (x86)\ImageShack Uploader
O43 - CFD: 28/06/2012 - 12:28:01 - [42,400] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 28/08/2009 - 06:32:21 - [0,063] ----D C:\Program Files (x86)\Intel
O43 - CFD: 11/07/2012 - 07:47:39 - [14,284] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 11/09/2011 - 12:23:12 - [0,892] ----D C:\Program Files (x86)\Java
O43 - CFD: 09/08/2012 - 08:35:17 - [3,365] ----D C:\Program Files (x86)\KeyScrambler
O43 - CFD: 28/04/2012 - 10:16:41 - [1,540] ----D C:\Program Files (x86)\Lame For Audacity
O43 - CFD: 29/12/2011 - 12:24:27 - [3,222] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 07/08/2012 - 22:20:04 - [11,807] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 28/06/2012 - 12:14:19 - [2,414] ----D C:\Program Files (x86)\MarkAny
O43 - CFD: 27/04/2012 - 12:47:05 - [4,320] ----D C:\Program Files (x86)\MediaCoder
O43 - CFD: 13/08/2010 - 19:08:36 - [0,221] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 29/12/2011 - 12:24:29 - [563,334] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 29/12/2011 - 12:24:27 - [0,359] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 11/05/2012 - 08:45:40 - [40,838] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 29/12/2011 - 12:16:10 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 13/08/2010 - 19:19:09 - [0,105] ----D C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD: 29/05/2012 - 19:55:07 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 25/01/2012 - 11:26:01 - [1,323] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 29/05/2012 - 19:56:14 - [139,669] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 29/12/2011 - 12:24:31 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 29/05/2012 - 19:55:42 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 27/05/2012 - 12:55:38 - [38,094] ----D C:\Program Files (x86)\MSECache
O43 - CFD: 07/08/2012 - 21:13:31 - [295,209] ----D C:\Program Files (x86)\Nero
O43 - CFD: 29/12/2011 - 12:16:42 - [27,288] ----D C:\Program Files (x86)\NewTech Infosystems
O43 - CFD: 27/05/2012 - 20:06:12 - [131,488] ----D C:\Program Files (x86)\Nokia
O43 - CFD: 06/02/2012 - 11:47:19 - [773,002] ----D C:\Program Files (x86)\Orange
O43 - CFD: 05/03/2012 - 12:38:49 - [0] ----D C:\Program Files (x86)\Ord-ixSofts
O43 - CFD: 29/12/2011 - 12:17:39 - [51,783] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 29/12/2011 - 12:24:39 - [38,117] ----D C:\Program Files (x86)\Packard Bell GameZone
O43 - CFD: 28/06/2012 - 12:25:48 - [21,028] ----D C:\Program Files (x86)\PC Connectivity Solution
O43 - CFD: 29/12/2011 - 12:25:14 - [41,962] ----D C:\Program Files (x86)\PDFCreator
O43 - CFD: 29/12/2011 - 12:24:40 - [3,518] ----D C:\Program Files (x86)\PhotoFiltre
O43 - CFD: 06/06/2012 - 12:14:39 - [107,516] ----D C:\Program Files (x86)\PokerStars.FR
O43 - CFD: 05/05/2012 - 11:01:44 - [1,820] ----D C:\Program Files (x86)\Presentersoft PowerVideoMaker
O43 - CFD: 06/06/2012 - 11:22:25 - [49,328] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 29/12/2011 - 12:24:40 - [9,634] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 29/12/2011 - 12:17:52 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 28/06/2012 - 12:19:14 - [229,813] ----D C:\Program Files (x86)\Samsung
O43 - CFD: 12/08/2012 - 10:28:28 - [0,006] ----D C:\Program Files (x86)\SlimCleaner
O43 - CFD: 10/10/2011 - 10:47:47 - [0,005] ----D C:\Program Files (x86)\SMSList
O43 - CFD: 28/08/2009 - 06:34:54 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 29/12/2011 - 12:24:46 - [1,905] ----D C:\Program Files (x86)\Tidy Start Menu
O43 - CFD: 29/12/2011 - 12:26:56 - [48,338] ----D C:\Program Files (x86)\TomTom HOME 2
O43 - CFD: 29/12/2011 - 12:24:47 - [0,021] ----D C:\Program Files (x86)\TomTom International B.V
O43 - CFD: 01/04/2012 - 19:12:30 - [0,021] ----D C:\Program Files (x86)\Trend Micro
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 05/08/2012 - 12:10:16 - [0] ----D C:\Program Files (x86)\uTorrent
O43 - CFD: 21/06/2012 - 16:19:09 - [42,007] ----D C:\Program Files (x86)\VDownloader
O43 - CFD: 30/06/2012 - 09:26:46 - [91,822] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 29/12/2011 - 12:18:42 - [6,497] ----D C:\Program Files (x86)\VS Revo Group
O43 - CFD: 07/07/2012 - 14:28:24 - [19,053] ----D C:\Program Files (x86)\Winamax Poker
O43 - CFD: 29/12/2011 - 12:18:45 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 09/04/2012 - 16:39:52 - [152,579] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 24/08/2010 - 12:14:12 - [50,758] ----D C:\Program Files (x86)\Windows Live Safety Center
O43 - CFD: 29/12/2011 - 12:25:11 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 29/12/2011 - 12:19:02 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 29/12/2011 - 12:19:02 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 29/12/2011 - 12:19:02 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 27/02/2011 - 10:44:20 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 31/05/2012 - 08:07:44 - [27,771] ----D C:\Program Files (x86)\Windows Process Security
O43 - CFD: 29/12/2011 - 12:24:39 - [4,790] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 29/12/2011 - 12:19:03 - [4,951] ----D C:\Program Files (x86)\wlan
O43 - CFD: 18/06/2012 - 21:28:04 - [1,446] ----D C:\Program Files (x86)\WOT
O43 - CFD: 12/08/2012 - 13:40:04 - [12,789] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 18/05/2012 - 10:50:33 - [58,723] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 23/07/2012 - 14:49:08 - [39,326] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 29/12/2011 - 12:13:53 - [5,482] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 11/08/2012 - 21:46:56 - [0,876] ----D C:\Program Files (x86)\Common Files\AVG Secure Search
O43 - CFD: 29/05/2012 - 19:56:14 - [0,082] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 29/12/2011 - 12:24:20 - [3,111] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 29/12/2011 - 12:24:20 - [0,494] ----D C:\Program Files (x86)\Common Files\LogiShrd
O43 - CFD: 29/12/2011 - 12:13:54 - [0,622] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 29/05/2012 - 19:56:19 - [260,385] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 07/08/2012 - 21:13:28 - [78,678] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 27/05/2012 - 20:16:15 - [11,508] ----D C:\Program Files (x86)\Common Files\Nokia
O43 - CFD: 10/08/2012 - 12:18:29 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 29/12/2011 - 12:24:23 - [0,551] ----D C:\Program Files (x86)\Common Files\PctelEapPeer Authentication
O43 - CFD: 29/12/2011 - 12:24:23 - [4,031] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 29/12/2011 - 12:14:31 - [0,291] ----D C:\Program Files (x86)\Common Files\Samsung
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 29/12/2011 - 12:25:13 - [1,072] ----D C:\Program Files (x86)\Common Files\SodeaSoft
O43 - CFD: 29/12/2011 - 12:14:32 - [0,324] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 29/12/2011 - 12:24:23 - [0,326] ----D C:\Program Files (x86)\Common Files\Sony Shared
O43 - CFD: 29/12/2011 - 12:14:32 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 29/12/2011 - 12:24:23 - [42,259] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 17/07/2012 - 20:38:25 - [0,051] ----D C:\Program Files (x86)\Common Files\VisioForge Shared
O43 - CFD: 29/12/2011 - 12:14:34 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 08/06/2012 - 21:34:03 - [295,987] ----D C:\ProgramData\Adobe
O43 - CFD: 03/04/2010 - 17:48:27 - [0,006] ----D C:\ProgramData\Adobe Systems
O43 - CFD: 06/06/2012 - 11:22:16 - [0,011] ----D C:\ProgramData\Apple
O43 - CFD: 06/06/2012 - 11:22:16 - [0,001] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 07/05/2010 - 11:21:57 - [0,017] ----D C:\ProgramData\Atheros
O43 - CFD: 12/08/2012 - 10:37:57 - [0] ----D C:\ProgramData\AVG Secure Search
