Virus New Folder
Cedric_88
Messages postés
4
Statut
Membre
-
jacques.gache Messages postés 34829 Statut Contributeur sécurité -
jacques.gache Messages postés 34829 Statut Contributeur sécurité -
Bonjour,
j'ai chopper un virus en connectant une clé usb sur mon portable, mes dossier son devenu des applications avec comme nom New Folder.
J'ai windows 7 Starter,
Si vous pouvez m'aider je vous remercie.
j'ai chopper un virus en connectant une clé usb sur mon portable, mes dossier son devenu des applications avec comme nom New Folder.
J'ai windows 7 Starter,
Si vous pouvez m'aider je vous remercie.
A voir également:
- Virus New Folder
- Appdata folder - Guide
- Folder marker - Télécharger - Bureautique
- Folder colorizer - Télécharger - Divers Utilitaires
- Virus mcafee - Accueil - Piratage
- Winmend folder hidden - Télécharger - Confidentialité
2 réponses
bonjour , essais de passer usbfix en mode suppression !!
# Téléchargez UsbFix (créé par El Desaparecido) sur votre Bureau.
# Si votre antivirus affiche une alerte, ignorez-la et désactivez l'antivirus temporairement.
# Branchez toutes vos sources de données externes à votre PC (clé USB, disque dur externe, etc...) sans les ouvrir.
# Double cliquez sur UsbFix.exe.
# Cliquez sur Suppression.
# Laissez travailler l'outil.
# À la fin du scan, un rapport va s'afficher, postez-le dans votre prochaine réponse sur le forum.
# Le rapport est aussi sauvegardé à la racine du disque système ( C:\UsbFix.txt ).
# Tutoriel vidéo
# Téléchargez UsbFix (créé par El Desaparecido) sur votre Bureau.
# Si votre antivirus affiche une alerte, ignorez-la et désactivez l'antivirus temporairement.
# Branchez toutes vos sources de données externes à votre PC (clé USB, disque dur externe, etc...) sans les ouvrir.
# Double cliquez sur UsbFix.exe.
# Cliquez sur Suppression.
# Laissez travailler l'outil.
# À la fin du scan, un rapport va s'afficher, postez-le dans votre prochaine réponse sur le forum.
# Le rapport est aussi sauvegardé à la racine du disque système ( C:\UsbFix.txt ).
# Tutoriel vidéo
Merci de ta réponse.
Voici un copier/coll du rapport
############################## | UsbFix V 7.102 | [Suppression]
Utilisateur: Cedric (Administrateur) # CEDRIC-PC
Mis à jour le 20/12/2012 par El Desaparecido
Lancé à 21:35:07 | 21/01/2013
Site Web: https://www.sosvirus.net/
Contact: contact@eldesaparecido.com
PC: SAMSUNG ELECTRONICS CO., LTD. (N250P ) (X86-based PC
CPU: Intel(R) Atom(TM) CPU N455 @ 1.66GHz (1667)
RAM -> [Total : 1013 | Free : 221]
BIOS: Phoenix SecureCore(tm) NB Version 01HG.M011.20101209.RHU
BOOT: Normal boot
OS: Microsoft Windows 7 Édition Starter (6.1.7601 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 87 Go (9 Go libre(s) - 10%) [] # NTFS
D:\ -> Disque fixe # 130 Go (7 Go libre(s) - 5%) [] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 4 Go (3 Go libre(s) - 68%) [KFAT1] # FAT32
################## | Processus Actif |
C:\windows\system32\csrss.exe (432)
C:\windows\system32\wininit.exe (532)
C:\windows\system32\csrss.exe (540)
C:\windows\system32\services.exe (588)
C:\windows\system32\winlogon.exe (620)
C:\windows\system32\lsass.exe (632)
C:\windows\system32\lsm.exe (640)
C:\windows\system32\svchost.exe (764)
C:\windows\system32\svchost.exe (840)
C:\windows\System32\svchost.exe (924)
C:\windows\System32\svchost.exe (972)
C:\windows\system32\svchost.exe (996)
C:\windows\system32\svchost.exe (1140)
C:\windows\system32\svchost.exe (1252)
C:\windows\System32\spoolsv.exe (1420)
C:\windows\Explorer.EXE (1464)
C:\windows\system32\Dwm.exe (1476)
C:\windows\system32\taskhost.exe (1544)
C:\windows\system32\svchost.exe (1584)
C:\Program Files\SFR\Gestionnaire de Connexion\SFR.Dashboard.Service.exe (1916)
C:\windows\system32\svchost.exe (336)
C:\windows\System32\svchost.exe (524)
C:\windows\system32\SearchIndexer.exe (2088)
C:\windows\system32\taskeng.exe (2592)
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (2628)
C:\windows\system32\igfxext.exe (2672)
C:\windows\system32\igfxsrvc.exe (2700)
C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (3624)
C:\windows\system32\svchost.exe (3800)
C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe (3932)
C:\windows\system32\taskeng.exe (2124)
C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe (2780)
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (2732)
C:\windows\system32\wuauclt.exe (2896)
C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe (824)
C:\Program Files\SFR\Gestionnaire de Connexion\SFR_Gestionnaire_connexion.exe (3720)
C:\Program Files\Windows Media Player\wmpnetwk.exe (3064)
C:\windows\System32\WUDFHost.exe (1472)
C:\Program Files\Mozilla Firefox\firefox.exe (2740)
C:\Program Files\Mozilla Firefox\plugin-container.exe (3396)
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (3268)
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (3632)
C:\windows\system32\SearchProtocolHost.exe (3588)
C:\windows\system32\SearchFilterHost.exe (1188)
C:\UsbFix\Go.exe (2928)
C:\windows\system32\wbem\wmiprvse.exe (1952)
################## | Processus Stoppés |
Stoppé! C:\windows\System32\spoolsv.exe (1420)
Stoppé! C:\windows\Explorer.EXE (1464)
Stoppé! C:\windows\system32\taskhost.exe (1544)
Stoppé! C:\Program Files\SFR\Gestionnaire de Connexion\SFR.Dashboard.Service.exe (1916)
Stoppé! C:\windows\system32\SearchIndexer.exe (2088)
Stoppé! C:\windows\system32\taskeng.exe (2592)
Stoppé! C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (2628)
Stoppé! C:\windows\system32\igfxext.exe (2672)
Stoppé! C:\windows\system32\igfxsrvc.exe (2700)
Stoppé! C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (3624)
Stoppé! C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe (3932)
Stoppé! C:\windows\system32\taskeng.exe (2124)
Stoppé! C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe (2780)
Stoppé! C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (2732)
Stoppé! C:\windows\system32\wuauclt.exe (2896)
Stoppé! C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe (824)
Stoppé! C:\Program Files\SFR\Gestionnaire de Connexion\SFR_Gestionnaire_connexion.exe (3720)
Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (3064)
Stoppé! C:\windows\System32\WUDFHost.exe (1472)
Stoppé! C:\Program Files\Mozilla Firefox\firefox.exe (2740)
Stoppé! C:\Program Files\Mozilla Firefox\plugin-container.exe (3396)
Stoppé! C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (3268)
Stoppé! C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (3632)
################## | Éléments infectieux |
Non supprimé ! E:\SFRLauncher.exe
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-125861783-3839136723-2810644531-1000
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-125861783-3839136723-2810644531-1000
Non supprimé ! E:\autorun.inf
Supprimé! F:\Images.exe
Supprimé! F:\New Folder.exe
Supprimé! F:\Videos.exe
Supprimé! D:\music\rap fr\25 g.exe
Supprimé! D:\music\rap fr\al k pote.exe
Supprimé! D:\music\rap fr\ALPHA 5-20 Gangsters avec de grands boubous.exe
Supprimé! D:\music\rap fr\Alpha_5.20_-_4025_Quoi_de_neuf_pd-FR-2009.exe
Supprimé! D:\music\rap fr\compilation.exe
Supprimé! D:\music\rap fr\FF hors serie 2.exe
Supprimé! D:\music\rap fr\ma 6-T va craquer.exe
Supprimé! D:\music\rap fr\New Folder.exe
Supprimé! D:\music\rap fr\NTM Live.exe
Supprimé! D:\music\rap fr\patate de forain.exe
Supprimé! D:\music\rap fr\Piloophaz-Hymne_A_La_Folie.exe
Supprimé! D:\music\rap fr\Recycled.exe
Supprimé! D:\music\rap fr\seth alkapote 25g.exe
Supprimé! D:\music\rap fr\Seth Gueko - Barillet plein (2005).exe
Supprimé! D:\music\rap fr\seth gueko - les fils de jack mess (2008).exe
Supprimé! D:\music\rap fr\Seth Gueko - Mains Sales.exe
Supprimé! F:\Images\My photos.exe
Supprimé! F:\Videos\My video clips.exe
Supprimé! F:\Sounds\My voice clips.exe
Supprimé! F:\Sounds\8°6_Crew_._Bad_bad_reggae_._par_Manux_192kbps_Ska_français.exe
Supprimé! F:\Sounds\1982 - un olympia pour moi tout seul (live).exe
Supprimé! F:\Sounds\acdc - 1992 - live.exe
Supprimé! F:\Sounds\bons pour l'asile (2003).exe
Supprimé! F:\Sounds\dance.exe
Supprimé! F:\Sounds\mc circulaire.exe
Supprimé! F:\Sounds\New Folder.exe
Supprimé! F:\Sounds\Nouveau dossier.exe
Supprimé! F:\Sounds\Recycled.exe
Supprimé! F:\Sounds\sinse part en live.exe
Supprimé! F:\Sounds\svinkels - dj pone réveille le svink' (1997-2005).exe
Supprimé! F:\Sounds\svinkels_ [1999] _tapis rouge.exe
Supprimé! F:\Sounds\variété.exe
Supprimé! F:\Music\FM radio clips.exe
Supprimé! F:\Sounds.exe
Supprimé! F:\Music.exe
Supprimé! F:\Other files.exe
Supprimé! F:\Imsifolder.exe
(!) Fichiers temporaires supprimés.
################## | Registre |
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
################## | Mountpoints2 |
################## | Listing |
[21/01/2013 - 21:39:13 | SHD ] C:\$RECYCLE.BIN
[18/10/2011 - 12:56:19 | D ] C:\72b654a6827a4b4ccd70bd
[21/06/2011 - 13:36:38 | D ] C:\780f0da835a66d195b
[10/06/2009 - 22:42:20 | N | 24] C:\autoexec.bat
[21/01/2013 - 19:45:07 | D ] C:\ComboFix
[21/01/2013 - 19:45:00 | N | 7946] C:\ComboFix.txt
[10/06/2009 - 22:42:20 | N | 10] C:\config.sys
[14/07/2009 - 05:53:55 | SHD ] C:\Documents and Settings
[21/01/2013 - 19:48:53 | ASH | 1062518784] C:\hiberfil.sys
[15/11/2010 - 07:57:41 | D ] C:\Intel
[14/07/2009 - 02:15:50 | N | 1386496] C:\msvbvm60.dll
[21/01/2013 - 19:48:54 | ASH | 1073741824] C:\pagefile.sys
[14/07/2009 - 03:37:05 | D ] C:\PerfLogs
[11/01/2013 - 16:30:57 | D ] C:\Program Files
[21/01/2013 - 19:36:08 | D ] C:\ProgramData
[21/01/2013 - 19:45:06 | D ] C:\Qoobox
[07/04/2011 - 15:53:33 | D ] C:\Recovery
[15/11/2010 - 08:00:32 | N | 2047] C:\RHDSetup.log
[11/01/2013 - 16:31:06 | N | 184] C:\setup.log
[21/01/2013 - 20:06:15 | SHD ] C:\System Volume Information
[21/01/2013 - 21:39:14 | D ] C:\UsbFix
[21/01/2013 - 21:35:19 | A | 8405] C:\UsbFix.txt
[07/04/2011 - 15:55:23 | D ] C:\Users
[21/01/2013 - 19:54:44 | D ] C:\Windows
[21/01/2013 - 21:39:13 | D ] D:\$RECYCLE.BIN
[06/01/2013 - 05:27:56 | D ] D:\film
[06/01/2013 - 11:10:54 | D ] D:\music
[31/01/2012 - 15:47:11 | D ] D:\photo
[07/04/2011 - 16:45:22 | D ] D:\SamsungRecovery
[08/04/2011 - 17:29:17 | SHD ] D:\System Volume Information
[15/04/2011 - 09:48:33 | D ] D:\telechargement
[24/02/2012 - 16:04:28 | R | 45] E:\autorun.inf
[16/03/2012 - 18:09:10 | R | 63490776] E:\FxFull_Setup_Gestionnaire_Connexion_SFR.exe
[20/03/2009 - 12:29:46 | R | 3262] E:\key.ico
[02/03/2012 - 11:12:01 | R | 54680] E:\SFRLauncher.exe
[12/03/2012 - 13:31:20 | R | 60] E:\SFRLauncher.ini
[16/03/2012 - 18:24:43 | R | 54] E:\VersionInfo.txt
[10/06/2010 - 12:19:00 | D ] F:\Images
[10/06/2010 - 12:19:00 | D ] F:\Videos
[10/06/2010 - 12:19:00 | D ] F:\Sounds
[10/06/2010 - 12:19:00 | D ] F:\Music
[10/06/2010 - 12:19:00 | D ] F:\Other files
[12/06/2010 - 16:51:00 | D ] F:\Imsifolder
[23/06/2010 - 21:32:32 | N | 20] F:\mm_sec.dat
[01/01/1601 - 01:00:00 | N | 0] F:\B2100.samsung
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_CEDRIC-PC.zip
http://eldesaparecido.com/upload.php
Merci de votre contribution.