O43 - CFD: 28/08/2009 - 06:57:35 - [0,170] ----D C:\ProgramData\BackupManager
O43 - CFD: 05/02/2010 - 16:08:27 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 16/06/2012 - 11:41:24 - [6,913] ----D C:\ProgramData\Ciel
O43 - CFD: 11/04/2012 - 09:57:20 - [0,000] --H-D C:\ProgramData\Common Files
O43 - CFD: 14/07/2012 - 17:03:21 - [0,992] ----D C:\ProgramData\Connectify
O43 - CFD: 29/12/2011 - 12:19:47 - [0,016] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 31/05/2012 - 09:52:12 - [0] ----D C:\ProgramData\eMule
O43 - CFD: 29/12/2011 - 12:24:56 - [4,966] ----D C:\ProgramData\f-secure
O43 - CFD: 05/02/2010 - 16:08:27 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 07/07/2012 - 14:28:24 - [0,001] ----D C:\ProgramData\FLEXnet
O43 - CFD: 03/06/2012 - 13:53:53 - [0] ----D C:\ProgramData\Freemake
O43 - CFD: 09/08/2010 - 12:22:02 - [0,966] ----D C:\ProgramData\fssg
O43 - CFD: 29/12/2011 - 12:19:48 - [0,514] ----D C:\ProgramData\Google
O43 - CFD: 03/01/2012 - 10:34:27 - [0,013] ----D C:\ProgramData\Google Updater
O43 - CFD: 05/02/2010 - 16:17:43 - [0,213] ----D C:\ProgramData\HP
O43 - CFD: 04/02/2011 - 11:28:51 - [0,000] ----D C:\ProgramData\Lavasoft
O43 - CFD: 03/01/2012 - 10:34:27 - [3,893] ----D C:\ProgramData\Logishrd
O43 - CFD: 19/10/2011 - 10:06:45 - [0,002] ----D C:\ProgramData\Logitech
O43 - CFD: 29/12/2011 - 12:19:51 - [16,668] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 05/02/2010 - 16:08:27 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 31/05/2012 - 08:33:16 - [40,148] -S--D C:\ProgramData\Microsoft
O43 - CFD: 11/07/2012 - 07:46:41 - [0,366] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 05/02/2010 - 16:08:27 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 27/05/2012 - 20:18:07 - [5,278] ----D C:\ProgramData\Nokia
O43 - CFD: 21/03/2012 - 11:17:25 - [8,749] ----D C:\ProgramData\NokiaInstallerCache
O43 - CFD: 16/05/2011 - 11:08:13 - [0,003] ----D C:\ProgramData\OEM
O43 - CFD: 29/12/2011 - 12:20:58 - [0,343] ----D C:\ProgramData\Packard Bell
O43 - CFD: 18/07/2010 - 07:47:27 - [0,001] ----D C:\ProgramData\Partner
O43 - CFD: 29/12/2011 - 12:20:58 - [0,072] ----D C:\ProgramData\PC Suite
O43 - CFD: 08/08/2012 - 10:04:21 - [0,000] ----D C:\ProgramData\QFX Software
O43 - CFD: 28/06/2012 - 12:27:28 - [7,382] ----D C:\ProgramData\Samsung
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 30/05/2010 - 11:39:16 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 02/08/2012 - 08:33:07 - [0,051] ---AD C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 24/06/2010 - 16:57:01 - [0,254] ----D C:\ProgramData\TomTom
O43 - CFD: 29/12/2011 - 12:25:03 - [0,398] ----D C:\ProgramData\WebEx
O43 - CFD: 03/05/2011 - 17:10:23 - [0] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 13/05/2012 - 10:52:59 - [10,616] ----D C:\Users\CAUSSAT\AppData\Roaming\Adobe
O43 - CFD: 14/02/2011 - 10:01:04 - [0,016] ----D C:\Users\CAUSSAT\AppData\Roaming\aignes
O43 - CFD: 03/05/2011 - 17:23:18 - [558,806] ----D C:\Users\CAUSSAT\AppData\Roaming\Apple Computer
O43 - CFD: 11/07/2012 - 14:13:28 - [0,003] ----D C:\Users\CAUSSAT\AppData\Roaming\Audacity
O43 - CFD: 27/04/2012 - 12:47:04 - [0,370] ----D C:\Users\CAUSSAT\AppData\Roaming\Broad Intelligence
O43 - CFD: 11/08/2010 - 12:08:37 - [0] ----D C:\Users\CAUSSAT\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 13/02/2011 - 11:21:51 - [0,000] ----D C:\Users\CAUSSAT\AppData\Roaming\DVDVideoSoftIEHelpers
O43 - CFD: 13/03/2011 - 12:27:05 - [0,083] ----D C:\Users\CAUSSAT\AppData\Roaming\EasyBurner
O43 - CFD: 26/06/2010 - 20:24:40 - [0] ----D C:\Users\CAUSSAT\AppData\Roaming\eMule
O43 - CFD: 06/08/2010 - 00:00:01 - [0,246] ----D C:\Users\CAUSSAT\AppData\Roaming\F-Secure
O43 - CFD: 29/04/2011 - 09:32:20 - [0,002] ----D C:\Users\CAUSSAT\AppData\Roaming\FastStone
O43 - CFD: 10/08/2012 - 12:17:00 - [0,000] ----D C:\Users\CAUSSAT\AppData\Roaming\FinalTorrent
O43 - CFD: 11/08/2010 - 19:33:23 - [0,757] ----D C:\Users\CAUSSAT\AppData\Roaming\FixCleaner
O43 - CFD: 11/08/2012 - 10:29:08 - [0,089] ----D C:\Users\CAUSSAT\AppData\Roaming\GlarySoft
O43 - CFD: 26/06/2010 - 11:16:31 - [0] ----D C:\Users\CAUSSAT\AppData\Roaming\Google
O43 - CFD: 26/06/2010 - 10:32:16 - [0] ----D C:\Users\CAUSSAT\AppData\Roaming\Identities
O43 - CFD: 07/08/2012 - 22:32:29 - [0,000] ----D C:\Users\CAUSSAT\AppData\Roaming\IncomingFiles
O43 - CFD: 17/07/2012 - 20:30:09 - [0,183] ----D C:\Users\CAUSSAT\AppData\Roaming\IwantSoft
O43 - CFD: 17/07/2012 - 08:36:27 - [0,034] ----D C:\Users\CAUSSAT\AppData\Roaming\KC Softwares
O43 - CFD: 19/10/2011 - 10:06:05 - [0,000] ----D C:\Users\CAUSSAT\AppData\Roaming\Leadertech
O43 - CFD: 19/10/2011 - 10:03:43 - [0,113] ----D C:\Users\CAUSSAT\AppData\Roaming\Logishrd
O43 - CFD: 19/10/2011 - 10:06:17 - [0,023] ----D C:\Users\CAUSSAT\AppData\Roaming\Logitech
O43 - CFD: 26/06/2010 - 10:32:42 - [0,054] ----D C:\Users\CAUSSAT\AppData\Roaming\Macromedia
O43 - CFD: 26/06/2010 - 14:15:49 - [0,002] ----D C:\Users\CAUSSAT\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 09:44:38 - [0] ----D C:\Users\CAUSSAT\AppData\Roaming\Media Center Programs
O43 - CFD: 13/05/2012 - 10:52:59 - [97,186] -S--D C:\Users\CAUSSAT\AppData\Roaming\Microsoft
O43 - CFD: 10/08/2012 - 11:51:43 - [0,040] ----D C:\Users\CAUSSAT\AppData\Roaming\Mozilla
O43 - CFD: 07/07/2012 - 14:27:15 - [1,574] ----D C:\Users\CAUSSAT\AppData\Roaming\Nokia
O43 - CFD: 04/01/2012 - 11:47:13 - [0,066] ----D C:\Users\CAUSSAT\AppData\Roaming\Nokia Suite
O43 - CFD: 17/07/2012 - 20:22:33 - [0] ----D C:\Users\CAUSSAT\AppData\Roaming\Nullsoft
O43 - CFD: 19/07/2010 - 11:17:29 - [0,000] ----D C:\Users\CAUSSAT\AppData\Roaming\Packard Bell
O43 - CFD: 17/12/2011 - 10:54:38 - [40,348] ----D C:\Users\CAUSSAT\AppData\Roaming\PC Suite
O43 - CFD: 18/07/2012 - 11:27:15 - [0,000] ----D C:\Users\CAUSSAT\AppData\Roaming\PhotoFiltre
O43 - CFD: 11/08/2012 - 11:42:11 - [0,000] ----D C:\Users\CAUSSAT\AppData\Roaming\PMU
O43 - CFD: 08/08/2012 - 10:04:21 - [0,000] ----D C:\Users\CAUSSAT\AppData\Roaming\QFX Software
O43 - CFD: 28/06/2012 - 12:25:53 - [166,871] ----D C:\Users\CAUSSAT\AppData\Roaming\Samsung
O43 - CFD: 08/04/2011 - 10:16:31 - [0] ----D C:\Users\CAUSSAT\AppData\Roaming\Softland
O43 - CFD: 17/09/2011 - 09:58:36 - [0,001] ----D C:\Users\CAUSSAT\AppData\Roaming\Sun
O43 - CFD: 18/07/2012 - 11:26:38 - [0,019] ----D C:\Users\CAUSSAT\AppData\Roaming\SUPERAntiSpyware.com
O43 - CFD: 26/11/2010 - 09:52:04 - [0,013] ----D C:\Users\CAUSSAT\AppData\Roaming\Template
O43 - CFD: 19/07/2010 - 08:49:26 - [0,011] ----D C:\Users\CAUSSAT\AppData\Roaming\Tidy Start Menu
O43 - CFD: 24/03/2011 - 12:20:32 - [5,118] ----D C:\Users\CAUSSAT\AppData\Roaming\TomTom
O43 - CFD: 11/08/2012 - 12:13:05 - [1,517] ----D C:\Users\CAUSSAT\AppData\Roaming\uTorrent
O43 - CFD: 20/06/2012 - 18:27:35 - [0,004] ----D C:\Users\CAUSSAT\AppData\Roaming\VDownloader
O43 - CFD: 21/07/2012 - 10:24:22 - [0,078] ----D C:\Users\CAUSSAT\AppData\Roaming\vlc
O43 - CFD: 16/11/2010 - 14:33:48 - [7,231] ----D C:\Users\CAUSSAT\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
O43 - CFD: 28/06/2010 - 14:29:21 - [0,000] ----D C:\Users\CAUSSAT\AppData\Roaming\WinRAR
O43 - CFD: 16/11/2010 - 14:32:21 - [15,346] ----D C:\Users\CAUSSAT\AppData\Local\Adobe
O43 - CFD: 19/11/2010 - 13:15:56 - [0] ----D C:\Users\CAUSSAT\AppData\Local\Apple
O43 - CFD: 03/05/2011 - 17:10:41 - [8,421] ----D C:\Users\CAUSSAT\AppData\Local\Apple Computer
O43 - CFD: 26/06/2010 - 10:29:48 - [0] ----D C:\Users\CAUSSAT\AppData\Local\Application Data
O43 - CFD: 05/06/2012 - 10:16:21 - [1,503] ----D C:\Users\CAUSSAT\AppData\Local\Apps
O43 - CFD: 18/06/2011 - 10:34:28 - [0,161] ----D C:\Users\CAUSSAT\AppData\Local\Bouygues Telecom
O43 - CFD: 29/12/2011 - 12:25:04 - [1,710] ----D C:\Users\CAUSSAT\AppData\Local\Broad Intelligence
O43 - CFD: 16/11/2010 - 14:28:47 - [5,203] ----D C:\Users\CAUSSAT\AppData\Local\cache