################## | E.O.F |
Voici un copier/coll du rapport
############################## | UsbFix V 7.102 | [Suppression]
Utilisateur: Cedric (Administrateur) # CEDRIC-PC
Mis à jour le 20/12/2012 par El Desaparecido
Lancé à 21:35:07 | 21/01/2013
Site Web: https://www.sosvirus.net/
Contact: contact@eldesaparecido.com
PC: SAMSUNG ELECTRONICS CO., LTD. (N250P ) (X86-based PC
CPU: Intel(R) Atom(TM) CPU N455 @ 1.66GHz (1667)
RAM -> [Total : 1013 | Free : 221]
BIOS: Phoenix SecureCore(tm) NB Version 01HG.M011.20101209.RHU
BOOT: Normal boot
OS: Microsoft Windows 7 Édition Starter (6.1.7601 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 87 Go (9 Go libre(s) - 10%) [] # NTFS
D:\ -> Disque fixe # 130 Go (7 Go libre(s) - 5%) [] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 4 Go (3 Go libre(s) - 68%) [KFAT1] # FAT32
################## | Processus Actif |
C:\windows\system32\csrss.exe (432)
C:\windows\system32\wininit.exe (532)
C:\windows\system32\csrss.exe (540)
C:\windows\system32\services.exe (588)
C:\windows\system32\winlogon.exe (620)
C:\windows\system32\lsass.exe (632)
C:\windows\system32\lsm.exe (640)
C:\windows\system32\svchost.exe (764)
C:\windows\system32\svchost.exe (840)
C:\windows\System32\svchost.exe (924)
C:\windows\System32\svchost.exe (972)
C:\windows\system32\svchost.exe (996)
C:\windows\system32\svchost.exe (1140)
C:\windows\system32\svchost.exe (1252)
C:\windows\System32\spoolsv.exe (1420)
C:\windows\Explorer.EXE (1464)
C:\windows\system32\Dwm.exe (1476)
C:\windows\system32\taskhost.exe (1544)
C:\windows\system32\svchost.exe (1584)
C:\Program Files\SFR\Gestionnaire de Connexion\SFR.Dashboard.Service.exe (1916)
C:\windows\system32\svchost.exe (336)
C:\windows\System32\svchost.exe (524)
C:\windows\system32\SearchIndexer.exe (2088)
C:\windows\system32\taskeng.exe (2592)
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (2628)
C:\windows\system32\igfxext.exe (2672)
C:\windows\system32\igfxsrvc.exe (2700)
C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (3624)
C:\windows\system32\svchost.exe (3800)
C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe (3932)
C:\windows\system32\taskeng.exe (2124)
C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe (2780)
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (2732)
C:\windows\system32\wuauclt.exe (2896)
C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe (824)
C:\Program Files\SFR\Gestionnaire de Connexion\SFR_Gestionnaire_connexion.exe (3720)
C:\Program Files\Windows Media Player\wmpnetwk.exe (3064)
C:\windows\System32\WUDFHost.exe (1472)
C:\Program Files\Mozilla Firefox\firefox.exe (2740)
C:\Program Files\Mozilla Firefox\plugin-container.exe (3396)
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (3268)
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (3632)
C:\windows\system32\SearchProtocolHost.exe (3588)
C:\windows\system32\SearchFilterHost.exe (1188)
C:\UsbFix\Go.exe (2928)
C:\windows\system32\wbem\wmiprvse.exe (1952)
################## | Processus Stoppés |
Stoppé! C:\windows\System32\spoolsv.exe (1420)
Stoppé! C:\windows\Explorer.EXE (1464)
Stoppé! C:\windows\system32\taskhost.exe (1544)
Stoppé! C:\Program Files\SFR\Gestionnaire de Connexion\SFR.Dashboard.Service.exe (1916)
Stoppé! C:\windows\system32\SearchIndexer.exe (2088)
Stoppé! C:\windows\system32\taskeng.exe (2592)
Stoppé! C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (2628)
Stoppé! C:\windows\system32\igfxext.exe (2672)
Stoppé! C:\windows\system32\igfxsrvc.exe (2700)
Stoppé! C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (3624)
Stoppé! C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe (3932)
Stoppé! C:\windows\system32\taskeng.exe (2124)
Stoppé! C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe (2780)
Stoppé! C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (2732)
Stoppé! C:\windows\system32\wuauclt.exe (2896)
Stoppé! C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe (824)
Stoppé! C:\Program Files\SFR\Gestionnaire de Connexion\SFR_Gestionnaire_connexion.exe (3720)
Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (3064)
Stoppé! C:\windows\System32\WUDFHost.exe (1472)
Stoppé! C:\Program Files\Mozilla Firefox\firefox.exe (2740)
Stoppé! C:\Program Files\Mozilla Firefox\plugin-container.exe (3396)
Stoppé! C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (3268)
Stoppé! C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (3632)
################## | Éléments infectieux |
Non supprimé ! E:\SFRLauncher.exe
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-125861783-3839136723-2810644531-1000
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-125861783-3839136723-2810644531-1000
Non supprimé ! E:\autorun.inf
Supprimé! F:\Images.exe
Supprimé! F:\New Folder.exe
Supprimé! F:\Videos.exe
Supprimé! D:\music\rap fr\25 g.exe
Supprimé! D:\music\rap fr\al k pote.exe
Supprimé! D:\music\rap fr\ALPHA 5-20 Gangsters avec de grands boubous.exe
Supprimé! D:\music\rap fr\Alpha_5.20_-_4025_Quoi_de_neuf_pd-FR-2009.exe
Supprimé! D:\music\rap fr\compilation.exe
Supprimé! D:\music\rap fr\FF hors serie 2.exe
Supprimé! D:\music\rap fr\ma 6-T va craquer.exe
Supprimé! D:\music\rap fr\New Folder.exe
Supprimé! D:\music\rap fr\NTM Live.exe
Supprimé! D:\music\rap fr\patate de forain.exe
Supprimé! D:\music\rap fr\Piloophaz-Hymne_A_La_Folie.exe
Supprimé! D:\music\rap fr\Recycled.exe
Supprimé! D:\music\rap fr\seth alkapote 25g.exe
Supprimé! D:\music\rap fr\Seth Gueko - Barillet plein (2005).exe
Supprimé! D:\music\rap fr\seth gueko - les fils de jack mess (2008).exe
Supprimé! D:\music\rap fr\Seth Gueko - Mains Sales.exe
Supprimé! F:\Images\My photos.exe
Supprimé! F:\Videos\My video clips.exe
Supprimé! F:\Sounds\My voice clips.exe
Supprimé! F:\Sounds\8°6_Crew_._Bad_bad_reggae_._par_Manux_192kbps_Ska_français.exe
Supprimé! F:\Sounds\1982 - un olympia pour moi tout seul (live).exe
Supprimé! F:\Sounds\acdc - 1992 - live.exe
Supprimé! F:\Sounds\bons pour l'asile (2003).exe
Supprimé! F:\Sounds\dance.exe
Supprimé! F:\Sounds\mc circulaire.exe
Supprimé! F:\Sounds\New Folder.exe
Supprimé! F:\Sounds\Nouveau dossier.exe
Supprimé! F:\Sounds\Recycled.exe
Supprimé! F:\Sounds\sinse part en live.exe
Supprimé! F:\Sounds\svinkels - dj pone réveille le svink' (1997-2005).exe
Supprimé! F:\Sounds\svinkels_ [1999] _tapis rouge.exe
Supprimé! F:\Sounds\variété.exe
Supprimé! F:\Music\FM radio clips.exe
Supprimé! F:\Sounds.exe
Supprimé! F:\Music.exe
Supprimé! F:\Other files.exe
Supprimé! F:\Imsifolder.exe
(!) Fichiers temporaires supprimés.
################## | Registre |
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
################## | Mountpoints2 |
################## | Listing |
[21/01/2013 - 21:39:13 | SHD ] C:\$RECYCLE.BIN
[18/10/2011 - 12:56:19 | D ] C:\72b654a6827a4b4ccd70bd
[21/06/2011 - 13:36:38 | D ] C:\780f0da835a66d195b
[10/06/2009 - 22:42:20 | N | 24] C:\autoexec.bat
[21/01/2013 - 19:45:07 | D ] C:\ComboFix
[21/01/2013 - 19:45:00 | N | 7946] C:\ComboFix.txt
[10/06/2009 - 22:42:20 | N | 10] C:\config.sys
[14/07/2009 - 05:53:55 | SHD ] C:\Documents and Settings
[21/01/2013 - 19:48:53 | ASH | 1062518784] C:\hiberfil.sys
[15/11/2010 - 07:57:41 | D ] C:\Intel
[14/07/2009 - 02:15:50 | N | 1386496] C:\msvbvm60.dll
[21/01/2013 - 19:48:54 | ASH | 1073741824] C:\pagefile.sys
[14/07/2009 - 03:37:05 | D ] C:\PerfLogs
[11/01/2013 - 16:30:57 | D ] C:\Program Files
[21/01/2013 - 19:36:08 | D ] C:\ProgramData
[21/01/2013 - 19:45:06 | D ] C:\Qoobox
[07/04/2011 - 15:53:33 | D ] C:\Recovery
[15/11/2010 - 08:00:32 | N | 2047] C:\RHDSetup.log
[11/01/2013 - 16:31:06 | N | 184] C:\setup.log
[21/01/2013 - 20:06:15 | SHD ] C:\System Volume Information
[21/01/2013 - 21:39:14 | D ] C:\UsbFix
[21/01/2013 - 21:35:19 | A | 8405] C:\UsbFix.txt
[07/04/2011 - 15:55:23 | D ] C:\Users
[21/01/2013 - 19:54:44 | D ] C:\Windows
[21/01/2013 - 21:39:13 | D ] D:\$RECYCLE.BIN
[06/01/2013 - 05:27:56 | D ] D:\film
[06/01/2013 - 11:10:54 | D ] D:\music
[31/01/2012 - 15:47:11 | D ] D:\photo
[07/04/2011 - 16:45:22 | D ] D:\SamsungRecovery
[08/04/2011 - 17:29:17 | SHD ] D:\System Volume Information
[15/04/2011 - 09:48:33 | D ] D:\telechargement
[24/02/2012 - 16:04:28 | R | 45] E:\autorun.inf
[16/03/2012 - 18:09:10 | R | 63490776] E:\FxFull_Setup_Gestionnaire_Connexion_SFR.exe
[20/03/2009 - 12:29:46 | R | 3262] E:\key.ico
[02/03/2012 - 11:12:01 | R | 54680] E:\SFRLauncher.exe
[12/03/2012 - 13:31:20 | R | 60] E:\SFRLauncher.ini
[16/03/2012 - 18:24:43 | R | 54] E:\VersionInfo.txt
[10/06/2010 - 12:19:00 | D ] F:\Images
[10/06/2010 - 12:19:00 | D ] F:\Videos
[10/06/2010 - 12:19:00 | D ] F:\Sounds
[10/06/2010 - 12:19:00 | D ] F:\Music
[10/06/2010 - 12:19:00 | D ] F:\Other files
[12/06/2010 - 16:51:00 | D ] F:\Imsifolder
[23/06/2010 - 21:32:32 | N | 20] F:\mm_sec.dat
[01/01/1601 - 01:00:00 | N | 0] F:\B2100.samsung
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_CEDRIC-PC.zip
http://eldesaparecido.com/upload.php
Merci de votre contribution.
################## | E.O.F |
bonjour, ok si c'est bon c'est bien , mais j'aimerais en avoir le coeur net si tu pouvais me poster un zhpdiag pour contrôle , merci
Ouvre ce lien et télécharge ZHPDiag :
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Enregistres le sur ton Bureau.
Une fois le téléchargement achevé
pour XP, double-clique sur ZHPDiag
pour Vista,et seven tu fais un clic droit sur l'icône et exécute en tant qu'administrateur.
N'oublies pas de cocher la case qui permet de mettre un raccourci sur le Bureau.
/|\ l'outil a créé 2 icônes ZHPDiag et ZHPFix.
Double cliques sur le raccourci ZHPDiag sur ton Bureau pour XP sinon clique droit et en tant que administrateur !!
Cliques sur la loupe pour lancer l'analyse.
si tu as un message te demandant la validation pour SIGCHECK acceptes avec OK cela est pour nous faire un rapport plus complet et pouvoir en faire une lecture plus approfondis
Laisses l'outil travailler, il peut être assez long
A la fin de l'analyse,clique sur l'appareil photo et enregistre le rapport sur ton Bureau.
Fermes ZHPDiag en fin d'analyse.
Pour me le transmettre clique sur ce lien :
https://www.cjoint.com/
Clique sur Parcourir et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\bureau\.ZHPDiag.txt
ou directement en choisissant bureau et ZHPDiag.txt clique dessus
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://cjoint.com/data/0KAoeRbq7Szgg.htm
est ajouté dans la page.
Copie ce lien dans ta réponse.
et si problème passe par celui ci : http://pjjoint.malekal.com/
Ouvre ce lien et télécharge ZHPDiag :
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Enregistres le sur ton Bureau.
Une fois le téléchargement achevé
pour XP, double-clique sur ZHPDiag
pour Vista,et seven tu fais un clic droit sur l'icône et exécute en tant qu'administrateur.
N'oublies pas de cocher la case qui permet de mettre un raccourci sur le Bureau.
/|\ l'outil a créé 2 icônes ZHPDiag et ZHPFix.
Double cliques sur le raccourci ZHPDiag sur ton Bureau pour XP sinon clique droit et en tant que administrateur !!
Cliques sur la loupe pour lancer l'analyse.
si tu as un message te demandant la validation pour SIGCHECK acceptes avec OK cela est pour nous faire un rapport plus complet et pouvoir en faire une lecture plus approfondis
Laisses l'outil travailler, il peut être assez long
A la fin de l'analyse,clique sur l'appareil photo et enregistre le rapport sur ton Bureau.
Fermes ZHPDiag en fin d'analyse.
Pour me le transmettre clique sur ce lien :
https://www.cjoint.com/
Clique sur Parcourir et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\bureau\.ZHPDiag.txt
ou directement en choisissant bureau et ZHPDiag.txt clique dessus
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://cjoint.com/data/0KAoeRbq7Szgg.htm
est ajouté dans la page.
Copie ce lien dans ta réponse.
et si problème passe par celui ci : http://pjjoint.malekal.com/
Voila je ne sais pas si c'est ca que tu voulais que je te poste:
Rapport de ZHPDiag v1.34.44 par Nicolas Coolman, Update du 19/01/2013
Run by Cedric at 22/01/2013 22:58:07
State : Version à jour.