O43 - CFD: 05/08/2012 - 10:15:23 - [1,614] ----D C:\Users\CAUSSAT\AppData\Local\CRE
O43 - CFD: 09/06/2012 - 12:33:36 - [0] ----D C:\Users\CAUSSAT\AppData\Local\Deployment
O43 - CFD: 29/12/2011 - 12:25:04 - [229,873] ----D C:\Users\CAUSSAT\AppData\Local\Downloaded Installations
O43 - CFD: 26/07/2012 - 08:41:14 - [0] ----D C:\Users\CAUSSAT\AppData\Local\ElevatedDiagnostics
O43 - CFD: 29/12/2011 - 12:21:20 - [20,453] ----D C:\Users\CAUSSAT\AppData\Local\eMule
O43 - CFD: 11/08/2012 - 21:56:01 - [253,427] ----D C:\Users\CAUSSAT\AppData\Local\Google
O43 - CFD: 26/06/2010 - 10:29:48 - [0] ----D C:\Users\CAUSSAT\AppData\Local\Historique
O43 - CFD: 29/12/2011 - 12:25:05 - [0,576] ----D C:\Users\CAUSSAT\AppData\Local\Hook Network
O43 - CFD: 30/03/2011 - 10:26:33 - [207,823] ----D C:\Users\CAUSSAT\AppData\Local\Innovative Solutions
O43 - CFD: 18/07/2010 - 09:33:01 - [0] ----D C:\Users\CAUSSAT\AppData\Local\LearnPulse
O43 - CFD: 29/12/2011 - 11:22:47 - [0,766] ----D C:\Users\CAUSSAT\AppData\Local\MailStore Temp
O43 - CFD: 13/05/2012 - 10:52:59 - [1661,125] ----D C:\Users\CAUSSAT\AppData\Local\Microsoft
O43 - CFD: 04/09/2011 - 14:17:31 - [1,000] ----D C:\Users\CAUSSAT\AppData\Local\Microsoft Games
O43 - CFD: 26/06/2010 - 10:51:42 - [0] ----D C:\Users\CAUSSAT\AppData\Local\Microsoft Help
O43 - CFD: 01/10/2011 - 09:33:30 - [0] ----D C:\Users\CAUSSAT\AppData\Local\MigWiz
O43 - CFD: 17/12/2011 - 10:38:48 - [4,503] ----D C:\Users\CAUSSAT\AppData\Local\Nokia
O43 - CFD: 17/12/2011 - 10:54:34 - [0,001] ----D C:\Users\CAUSSAT\AppData\Local\NokiaAccount
O43 - CFD: 23/07/2011 - 09:51:32 - [23,701] ----D C:\Users\CAUSSAT\AppData\Local\P5
O43 - CFD: 19/07/2010 - 11:17:27 - [0,018] ----D C:\Users\CAUSSAT\AppData\Local\Packard Bell
O43 - CFD: 27/07/2012 - 15:31:50 - [3,471] ----D C:\Users\CAUSSAT\AppData\Local\PokerStars.FR
O43 - CFD: 28/06/2012 - 12:29:04 - [0,016] ----D C:\Users\CAUSSAT\AppData\Local\Samsung
O43 - CFD: 11/03/2011 - 09:49:27 - [0,001] ----D C:\Users\CAUSSAT\AppData\Local\Sheldon_Solutions
O43 - CFD: 11/05/2012 - 16:08:01 - [0] ----D C:\Users\CAUSSAT\AppData\Local\SlimWare Utilities Inc
O43 - CFD: 25/06/2011 - 18:08:04 - [0,040] ----D C:\Users\CAUSSAT\AppData\Local\SodeaSoft
O43 - CFD: 07/04/2012 - 11:46:19 - [0] ----D C:\Users\CAUSSAT\AppData\Local\Software
O43 - CFD: 20/11/2010 - 12:21:36 - [0,007] ----D C:\Users\CAUSSAT\AppData\Local\Sony
O43 - CFD: 11/12/2010 - 10:53:05 - [0] ----D C:\Users\CAUSSAT\AppData\Local\Sunbelt Software
O43 - CFD: 12/08/2012 - 13:37:36 - [1,302] ---AD C:\Users\CAUSSAT\AppData\Local\Temp
O43 - CFD: 16/12/2011 - 09:11:18 - [0,324] ----D C:\Users\CAUSSAT\AppData\Local\TempImg
O43 - CFD: 26/06/2010 - 10:29:48 - [0] ----D C:\Users\CAUSSAT\AppData\Local\Temporary Internet Files
O43 - CFD: 11/08/2010 - 19:42:37 - [0] ----D C:\Users\CAUSSAT\AppData\Local\Threat Expert
O43 - CFD: 24/03/2011 - 12:20:32 - [2,033] ----D C:\Users\CAUSSAT\AppData\Local\TomTom
O43 - CFD: 28/04/2012 - 12:13:11 - [50,053] ----D C:\Users\CAUSSAT\AppData\Local\ToolwizCareFree
O43 - CFD: 20/06/2012 - 18:28:17 - [0,004] ----D C:\Users\CAUSSAT\AppData\Local\VDownloader
O43 - CFD: 26/06/2010 - 10:32:11 - [0] ----D C:\Users\CAUSSAT\AppData\Local\VirtualStore
O43 - CFD: 12/08/2012 - 11:16:09 - [0,133] ----D C:\Users\CAUSSAT\AppData\Local\Windows Live
O43 - CFD: 12/08/2012 - 11:16:05 - [0] ----D C:\Users\CAUSSAT\AppData\Local\{4F4C8525-3649-4076-ABD7-6AD2D5AF8435}
O43 - CFD: 12/08/2012 - 11:15:55 - [0] ----D C:\Users\CAUSSAT\AppData\Local\{674F82A1-2190-4609-A534-E2BB0BF75A40}
O43 - CFD: 17/07/2012 - 20:37:51 - [0,013] ----D C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/07/2012 - 07:49:32 - [0,000] ----D C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 19/07/2012 - 10:50:32 - [0,004] ----D C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 17/07/2012 - 20:37:51 - [0,001] ----D C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] ----D C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 02/08/2010 - 09:11:11 - [0,001] ----D C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recuva
O43 - CFD: 26/04/2011 - 08:47:21 - [0,005] ----D C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 12/08/2012 - 00:48:42 - [0] ----D C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 03/12/2011 - 12:12:15 - [0,003] ----D C:\Users\CAUSSAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
O43 - CFD: 18/05/2012 - 10:50:33 - [501,156] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 17/07/2012 - 20:38:25 - [0,005] ----D C:\Program Files (x86)\Any Video to GIF Converter
O43 - CFD: 06/06/2012 - 11:22:20 - [0,029] ----D C:\Program Files (x86)\Apple Software Update
O43 - CFD: 07/07/2012 - 14:28:25 - [42,859] ----D C:\Program Files (x86)\Audacity
O43 - CFD: 16/06/2012 - 11:36:34 - [0,125] ----D C:\Program Files (x86)\Ciel
O43 - CFD: 29/12/2011 - 12:24:20 - [1,232] ----D C:\Program Files (x86)\Cobian Backup 10
O43 - CFD: 20/06/2012 - 18:25:55 - [548,895] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 14/07/2012 - 17:34:19 - [0,239] ----D C:\Program Files (x86)\Connectify
O43 - CFD: 29/12/2011 - 12:14:40 - [9,908] ----D C:\Program Files (x86)\Digital Photo Software
O43 - CFD: 25/04/2012 - 16:50:45 - [0,022] ----D C:\Program Files (x86)\EASEUS
O43 - CFD: 29/12/2011 - 12:25:13 - [8,047] ----D C:\Program Files (x86)\EasyBurner
O43 - CFD: 29/12/2011 - 12:24:24 - [10,401] ----D C:\Program Files (x86)\eMule
O43 - CFD: 17/07/2012 - 20:38:25 - [5,765] ----D C:\Program Files (x86)\Essentials Codec Pack
O43 - CFD: 29/12/2011 - 12:24:24 - [16,217] ----D C:\Program Files (x86)\ffdshow
O43 - CFD: 10/08/2012 - 12:20:54 - [0,022] ----D C:\Program Files (x86)\File Type Assistant
O43 - CFD: 10/08/2012 - 12:20:54 - [0,025] ----D C:\Program Files (x86)\FinalTorrent
O43 - CFD: 05/05/2012 - 11:12:52 - [46,099] ----D C:\Program Files (x86)\Freemake
O43 - CFD: 17/07/2012 - 20:50:12 - [113,250] ----D C:\Program Files (x86)\FreeTime
O43 - CFD: 11/08/2012 - 10:30:33 - [31,220] ----D C:\Program Files (x86)\Glary Utilities
O43 - CFD: 31/05/2012 - 08:15:32 - [28,557] ----D C:\Program Files (x86)\Google
O43 - CFD: 29/12/2011 - 12:24:26 - [0,061] ----D C:\Program Files (x86)\icons
O43 - CFD: 29/12/2011 - 12:24:26 - [26,352] ----D C:\Program Files (x86)\ImageShack Uploader
O43 - CFD: 28/06/2012 - 12:28:01 - [42,400] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 28/08/2009 - 06:32:21 - [0,063] ----D C:\Program Files (x86)\Intel
O43 - CFD: 11/07/2012 - 07:47:39 - [14,284] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 11/09/2011 - 12:23:12 - [0,892] ----D C:\Program Files (x86)\Java
O43 - CFD: 09/08/2012 - 08:35:17 - [3,365] ----D C:\Program Files (x86)\KeyScrambler
O43 - CFD: 28/04/2012 - 10:16:41 - [1,540] ----D C:\Program Files (x86)\Lame For Audacity
O43 - CFD: 29/12/2011 - 12:24:27 - [3,222] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 07/08/2012 - 22:20:04 - [11,807] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 28/06/2012 - 12:14:19 - [2,414] ----D C:\Program Files (x86)\MarkAny
O43 - CFD: 27/04/2012 - 12:47:05 - [4,320] ----D C:\Program Files (x86)\MediaCoder
O43 - CFD: 13/08/2010 - 19:08:36 - [0,221] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 29/12/2011 - 12:24:29 - [563,334] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 29/12/2011 - 12:24:27 - [0,359] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 11/05/2012 - 08:45:40 - [40,838] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 29/12/2011 - 12:16:10 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 13/08/2010 - 19:19:09 - [0,105] ----D C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD: 29/05/2012 - 19:55:07 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 25/01/2012 - 11:26:01 - [1,323] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 29/05/2012 - 19:56:14 - [139,669] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 29/12/2011 - 12:24:31 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 29/05/2012 - 19:55:42 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 27/05/2012 - 12:55:38 - [38,094] ----D C:\Program Files (x86)\MSECache