UAC : Deactivate by program
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 18.0.1 v18.0.1 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : X8XG7
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1013 MB (15% free)
System Restore: Activé (Enable)
System drive C: has 9 GB (10%) free of 87 GB
---\\ Logged in mode
~ Computer Name: CEDRIC-PC
~ User Name: Cedric
~ All Users Names: Cedric, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Cedric\AppData\Roaming\
~ %Desktop% : C:\Users\Cedric\Desktop\
~ %Favorites% : C:\Users\Cedric\Favorites\
~ %LocalAppData% : C:\Users\Cedric\AppData\Local\
~ %StartMenu% : C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 9 Go of 87 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 7 Go of 130 Go)
E:\ CD-ROM drive (Free 0 Go of 0 Go)
F:\ Floppy drive, Flash card reader, USB Key (Free 3 Go of 4 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.7FA3A810F383588D46220967DE8B64FF] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/11/2012 - 02:57:37.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.0D87503986BB3DFED58E343FE39DDE13] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 18:18:09.) -- C:\Windows\system32\Drivers\ntfs.sys [1211760]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Scan Generic Processes in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes Favoris (My Favorites) : 1/40
~ Mes Documents (My Documents) : 1/7
~ Mon Bureau (My Desktop) : 1/195
~ Menu demarrer (Programs) : 1/29
~ Scan Hidden Files in 00mn 01s
---\\ Processus lancés
[MD5.E4F17DB1964B3BDC5E972901B7E0C943] - (.SFR - Gestionnaire de connexion.) -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR_Gestionnaire_connexion.exe [805848] [PID.1964]
[MD5.FBED7D9DC34BB8B51BA7E8ED831C9F9E] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [862064] [PID.2600]
[MD5.4C78DB9EFB6E8E73AD4207FFD1314B7E] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe [173080] [PID.2636]
[MD5.CFFCD1AF4F76C80E6AE2AEE561BD0BF6] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [252952] [PID.2668]
[MD5.85B2CA4013C9E98E2936E69153AEA360] - (.SEC - Samsung Recovery Solution 5.) -- C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4384560] [PID.3548]
[MD5.D9C70E8552670E7A67778ED238C18975] - (.Samsung Electronics Co., Ltd. - Smart Restarter Program.) -- C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2208624] [PID.3832]
[MD5.D7826A7440444F40E0406CF37FD2FA88] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [917400] [PID.4036]
[MD5.15DC04031C19CCF380A69E50E589317B] - (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) -- C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [775336] [PID.2184]
[MD5.3F12DC91216AAC08EBDCB8602F55D36C] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [1755504] [PID.3004]
[MD5.B8C44BF5A86B4662458F4AA8F901C94B] - (.Samsung Electronics - Samsung Update Plus Background.) -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2782064] [PID.3840]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\windows\system32\wuauclt.exe [53784] [PID.3984]
[MD5.9A4841A0CE83A768F7A5F4BA97DE02B5] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.3728]
[MD5.74EA3B22BED984C3439E4397DA5A1811] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [5170688] [PID.172]
~ Scan Processes Running in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Cedric\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Cedric\AppData\Roaming\Mozilla\Firefox\Profiles\eg2q7vf0.default\prefs.js
M3 - MFPP: Plugins - [Cedric] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Cedric] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Cedric] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Cedric] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Cedric] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Cedric] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Cedric] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Cedric - eg2q7vf0.default] https://www.google.com/?gws_rd=ssl
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10329.0.) -- c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 1
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: W2PBrowser Browser Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} . (...) -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
~ Scan BHO in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Cedric\Desktop\Auslogics Disk Defrag.lnk . (.Auslogics.) -- C:\Program Files\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe
O4 - Global Startup: C:\Users\Cedric\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Cedric\Desktop\Ordinateur - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Cedric\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gestionnaire de Connexion.lnk . (.SFR.) -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR_Gestionnaire_connexion.exe
O4 - Global Startup: C:\Users\Cedric\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Cedric\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk . (.PokerStars.) -- C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe
~ Scan Global Startup in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} . (...) -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O9 - Extra button: Samsung AnyWeb Print - {90EAE591-7E7E-434a-8E28-ECFD00071806} -- C:\Program Files\PokerStars.FR\main.ico (.not file.)
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E57BEC47-BBBF-41AD-8A76-59FEAEE86EA0}: NameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CCS\Services\Tcpip\..\{3228F444-C124-4B33-8948-854CF1A9EA80}: DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E903049-0489-4980-98E0-ADE678F5F15A}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E57BEC47-BBBF-41AD-8A76-59FEAEE86EA0}: NameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{3228F444-C124-4B33-8948-854CF1A9EA80}: DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CS1\Services\Tcpip\..\{4E903049-0489-4980-98E0-ADE678F5F15A}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{3228F444-C124-4B33-8948-854CF1A9EA80}: DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CS2\Services\Tcpip\..\{4E903049-0489-4980-98E0-ADE678F5F15A}: DhcpNameServer = 192.168.0.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (SFR.Dashboard.Service) . (.SFR - SFR.Dashboard.Service.) - C:\Program Files\SFR\Gestionnaire de Connexion\SFR.Dashboard.Service.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
[MD5.95CE557D16A75606CCC2D7F3B0B0BCCB] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.85B2CA4013C9E98E2936E69153AEA360] [APT] [advSRS5] (.SEC.) -- C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
[MD5.5569988E02ED5021D2AE207BFECC781C] [APT] [BatteryLifeExtender] (.Samsung Electronics. Co. Ltd..) -- C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe
[MD5.FBED7D9DC34BB8B51BA7E8ED831C9F9E] [APT] [EasyDisplayMgr] (.Samsung Electronics Co., Ltd..) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
[MD5.15DC04031C19CCF380A69E50E589317B] [APT] [MovieColorEnhancer] (.Samsung Electronics Co., Ltd..) -- C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Program Files\FREEzeFrog\bin\1.0.670.0\FREEzeFrogSA.exe (.not file.)
[MD5.844165C03B6D6C051B8A5F461D8F0BBB] [APT] [YourFile Update] (.http://yourfiledownloader.com.) -- C:\Program Files\YourFileDownloader\YourFileUpdater.exe
[MD5.00000000000000000000000000000000] [APT] [{81EA993B-79AC-4484-BE96-DE79B2F8D514}] (...) -- C:\Program Files\Babylon\Babylon-Pro\Utils\uninstbb.exe (.not file.)