O43 - CFD: 07/08/2012 - 21:13:31 - [295,209] ----D C:\Program Files (x86)\Nero
O43 - CFD: 29/12/2011 - 12:16:42 - [27,288] ----D C:\Program Files (x86)\NewTech Infosystems
O43 - CFD: 27/05/2012 - 20:06:12 - [131,488] ----D C:\Program Files (x86)\Nokia
O43 - CFD: 06/02/2012 - 11:47:19 - [773,002] ----D C:\Program Files (x86)\Orange
O43 - CFD: 05/03/2012 - 12:38:49 - [0] ----D C:\Program Files (x86)\Ord-ixSofts
O43 - CFD: 29/12/2011 - 12:17:39 - [51,783] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 29/12/2011 - 12:24:39 - [38,117] ----D C:\Program Files (x86)\Packard Bell GameZone
O43 - CFD: 28/06/2012 - 12:25:48 - [21,028] ----D C:\Program Files (x86)\PC Connectivity Solution
O43 - CFD: 29/12/2011 - 12:25:14 - [41,962] ----D C:\Program Files (x86)\PDFCreator
O43 - CFD: 29/12/2011 - 12:24:40 - [3,518] ----D C:\Program Files (x86)\PhotoFiltre
O43 - CFD: 06/06/2012 - 12:14:39 - [107,516] ----D C:\Program Files (x86)\PokerStars.FR
O43 - CFD: 05/05/2012 - 11:01:44 - [1,820] ----D C:\Program Files (x86)\Presentersoft PowerVideoMaker
O43 - CFD: 06/06/2012 - 11:22:25 - [49,328] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 29/12/2011 - 12:24:40 - [9,634] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 29/12/2011 - 12:17:52 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 28/06/2012 - 12:19:14 - [229,813] ----D C:\Program Files (x86)\Samsung
O43 - CFD: 12/08/2012 - 10:28:28 - [0,006] ----D C:\Program Files (x86)\SlimCleaner
O43 - CFD: 10/10/2011 - 10:47:47 - [0,005] ----D C:\Program Files (x86)\SMSList
O43 - CFD: 28/08/2009 - 06:34:54 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 29/12/2011 - 12:24:46 - [1,905] ----D C:\Program Files (x86)\Tidy Start Menu
O43 - CFD: 29/12/2011 - 12:26:56 - [48,338] ----D C:\Program Files (x86)\TomTom HOME 2
O43 - CFD: 29/12/2011 - 12:24:47 - [0,021] ----D C:\Program Files (x86)\TomTom International B.V
O43 - CFD: 01/04/2012 - 19:12:30 - [0,021] ----D C:\Program Files (x86)\Trend Micro
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 05/08/2012 - 12:10:16 - [0] ----D C:\Program Files (x86)\uTorrent
O43 - CFD: 21/06/2012 - 16:19:09 - [42,007] ----D C:\Program Files (x86)\VDownloader
O43 - CFD: 30/06/2012 - 09:26:46 - [91,822] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 29/12/2011 - 12:18:42 - [6,497] ----D C:\Program Files (x86)\VS Revo Group
O43 - CFD: 07/07/2012 - 14:28:24 - [19,053] ----D C:\Program Files (x86)\Winamax Poker
O43 - CFD: 29/12/2011 - 12:18:45 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 09/04/2012 - 16:39:52 - [152,579] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 24/08/2010 - 12:14:12 - [50,758] ----D C:\Program Files (x86)\Windows Live Safety Center
O43 - CFD: 29/12/2011 - 12:25:11 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 29/12/2011 - 12:19:02 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 29/12/2011 - 12:19:02 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 29/12/2011 - 12:19:02 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 27/02/2011 - 10:44:20 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 31/05/2012 - 08:07:44 - [27,771] ----D C:\Program Files (x86)\Windows Process Security
O43 - CFD: 29/12/2011 - 12:24:39 - [4,790] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 29/12/2011 - 12:19:03 - [4,951] ----D C:\Program Files (x86)\wlan
O43 - CFD: 18/06/2012 - 21:28:04 - [1,446] ----D C:\Program Files (x86)\WOT
O43 - CFD: 12/08/2012 - 13:40:04 - [12,789] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 18/05/2012 - 10:50:33 - [58,723] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 23/07/2012 - 14:49:08 - [39,326] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 29/12/2011 - 12:13:53 - [5,482] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 11/08/2012 - 21:46:56 - [0,876] ----D C:\Program Files (x86)\Common Files\AVG Secure Search
O43 - CFD: 29/05/2012 - 19:56:14 - [0,082] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 29/12/2011 - 12:24:20 - [3,111] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 29/12/2011 - 12:24:20 - [0,494] ----D C:\Program Files (x86)\Common Files\LogiShrd
O43 - CFD: 29/12/2011 - 12:13:54 - [0,622] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 29/05/2012 - 19:56:19 - [260,385] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 07/08/2012 - 21:13:28 - [78,678] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 27/05/2012 - 20:16:15 - [11,508] ----D C:\Program Files (x86)\Common Files\Nokia
O43 - CFD: 10/08/2012 - 12:18:29 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 29/12/2011 - 12:24:23 - [0,551] ----D C:\Program Files (x86)\Common Files\PctelEapPeer Authentication
O43 - CFD: 29/12/2011 - 12:24:23 - [4,031] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 29/12/2011 - 12:14:31 - [0,291] ----D C:\Program Files (x86)\Common Files\Samsung
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 29/12/2011 - 12:25:13 - [1,072] ----D C:\Program Files (x86)\Common Files\SodeaSoft
O43 - CFD: 29/12/2011 - 12:14:32 - [0,324] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 29/12/2011 - 12:24:23 - [0,326] ----D C:\Program Files (x86)\Common Files\Sony Shared
O43 - CFD: 29/12/2011 - 12:14:32 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 29/12/2011 - 12:24:23 - [42,259] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 17/07/2012 - 20:38:25 - [0,051] ----D C:\Program Files (x86)\Common Files\VisioForge Shared
O43 - CFD: 29/12/2011 - 12:14:34 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
~ Scan Program Folder in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.DA26773B759D93028628CCBEBB18EF14] - 12/08/2012 - 11:25:07 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1391953]
O44 - LFC:[MD5.843A523ED2F0916B75D2006C5C9622B3] - 12/08/2012 - 09:37:44 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.C0BBC6C17381D37C74690FB3F781DA62] - 12/08/2012 - 08:19:54 . (...) -- C:\Windows\System32\perfc009.dat []
O44 - LFC:[MD5.6D4A9B0FA0D591C5E4ABE363B9F9E395] - 12/08/2012 - 08:19:54 . (...) -- C:\Windows\System32\perfc00C.dat []]
O44 - LFC:[MD5.BDA9A0E74094375D7B2AAB9ECC735FEA] - 12/08/2012 - 08:19:54 . (...) -- C:\Windows\System32\perfh009.dat []]]
O44 - LFC:[MD5.650BB79A3EEDAC0FD28808F2343264C0] - 12/08/2012 - 08:19:54 . (...) -- C:\Windows\System32\perfh00C.dat []]]]
O44 - LFC:[MD5.ADE362CD2CA45FDBE84317916E8AD7E8] - 12/08/2012 - 08:19:54 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1579462]
O44 - LFC:[MD5.C0BBC6C17381D37C74690FB3F781DA62] - 12/08/2012 - 08:19:54 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [110710]
O44 - LFC:[MD5.6D4A9B0FA0D591C5E4ABE363B9F9E395] - 12/08/2012 - 08:19:54 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [135110]
O44 - LFC:[MD5.BDA9A0E74094375D7B2AAB9ECC735FEA] - 12/08/2012 - 08:19:54 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [626274]
O44 - LFC:[MD5.650BB79A3EEDAC0FD28808F2343264C0] - 12/08/2012 - 08:19:54 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [714598]
O44 - LFC:[MD5.ADE362CD2CA45FDBE84317916E8AD7E8] - 12/08/2012 - 08:19:54 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1579462]
O44 - LFC:[MD5.34C46CC874FAF639790F6B0FB685BD9B] - 12/08/2012 - 00:27:38 ---A- . (...) -- C:\UsbFix.txt [14064]
O44 - LFC:[MD5.842828BBDF2EA8161D71403CD9501E4F] - 12/08/2012 - 00:27:37 ---A- . (...) -- C:\UsbFix_Upload_Me_CAUSSAT-PC.zip [103035]
O44 - LFC:[MD5.DC8490812A3B72811AE534F423B4C206] - 03/07/2012 - 12:46:44 . (...) -- C:\Windows\System32\Drivers\mbam.sys []]
O44 - LFC:[MD5.E3CF421210EBDDACB4590AE67A0226DC] - 15/12/2011 - 01:46:42 . (...) -- C:\Windows\System32\Drivers\keyscrambler.sys []
~ Scan Files in 00mn 06s



---\\ Contrôle du Safe Boot (CSB) (O49) (None)

---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{19c7a806-2c7b-11e1-a921-0026225e2825}\AutoRun\command - Clé orpheline
O51 - MPSK:{8d207c12-9984-11e0-8d26-806e6f6e6963}\AutoRun\command - Clé orpheline
O51 - MPSK:{a969c48c-9985-11e0-ac53-0026225e2825}\AutoRun\command - Clé orpheline
O51 - MPSK:{a969c4c3-9985-11e0-ac53-0026225e2825}\AutoRun\command - Clé orpheline
O51 - MPSK:{d2e15f58-8fd4-11df-8ab3-0026225e2825}\AutoRun\command - Clé orpheline
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53) (None)

---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.41AD0FCF47275A9BC70FA1B56BFD3E23] - 16/08/2010 - 15:31:18 ----- . (...) -- C:\Windows\System32\pwdrvio.sys [19936]
O58 - SDL:[MD5.D5BCB77BE83CF99F508943945D46343D] - 26/03/2009 - 04:16:08 ---A- . (.Dritek System Inc. - Dritek 64-bit PS/2 Keyboard Filter Driver.) -- C:\Windows\SysWOW64\drivers\DKbFltr.sys [25608]
~ Scan Drivers in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: OTL - (.OldTimer.)
~ Scan ADS in 00mn 00s