~ Scan Scheduled Task in 00mn 09s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.5 r502.) -- C:\windows\system32\Macromed\Flash\Flash32_11_5_502_135.ocx
~ Scan Active Setup in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (SABI) . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - C:\windows\system32\Drivers\SABI.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: C:\Windows\System32\drivers\ws2ifsl.sys (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Scan Drivers in 00mn 01s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A91000000001}
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Auslogics Disk Defrag - (.Auslogics Software Pty Ltd.) [HKLM] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1
O42 - Logiciel: BatteryLifeExtender - (.Samsung.) [HKLM] -- {EA257ECF-5F72-4461-B890-959394DCD087}
O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM] -- Broadcom 802.11 Network Adapter
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: ETDWare PS/2-X86 8.0.7.1_WHQL - (.ELAN Microelectronic Corp..) [HKLM] -- Elantech
O42 - Logiciel: Easy Display Manager - (.Samsung Electronics Co., Ltd..) [HKLM] -- {17283B95-21A8-4996-97DA-547A48DB266F}
O42 - Logiciel: Easy Network Manager - (.Samsung.) [HKLM] -- {556EAB35-CD1F-4E94-83CA-D5C9FA2CDA5B}
O42 - Logiciel: Easy Resolution Manager - (.Samsung.) [HKLM] -- {18AA278D-E0B9-4F99-ACCC-070978A38453}
O42 - Logiciel: EasyBatteryManager - (.Samsung.) [HKLM] -- {607DA1C8-34EC-4D7A-AD83-F8E5C70736DF}
O42 - Logiciel: EasyFileShare - (.Samsung.) [HKLM] -- {EA76E65F-6679-495A-A8A6-42AD6602ED4C}
O42 - Logiciel: Fast Start - (.SAMSUNG.) [HKLM] -- {77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}
O42 - Logiciel: Gestionnaire de Connexion 3.4 - (.SFR.) [HKLM] -- {FC48747D-095F-4CF6-B54E-37D4F4738A15}_is1
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Marvell Miniport Driver - (.Marvell.) [HKLM] -- Marvell Miniport Driver
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Movie Color Enhancer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}
O42 - Logiciel: Mozilla Firefox 18.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 18.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM] -- PokerStars.fr
O42 - Logiciel: REALTEK PCIE Wireless LAN Software - (.REALTEK Semiconductor Corp..) [HKLM] -- {A5C8BFF2-0044-4500-8BB5-BEB0D2335885}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SRS Premium Sound Control Panel - (.SRS Labs, Inc..) [HKLM] -- {E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}
O42 - Logiciel: Samsung AnyWeb Print - (.Samsung Electronics Co., Ltd..) [HKLM] -- {318DBE01-1E6B-4243-84B0-210391FE789A}
O42 - Logiciel: Samsung Recovery Solution 5 - (.Samsung.) [HKLM] -- {145DE957-0679-4A2A-BB5C-1D3E9808FAB2}
O42 - Logiciel: Samsung Support Center - (.Samsung.) [HKLM] -- {F687E657-F636-44DF-8125-9FEEA2C362F5}
O42 - Logiciel: Samsung Universal Print Driver - (.Samsung Electronics Co., Ltd..) [HKLM] -- Samsung Universal Print Driver
O42 - Logiciel: Samsung Universal Scan Driver - (.Samsung Electronics Co., Ltd..) [HKLM] -- Samsung Universal Scan Driver
O42 - Logiciel: Samsung Update Plus - (.Samsung Electronics Co., Ltd..) [HKLM] -- {142D8CA7-2C6F-45A7-83E3-099AAFD99133}
O42 - Logiciel: YourFileDownloader - (.http://yourfiledownloader.com/ [HKCU] -- YourFileDownloader
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Auslogics]
[HKCU\Software\Babylon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Elantech]
[HKCU\Software\Google]
[HKCU\Software\Intel]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\SFRLauncher]
[HKCU\Software\SFR]
[HKCU\Software\SSPrint]
[HKCU\Software\SSScan]
[HKCU\Software\Samsung]
[HKCU\Software\Skype]
[HKCU\Software\SpeedMaxPc]
[HKCU\Software\Sysinternals]
[HKCU\Software\Usbfix]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Atheros]
[HKLM\Software\Babylon]
[HKLM\Software\BcmSetup]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\Macromedia]
[HKLM\Software\Marvell]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SFR]
[HKLM\Software\SMLibrary]
[HKLM\Software\SPanel]
[HKLM\Software\SRS Labs]
[HKLM\Software\SSPrint]
[HKLM\Software\SSScan]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Samsung]
[HKLM\Software\SpeedMaxPc]
[HKLM\Software\SuppHelpDir]
[HKLM\Software\Swearware]
[HKLM\Software\WinRAR]
[HKLM\Software\YourFileDownloader]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/04/2011 - 15:59:45 - [223,122] ----D C:\Program Files\Adobe
O43 - CFD: 11/01/2013 - 16:30:58 - [0,001] ----D C:\Program Files\Atheros
O43 - CFD: 21/07/2011 - 20:39:53 - [8,966] ----D C:\Program Files\Auslogics
O43 - CFD: 15/11/2010 - 08:03:16 - [11,073] ----D C:\Program Files\Broadcom
O43 - CFD: 21/01/2013 - 19:51:45 - [5,023] ----D C:\Program Files\CCleaner
O43 - CFD: 21/01/2013 - 19:30:21 - [75,726] ----D C:\Program Files\Common Files
O43 - CFD: 07/04/2011 - 16:07:17 - [76,851] ----D C:\Program Files\CyberLink
O43 - CFD: 08/07/2011 - 13:03:50 - [3,997] ----D C:\Program Files\DVD Maker
O43 - CFD: 07/04/2011 - 15:55:52 - [15,729] ----D C:\Program Files\Elantech
O43 - CFD: 08/03/2012 - 22:54:10 - [0] ----D C:\Program Files\Google
O43 - CFD: 11/01/2013 - 16:29:49 - [85,942] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 15/11/2010 - 07:58:40 - [4,797] ----D C:\Program Files\Intel
O43 - CFD: 14/12/2012 - 11:00:03 - [5,570] ----D C:\Program Files\Internet Explorer
O43 - CFD: 15/11/2010 - 08:01:10 - [3,861] ----D C:\Program Files\Marvell
O43 - CFD: 08/04/2011 - 17:16:12 - [0] ----D C:\Program Files\Microsoft
O43 - CFD: 14/07/2009 - 05:52:30 - [44,813] ----D C:\Program Files\Microsoft Games
O43 - CFD: 13/05/2012 - 13:01:23 - [36,641] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 10/04/2011 - 13:05:52 - [0,015] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 21/01/2013 - 20:14:40 - [44,639] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 22/01/2013 - 12:43:27 - [0,212] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 05:52:30 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 08/04/2011 - 13:06:09 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 12/11/2012 - 17:32:07 - [94,794] ----D C:\Program Files\PokerStars.FR
O43 - CFD: 15/11/2010 - 07:59:45 - [14,710] ----D C:\Program Files\Realtek
O43 - CFD: 15/11/2010 - 08:05:27 - [5,694] ----D C:\Program Files\REALTEK PCIE Wireless LAN Software