---\\ Start Menu Internet (O68) (None)

---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
~ Scan Keys in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83) (None)

---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.745DA85418BC21C00340B03E08FEF0E6] [SPRF][06/12/2010] (...) -- C:\Users\CAUSSAT\AppData\Roaming\wklnhst.dat [484]
[MD5.52F21EB2C7960E8523C64A867D7C6A06] [SPRF][04/05/2012] (...) -- C:\Users\CAUSSAT\Desktop\adwcleaner.exe [580883]
[MD5.B57B2608ED3B745DD3CB0EB584C0F6D6] [SPRF][12/08/2012] (.OldTimer Tools - Pas de description.) -- C:\Users\CAUSSAT\Desktop\OTL.exe [596992]
[MD5.7DAFDC3AA155B1562AF33B1399EBF341] [SPRF][11/08/2012] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\CAUSSAT\Desktop\ZHPDiag2.exe [4600348]
~ Scan Files in 00mn 00s



End of the scan (687 lines in 00mn 37s)(0)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 87
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
12 août 2012 à 18:11
Re,
1/
Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )


[MD5.00000000000000000000000000000000] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe (.not file.) => Toolbar.Ask
O43 - CFD: 07/04/2012 - 11:46:19 - [0] ----D C:\Users\CAUSSAT\AppData\Local\Software => Toolbar.Agent
O51 - MPSK:{19c7a806-2c7b-11e1-a921-0026225e2825}\AutoRun\command - Clé orpheline
O51 - MPSK:{8d207c12-9984-11e0-8d26-806e6f6e6963}\AutoRun\command - Clé orpheline
O51 - MPSK:{a969c48c-9985-11e0-ac53-0026225e2825}\AutoRun\command - Clé orpheline
O51 - MPSK:{a969c4c3-9985-11e0-ac53-0026225e2825}\AutoRun\command - Clé orpheline
O51 - MPSK:{d2e15f58-8fd4-11df-8ab3-0026225e2825}\AutoRun\command - Clé orpheline
O43 - CFD: 12/08/2012 - 11:16:05 - [0] ----D C:\Users\CAUSSAT\AppData\Local\{4F4C8525-3649-4076-ABD7-6AD2D5AF8435}
O43 - CFD: 12/08/2012 - 11:15:55 - [0] ----D C:\Users\CAUSSAT\AppData\Local\{674F82A1-2190-4609-A534-E2BB0BF75A40}

FirewallRAZ
EmptyTemp
EmptyFlash



Puis Lance ZHPFix depuis le raccourci du bureau .

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

Clique sur le bouton GO

Copie/Colle le rapport à l'écran dans ton prochain message.

2/
Lance Malwarebytes, fais la mise à jour, choisis une analyse complète, supprime tout ce qu'il trouve puis poste le rapport stp
0
Réponse 26 / 87
chantalou66 Messages postés 157 Date d'inscription lundi 15 juin 2009 Statut Membre Dernière intervention 31 juillet 2013 3
12 août 2012 à 20:13
Bonsoir fish66, voici le rapport :
Rapport de ZHPFix 1.2.07 par Nicolas Coolman, Update du 20/07/2012
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-12-08-2012-19-55-32.txt
Run by CAUSSAT at 12/08/2012 19:57:23
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Web site : http://nicolascoolman.skyrock.com/

========== Clé(s) du Registre ==========
ABSENT CLSID MPSK: {19c7a806-2c7b-11e1-a921-0026225e2825}
ABSENT CLSID MPSK: {8d207c12-9984-11e0-8d26-806e6f6e6963}
ABSENT CLSID MPSK: {a969c48c-9985-11e0-ac53-0026225e2825}
ABSENT CLSID MPSK: {a969c4c3-9985-11e0-ac53-0026225e2825}
ABSENT CLSID MPSK: {d2e15f58-8fd4-11df-8ab3-0026225e2825}

========== Valeur(s) du Registre ==========
ABSENT Valeur Standard Profile: FirewallRaz :
ABSENT Valeur Domain Profile: FirewallRaz :
Aucune valeur présente dans la clé d'exception du registre (FirewallRaz)

========== Dossier(s) ==========
ABSENT C:\Users\CAUSSAT\AppData\Local\Software
ABSENT C:\Users\CAUSSAT\AppData\Local\{4F4C8525-3649-4076-ABD7-6AD2D5AF8435}
ABSENT C:\Users\CAUSSAT\AppData\Local\{674F82A1-2190-4609-A534-E2BB0BF75A40}
SUPPRIME Temporaires Windows:
SUPPRIME Flash Cookies:

========== Fichier(s) ==========
SUPPRIME Temporaires Windows:
SUPPRIME Flash Cookies:

========== Tache planifiée ==========
SUPPRIME Task: Scheduled Update for Ask Toolbar


========== Récapitulatif ==========
5 : Clé(s) du Registre
3 : Valeur(s) du Registre
5 : Dossier(s)
2 : Fichier(s)
1 : Tache planifiée


End of clean in 00mn 02s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 11/08/2012 21:18:50 [76911]
C:\ZHP\ZHPFix[R2].txt - 12/08/2012 18:55:32 [1725]
C:\ZHP\ZHPFix[R3].txt - 12/08/2012 19:57:24 [1733]
Pour mbam avec la mise à jour voici :
Non en fait il y a rien 0.
J'attends tes instructions.
0
Réponse 27 / 87
chantalou66 Messages postés 157 Date d'inscription lundi 15 juin 2009 Statut Membre Dernière intervention 31 juillet 2013 3
Modifié par chantalou66 le 12/08/2012 à 20:31
Par contre juste à présent j'ai eu cela encore :
http://img442.imageshack.us/img442/1774/capturemhu.jpg
Rien dans le scan de fsécure...
@+++
La vie est comme un arc en ciel: il faut de la pluie et du soleil pour en voir les couleurs.
0
Réponse 28 / 87
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
Modifié par Fish66 le 12/08/2012 à 21:24
Lance ZHPDiag depuis le bureau ensuite coche tout au tournevis puis lance l'analyse, ferme le et héberge le rapport. colle le lien dans ta prochaine réponse
(tu m'envoies seulement l'adresse du lien du rapport)


_ _ _ Fish66_ _ _ I''"""""I_ _ membre contributeur sécurité_ _I''"""""I_ _ _
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
0
Réponse 29 / 87
chantalou66 Messages postés 157 Date d'inscription lundi 15 juin 2009 Statut Membre Dernière intervention 31 juillet 2013 3
12 août 2012 à 22:04
Etant donné le message stipulant le virus qui n'a pas pu être supprimé assez régulièrement, j'ai refais un scan avec fsécure et là, il m'a détecté un virus, donc je vais te donner le rapport ainsi que ce que tu m'as demandé...
Déjà, le rapport de fsécure :
http://img703.imageshack.us/img703/3025/virusnk.jpg
http://img228.imageshack.us/img228/3332/virussuite.jpg
http://img221.imageshack.us/img221/6996/rapportd.pdf
Ensuite en ayant tout coché pour ZHPDiag :

http://img838.imageshack.us/img838/3538/rapportdezhpdiagv1.pdf


0
Réponse 30 / 87
chantalou66 Messages postés 157 Date d'inscription lundi 15 juin 2009 Statut Membre Dernière intervention 31 juillet 2013 3
Modifié par chantalou66 le 12/08/2012 à 22:21
Tu as vu, le virus viens du lien ou tout du moins de ça:
Bon pour l'instant la suppression sur zhpfix se poursuit, par contre, sur les liens que tu m'as donnés concernant usbfix, un ne fonctionne pas et l'autre :
http://img443.imageshack.us/img443/8742/usbdangereux.jpg
Merci de me tenir informée.
c'était en première page où smart screen ne voulait rien savoir, du coup, je n'arrive pas à enlever ce virus, tu me diras, désolée pour le boulot que tu fais et t'en remercie encore.
En fait je voulais simplement te remercier réellement car je suis perdue.
La vie est comme un arc en ciel: il faut de la pluie et du soleil pour en voir les couleurs.
0
Réponse 31 / 87
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
13 août 2012 à 00:05
Prochainement, laisse le rapport tel qu'il est (extension .txt) sans le transformer en pdf!
* USBFix a fait son boulot, ce n'est pas la peine de le relancer!
(ton antivirus a trompé et l'a considéré comme néfaste)

===========================
Avant d'utiliser ComboFix :

Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

si tu as ce genre de d'outils sur ton pc Utilise Defogger pour les désactiver temporairement : sinon passe directement à combofix

* Télécharge Defogger (de jpshortstuff) sur ton Bureau
* Lance le

* Une fenêtre apparait : clique sur "Disable"

* Fais redémarrer l'ordinateur si l'outil te le demande

Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"

===================================================

Attention, avant de commencer, lis attentivement la procédure

********************************************************

/!\ Ne pas utiliser ce logiciel en dehors du cadre de cette désinfection : DANGEUREUX /!\

* Fais un clic droit sur ce lien, enregistre le dans ton bureau sous un autre nom exemple « ton pseudo.exe »
Voici Aide combofix

* /!\ Déconnecte-toi du net et ARRÊTE TES LOGICIELS DE PROTECTION /!\


*Double-clique sur ComboFix.exe (ou exécuter en tant qu'administrateur pour vista et seven)

Un "pop-up" va apparaître qui dit que ComboFix est utilisé à vos risques et avec aucune garantie... Clique sur oui pour accepter

** SURTOUT INSTALLES LA CONSOLE DE RECUPERATION
(si il te propose de l'installer remets internet)

? Ne touche à rien(souris, clavier) tant que le scan n'est pas terminé, car tu risques de planter ton PC

*En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

* Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

** /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

*Note : Le rapport se trouve également là : C:\ComboFix.txt
0
Réponse 32 / 87
chantalou66 Messages postés 157 Date d'inscription lundi 15 juin 2009 Statut Membre Dernière intervention 31 juillet 2013 3
13 août 2012 à 06:40
Bonjour et je suis heureuse que tu m'aies répondu, aussi j'ai viré le logiciel d'usbfix en ayant vu cela avec virus total:scanné sur Go d'usbfix, le reste tu me diras + tard.

--http://img832.imageshack.us/img832/4889/captureey.jpg
Je vais commencer un peu tes recommandations et finirais en fin de matinée car je dois partir, je te dis à tout à l'heure.
La vie est comme un arc en ciel: il faut de la pluie et du soleil pour en voir les couleurs.
0
Réponse 33 / 87
chantalou66 Messages postés 157 Date d'inscription lundi 15 juin 2009 Statut Membre Dernière intervention 31 juillet 2013 3
13 août 2012 à 10:33
Re, je viens de rentrer après 3heures de scan sur combo en ayant bien suivi tes instructions, cependant il ne me demande pas la console de récupération et voilà ce qu'il en est malheureusement, sniff :
http://img513.imageshack.us/img513/7913/capturecod.jpg
J'ai un nouveau dossier à la racine de C :Qoobox...
J'attends tes instructions.
0
Réponse 34 / 87
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
13 août 2012 à 10:36
Redémarre ton PC, puis refais ce qui est indiqué ici : https://forums.commentcamarche.net/forum/affich-25813961-plusieurs-infections?page=2#28
0
Réponse 35 / 87
chantalou66 Messages postés 157 Date d'inscription lundi 15 juin 2009 Statut Membre Dernière intervention 31 juillet 2013 3
13 août 2012 à 10:57
Voila.
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20120813_v13d11l8w8x7
0
Réponse 36 / 87
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
Modifié par Fish66 le 13/08/2012 à 11:15
Fais attention aux réseaux P2P
* Les dangers du Peer-To-Peer, Emule etc..