O43 - CFD: 14/07/2009 - 05:52:30 - [37,357] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 19/06/2012 - 18:22:51 - [966,099] ----D C:\Program Files\Samsung
O43 - CFD: 07/04/2011 - 15:57:04 - [8,025] ----D C:\Program Files\Samsung AnyWeb Print
O43 - CFD: 13/09/2012 - 17:58:01 - [47,885] ----D C:\Program Files\SFR
O43 - CFD: 15/11/2010 - 08:01:00 - [1,822] ----D C:\Program Files\SRS Labs
O43 - CFD: 15/11/2010 - 08:00:32 - [0] --H-D C:\Program Files\Temp
O43 - CFD: 14/07/2009 - 05:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 08/07/2011 - 13:03:47 - [2,909] ----D C:\Program Files\Windows Defender
O43 - CFD: 08/04/2011 - 19:10:25 - [54,902] ----D C:\Program Files\Windows Live
O43 - CFD: 08/07/2011 - 13:03:50 - [5,895] ----D C:\Program Files\Windows Mail
O43 - CFD: 08/07/2011 - 13:03:50 - [6,298] ----D C:\Program Files\Windows Media Player
O43 - CFD: 14/07/2009 - 05:52:30 - [11,632] ----D C:\Program Files\Windows NT
O43 - CFD: 08/07/2011 - 13:03:50 - [4,213] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 08/07/2011 - 13:03:50 - [0,181] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 08/07/2011 - 13:03:50 - [5,717] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 11/04/2011 - 10:07:43 - [3,707] ----D C:\Program Files\WinRAR
O43 - CFD: 13/09/2012 - 18:23:00 - [6,839] ----D C:\Program Files\YourFileDownloader
O43 - CFD: 22/01/2013 - 22:58:35 - [11,394] ----D C:\Program Files\ZHPDiag
O43 - CFD: 07/04/2011 - 15:59:57 - [4,387] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 15/11/2010 - 07:56:44 - [3,581] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 21/06/2011 - 13:33:15 - [14,047] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 07/04/2011 - 16:00:39 - [0,338] ----D C:\Program Files\Common Files\Oberon Media
O43 - CFD: 15/11/2010 - 08:17:46 - [4,403] ----D C:\Program Files\Common Files\Samsung
O43 - CFD: 14/07/2009 - 03:37:05 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 03:37:05 - [39,200] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 12/11/2011 - 03:26:27 - [9,767] ----D C:\Program Files\Common Files\System
O43 - CFD: 15/11/2010 - 07:25:01 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 07/04/2011 - 16:00:13 - [0,001] ----D C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 05:53:55 - [0] ----D C:\ProgramData\Application Data
O43 - CFD: 11/01/2013 - 16:30:37 - [0,016] ----D C:\ProgramData\Atheros
O43 - CFD: 14/07/2009 - 05:53:55 - [0] ----D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 05:53:55 - [0] ----D C:\ProgramData\Documents
O43 - CFD: 14/07/2009 - 05:53:55 - [0] ----D C:\ProgramData\Favorites
O43 - CFD: 08/04/2011 - 17:47:09 - [220,723] -S--D C:\ProgramData\Microsoft
O43 - CFD: 02/06/2012 - 23:48:59 - [0,028] ----D C:\ProgramData\Mozilla
O43 - CFD: 08/04/2011 - 17:29:17 - [0,013] ----D C:\ProgramData\Norton
O43 - CFD: 15/11/2010 - 08:19:32 - [20,667] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 15/11/2010 - 09:10:57 - [0,519] ----D C:\ProgramData\SAMSUNG
O43 - CFD: 04/09/2012 - 17:07:30 - [0] ----D C:\ProgramData\SFR
O43 - CFD: 07/04/2011 - 15:59:22 - [18,978] ----D C:\ProgramData\Skype
O43 - CFD: 11/01/2013 - 13:52:23 - [0] ----D C:\ProgramData\SpeedMaxPc
O43 - CFD: 14/07/2009 - 05:53:55 - [0] ----D C:\ProgramData\Start Menu
O43 - CFD: 09/09/2012 - 10:49:20 - [0] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 05:53:55 - [0] ----D C:\ProgramData\Templates
O43 - CFD: 07/04/2011 - 16:45:19 - [19,635] ----D C:\ProgramData\WinClon
O43 - CFD: 13/04/2011 - 20:43:16 - [4,128] ----D C:\Users\Cedric\AppData\Roaming\Adobe
O43 - CFD: 21/07/2011 - 20:40:05 - [0,392] ----D C:\Users\Cedric\AppData\Roaming\Auslogics
O43 - CFD: 13/09/2012 - 18:04:46 - [0,000] ----D C:\Users\Cedric\AppData\Roaming\DriverCure
O43 - CFD: 02/06/2011 - 21:18:40 - [0] ----D C:\Users\Cedric\AppData\Roaming\GetRightToGo
O43 - CFD: 07/04/2011 - 16:08:22 - [0] ----D C:\Users\Cedric\AppData\Roaming\Identities
O43 - CFD: 07/04/2011 - 15:56:00 - [0] ----D C:\Users\Cedric\AppData\Roaming\InstallShield
O43 - CFD: 07/04/2011 - 16:58:28 - [0,004] ----D C:\Users\Cedric\AppData\Roaming\Macromedia
O43 - CFD: 11/01/2013 - 16:34:33 - [2,138] -S--D C:\Users\Cedric\AppData\Roaming\Microsoft
O43 - CFD: 23/07/2011 - 11:52:25 - [24,990] ----D C:\Users\Cedric\AppData\Roaming\Mozilla
O43 - CFD: 07/04/2011 - 15:57:04 - [0,001] ----D C:\Users\Cedric\AppData\Roaming\Samsung
O43 - CFD: 13/09/2012 - 18:04:46 - [0] ----D C:\Users\Cedric\AppData\Roaming\SpeedMaxPc
O43 - CFD: 11/04/2011 - 12:02:07 - [0,000] ----D C:\Users\Cedric\AppData\Roaming\WinRAR
O43 - CFD: 13/09/2012 - 18:22:59 - [0] ----D C:\Users\Cedric\AppData\Roaming\YourFileDownloader
O43 - CFD: 13/04/2011 - 20:43:59 - [45,358] ----D C:\Users\Cedric\AppData\Local\Adobe
O43 - CFD: 07/04/2011 - 15:55:23 - [0] ----D C:\Users\Cedric\AppData\Local\Application Data
O43 - CFD: 06/01/2013 - 03:55:12 - [0] ----D C:\Users\Cedric\AppData\Local\CrashDumps
O43 - CFD: 02/01/2013 - 16:35:21 - [0,510] ----D C:\Users\Cedric\AppData\Local\Diagnostics
O43 - CFD: 25/07/2011 - 11:47:09 - [6,182] ----D C:\Users\Cedric\AppData\Local\Google
O43 - CFD: 07/04/2011 - 15:55:23 - [0] ----D C:\Users\Cedric\AppData\Local\Historique
O43 - CFD: 25/11/2012 - 22:28:43 - [0] ----D C:\Users\Cedric\AppData\Local\Macromedia
O43 - CFD: 25/11/2012 - 22:28:43 - [29,092] ----D C:\Users\Cedric\AppData\Local\Microsoft
O43 - CFD: 08/04/2011 - 19:44:09 - [0,080] ----D C:\Users\Cedric\AppData\Local\Microsoft Games
O43 - CFD: 19/06/2012 - 18:24:45 - [0] ----D C:\Users\Cedric\AppData\Local\MigWiz
O43 - CFD: 23/07/2011 - 11:52:06 - [60,482] ----D C:\Users\Cedric\AppData\Local\Mozilla
O43 - CFD: 09/09/2012 - 10:49:19 - [0] ----D C:\Users\Cedric\AppData\Local\Orange
O43 - CFD: 16/12/2012 - 12:48:10 - [1,982] ----D C:\Users\Cedric\AppData\Local\PokerStars.FR
O43 - CFD: 04/09/2012 - 17:07:47 - [6,845] ----D C:\Users\Cedric\AppData\Local\SFR
O43 - CFD: 07/04/2011 - 16:09:20 - [0,003] ----D C:\Users\Cedric\AppData\Local\SRS Labs
O43 - CFD: 22/01/2013 - 22:55:31 - [0,468] ----D C:\Users\Cedric\AppData\Local\temp
O43 - CFD: 07/04/2011 - 15:55:23 - [0] ----D C:\Users\Cedric\AppData\Local\Temporary Internet Files
O43 - CFD: 11/09/2012 - 15:16:11 - [0,132] ----D C:\Users\Cedric\AppData\Local\VirtualStore
O43 - CFD: 14/07/2009 - 05:42:04 - [0,014] R---D C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 21/07/2012 - 23:30:51 - [0,000] R---D C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 07/04/2011 - 16:07:19 - [0,005] ----D C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