1/

Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )


O61 - LFC:Last File Created 11/08/2012 - 09:10:26 ----- C:\Users\CAUSSAT\AppData\Roaming\uTorrent\facebook passwords hacker v2.04 REAL.exe.torrent [519]
[MD5.00000000000000000000000000000000] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe (.not file.)
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Users\CAUSSAT\Documents\Downloads\utorrent.exe => µTorrent%PeerToPeer
O4 - Global Startup: C:\Users\CAUSSAT\Desktop\Incoming - Raccourci.lnk . (...) -- C:\Users\CAUSSAT\Documents\Downloads\eMule\Incoming
O43 - CFD: 29/12/2011 - 12:24:24 - [10,401] ----D C:\Program Files (x86)\eMule => eMule PeerToPeer
O43 - CFD: 05/08/2012 - 12:10:16 - [0] ----D C:\Program Files (x86)\uTorrent => µTorrent PeerToPeer
O43 - CFD: 31/05/2012 - 09:52:12 - [0] ----D C:\ProgramData\eMule => eMule PeerToPeer
O43 - CFD: 26/06/2010 - 20:24:40 - [0] ----D C:\Users\CAUSSAT\AppData\Roaming\eMule => eMule PeerToPeer
O43 - CFD: 11/08/2012 - 12:13:05 - [1,517] ----D C:\Users\CAUSSAT\AppData\Roaming\uTorrent => µTorrent PeerToPeer
O43 - CFD: 29/12/2011 - 12:21:20 - [20,834] ----D C:\Users\CAUSSAT\AppData\Local\eMule => eMule PeerToPeer
O43 - CFD: 29/12/2011 - 12:24:24 - [10,401] ----D C:\Program Files (x86)\eMule => eMule PeerToPeer
O43 - CFD: 05/08/2012 - 12:10:16 - [0] ----D C:\Program Files (x86)\uTorrent => µTorrent PeerToPeer
[MD5.F3F709C2D49DD6636F4EDE5C2CAE5448] [APT] [{0AC1A888-95B3-4F97-81B9-644D75854047}] (.http://www.emule-project.net.) -- C:\Program Files (x86)\eMule\emule.exe
[MD5.F3F709C2D49DD6636F4EDE5C2CAE5448] [APT] [{1E5AE616-BEE7-41C7-88EC-B1826A986384}] (.http://www.emule-project.net.) -- C:\Program Files (x86)\eMule\emule.exe





Puis Lance ZHPFix depuis le raccourci du bureau .

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

Clique sur le bouton GO

Copie/Colle le rapport à l'écran dans ton prochain message.

2/
Comment se comporte ton PC ?

_ _ _ Fish66_ _ _ I''"""""I_ _ membre contributeur sécurité_ _I''"""""I_ _ _
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
0
Réponse 37 / 87
chantalou66 Messages postés 157 Date d'inscription lundi 15 juin 2009 Statut Membre Dernière intervention 31 juillet 2013 3
13 août 2012 à 11:31
Oui j'ai tellement gueulé à ce sujet des dangers liés sur ces sites ( en plus je sais à présent l'intention qu'elle a eu!) que je n'ai plus de voix, ensuite le chat n'est pas la et la souris...d'autant que c'est mon pc boulot, tu imagines...enfin le PC se comporte bien malgré quelques légers détails mais pas grave du tout, je te remercie, je te joints le rapport.

Rapport de ZHPFix 1.2.07 par Nicolas Coolman, Update du 20/07/2012
Fichier d'export Registre :
Run by CAUSSAT at 13/08/2012 11:16:15
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Web site : http://nicolascoolman.skyrock.com/

========== Processus mémoire ==========
SUPPRIME Reboot Memory Process: C:\Program Files (x86)\eMule\emule.exe

========== Valeur(s) du Registre ==========
SUPPRIME RunValue: uTorrent

========== Dossier(s) ==========
SUPPRIME Reboot Folder**: C:\Program Files (x86)\eMule
SUPPRIME Reboot Folder**: C:\Program Files (x86)\uTorrent
SUPPRIME Folder: C:\ProgramData\eMule
SUPPRIME Folder: C:\Users\CAUSSAT\AppData\Roaming\eMule
SUPPRIME Folder: C:\Users\CAUSSAT\AppData\Roaming\uTorrent
SUPPRIME Folder: C:\Users\CAUSSAT\AppData\Local\eMule

========== Fichier(s) ==========
ABSENT File: c:\users\caussat\appdata\roaming\utorrent\facebook passwords hacker v2.04 real.exe
SUPPRIME File: c:\users\caussat\documents\downloads\utorrent.exe
SUPPRIME File: c:\users\caussat\desktop\incoming - raccourci.lnk
SUPPRIME Reboot c:\users\caussat\documents\downloads\emule\incoming

========== Tache planifiée ==========
SUPPRIME Task: Scheduled Update for Ask Toolbar
SUPPRIME Task: {0AC1A888-95B3-4F97-81B9-644D75854047}
SUPPRIME Task: {1E5AE616-BEE7-41C7-88EC-B1826A986384}


========== Récapitulatif ==========
1 : Processus mémoire
1 : Valeur(s) du Registre
6 : Dossier(s)
4 : Fichier(s)
3 : Tache planifiée


End of clean in 00mn 23s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 11/08/2012 21:18:50 [76911]
C:\ZHP\ZHPFix[R2].txt - 12/08/2012 18:55:32 [1725]
C:\ZHP\ZHPFix[R3].txt - 12/08/2012 18:57:24 [1785]
C:\ZHP\ZHPFix[R4].txt - 13/08/2012 11:16:15 [1791]
Tu me diras pour la suite, re merci encore.
0
Réponse 38 / 87
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
13 août 2012 à 11:39
Est ce que tu trouves ce fichier dans cet emplacement : C:\Users\CAUSSAT\AppData\Roaming\uTorrent\facebook passwords hacker v2.04 REAL.exe
0
Réponse 39 / 87
chantalou66 Messages postés 157 Date d'inscription lundi 15 juin 2009 Statut Membre Dernière intervention 31 juillet 2013 3
Modifié par chantalou66 le 13/08/2012 à 11:46
Malheureusement je n'ai plus le dossier Roaming, je n'ai que Local Low, c'est tout alors qu'avant je l'avais...
La vie est comme un arc en ciel: il faut de la pluie et du soleil pour en voir les couleurs.
0
Réponse 40 / 87
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
13 août 2012 à 11:55
Attention : cet outil peut etre détecté à tort comme virus

tous les processus "non vitaux de windows" vont être coupés , enregistre ton travail.

Désactive toutes tes protections si possible , antivirus , sandbox , pare-feux , etc....

telecharge et enregistre Pre_Scan sur ton bureau :

http://forums-fec.be/gen-hackman/Pre_Scan.exe

mirroirs :

http://general-changelog-team.fr/fr/downloads/viewdownload/41-outils-de-gen-hackman/52-pre-scan
http://www.archive-host.com

Avertissement :Il y aura une extinction du bureau pendant le scan --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan_la_date_et_l'heure.txt" sur le bureau.

si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Kill"

si l'outil est bloqué par l'infection utilise cette version avec extension .pif :

http://forums-fec.be/gen-hackman/Pre_Scan.pif

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan

Il est possible que l'outil fasse redemarrer ton pc plusieurs fois , laisse-le faire

NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)

Heberge le rapport sur http://pjjoint.malekal.com puis donne le lien obtenu en echange sur le forum où tu te fais aider
0

Discussions similaires

[sKe69] infections multiples
custodio -
sKe69 -

61 réponses
Microsoft Security Scanner - 2 infections et RAS ????????
Miaou -
bazfile -

9 réponses
Blocage de plusieurs logiciels, suis-je infecté ?
touvabien -
bazfile -

12 réponses
Mon ordinateur a été infecté par un virus ou
henry4002 -
jorginho67 -

6 réponses
mustapha
mustapha -
Ainillia -

1 réponse