O43 - CFD: 14/07/2009 - 05:37:42 - [0,001] R---D C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 21/07/2012 - 23:30:51 - [0,000] R---D C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 11/04/2011 - 10:07:43 - [0,003] ----D C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Scan Program Folder in 00mn 14s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.68BCD8CE8E6DA42FAB7F70DFA195A6C3] - 22/01/2013 - 22:46:56 ---A- . (...) -- C:\Windows\WindowsUpdate.log [848510]
O44 - LFC:[MD5.9982DE5B241F4776F71698EB4D4FC7E9] - 22/01/2013 - 22:40:27 ---A- . (...) -- C:\Windows\setupact.log [168]
O44 - LFC:[MD5.1C36078702AEA54522672F17CA6BEAC7] - 22/01/2013 - 22:40:24 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/01/2013 - 12:43:53 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.0529EA7D27F150F84B895F8C44BE1C63] - 22/01/2013 - 12:43:51 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [259232]
O44 - LFC:[MD5.CA4705EF62ABF9F6134A17520021E43A] - 21/01/2013 - 21:42:25 ---A- . (...) -- C:\UsbFix.txt [9984]
O44 - LFC:[MD5.F05C7FB6C111BB957EAF6B55B86CE441] - 21/01/2013 - 21:42:24 ---A- . (...) -- C:\UsbFix_Upload_Me_CEDRIC-PC.zip [1117979]
O44 - LFC:[MD5.DD597D14783F7D36365A4E4188056251] - 21/01/2013 - 20:19:08 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1549700]
O44 - LFC:[MD5.91895E23B42FB51F8AE913001DF22DC6] - 21/01/2013 - 20:19:08 ---A- . (...) -- C:\Windows\System32\perfc009.dat [106388]
O44 - LFC:[MD5.870800102B0030B3ED1140494FCF3FDF] - 21/01/2013 - 20:19:08 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [130754]
O44 - LFC:[MD5.F0D618A4451328565F3C7DBE4B9912E3] - 21/01/2013 - 20:19:08 ---A- . (...) -- C:\Windows\System32\perfh009.dat [616008]
O44 - LFC:[MD5.A3AEE033ED89A9FC3885728242DCC5D3] - 21/01/2013 - 20:19:08 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [704480]
O44 - LFC:[MD5.1758839F95710A7F7F6D1D8561770593] - 21/01/2013 - 19:45:00 ----- . (...) -- C:\ComboFix.txt [7946]
O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 21/01/2013 - 19:38:45 ---A- . (...) -- C:\Windows\system.ini [215]
O44 - LFC:[MD5.753BC16326FEE4A421ACB636CCD602F4] - 21/01/2013 - 19:17:27 ---A- . (.NirSoft - NirCmd.) -- C:\Windows\NIRCMD.exe [60416]
O44 - LFC:[MD5.A46842C9B0C567A5A9584E83A163560C] - 21/01/2013 - 19:17:27 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\Windows\SWREG.exe [518144]
O44 - LFC:[MD5.0297C72529807322B152F517FDB0A9FC] - 21/01/2013 - 19:17:27 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\Windows\SWSC.exe [406528]
O44 - LFC:[MD5.7510957F96C730DFF20087A16628F8FE] - 11/01/2013 - 16:31:06 ----- . (...) -- C:\setup.log [184]
O44 - LFC:[MD5.7D0A662D7B116169854B4EC941A7822D] - 11/01/2013 - 16:29:54 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\Drivers\athr.sys [1247744]
O44 - LFC:[MD5.7D0A662D7B116169854B4EC941A7822D] - 11/01/2013 - 16:29:54 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\athr.sys [1247744]
O44 - LFC:[MD5.A067A19A91C2AA0198F9BD01A5CEF5C6] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classement GRB.) -- C:\Windows\System32\grb.rs [21504]
O44 - LFC:[MD5.4F5C56DBF076D5BBB1D22B37BF281396] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classement PEGI au Portugal.) -- C:\Windows\System32\pegi-pt.rs [20480]
O44 - LFC:[MD5.5109C45498BC709C8A7E016D5FFCCAC2] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classement PEGI.) -- C:\Windows\System32\pegi.rs [20480]
O44 - LFC:[MD5.9B7D7F4D1F79E8B7D727BE94B1630D59] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classement PEGI/BBFC.) -- C:\Windows\System32\pegibbfc.rs [44544]
O44 - LFC:[MD5.9EDCFA23CC081E38C86CA309D0F7E3DC] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classement USK.) -- C:\Windows\System32\usk.rs [30720]
O44 - LFC:[MD5.41CE7975CAD7BCF92538D2C452239523] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classification COB-AU.) -- C:\Windows\System32\cob-au.rs [40960]
O44 - LFC:[MD5.27828AAA24AA46F11036954ADE355C1C] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classification DJCTQ.) -- C:\Windows\System32\djctq.rs [15360]
O44 - LFC:[MD5.A704E750245D5D4EE4A23E99A00F27D5] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classification FPB.) -- C:\Windows\System32\fpb.rs [46592]
O44 - LFC:[MD5.ED59143843560B5EDB543C2A48CB9E4B] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classification OFLC-NZ.) -- C:\Windows\System32\oflc-nz.rs [45568]
O44 - LFC:[MD5.6EC618588447B82EA8D88719EE46F725] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de notation CSRR.) -- C:\Windows\System32\csrr.rs [43520]
O44 - LFC:[MD5.DDD1C4AB9A9DAE6D4092C4C95E714650] - 10/01/2013 - 12:30:49 ---A- . (.Microsoft - Système de classement ESRB.) -- C:\Windows\System32\esrb.rs [51712]
O44 - LFC:[MD5.7752619457598CF057C4CC02A0867029] - 10/01/2013 - 12:30:48 ---A- . (.Microsoft - Système de classement CERO.) -- C:\Windows\System32\cero.rs [55296]
O44 - LFC:[MD5.CBC69A055EF410CBD65593E4808B6DB4] - 10/01/2013 - 12:30:48 ---A- . (.Microsoft - Système de classement OFLC.) -- C:\Windows\System32\oflc.rs [23552]
O44 - LFC:[MD5.72035C97983745E742D71E9A8EF70BBB] - 10/01/2013 - 12:30:48 ---A- . (.Microsoft - Système de classement PEGI en Finlande.) -- C:\Windows\System32\pegi-fi.rs [20480]
O44 - LFC:[MD5.40B6E9A9D0F022160B9C5F6B32079BCF] - 09/01/2013 - 18:32:33 ---A- . (...) -- C:\Windows\System32\MRT.INI [118]
O44 - LFC:[MD5.1153AC6E133AA849853DFD407B086B80] - 30/11/2012 - 00:17:39 ---A- . (...) -- C:\Windows\System32\locale.nls [420064]
O44 - LFC:[MD5.F042EE4C8D66248D9B86DCF52ABAE416] - 26/06/2011 - 07:45:56 ---A- . (...) -- C:\Windows\PEV.exe [256000]
O44 - LFC:[MD5.0277C027A26428DB64EF4F64F52BB4FD] - 07/11/2010 - 18:20:24 ---A- . (...) -- C:\Windows\MBR.exe [208896]
O44 - LFC:[MD5.F27B9878F13C8643AF0AEC62F85FB5B9] - 16/10/2010 - 11:20:00 ---A- . (...) -- C:\Windows\System32\athrext.cat [58276]
O44 - LFC:[MD5.F57F197C5424B9E87BC669EE1E53200E] - 11/10/2010 - 15:51:28 ---A- . (...) -- C:\Windows\System32\netathr.inf [354972]
O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 31/08/2000 - 01:00:00 ---A- . (...) -- C:\Windows\grep.exe [80412]
O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 31/08/2000 - 01:00:00 ---A- . (...) -- C:\Windows\sed.exe [98816]
O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 31/08/2000 - 01:00:00 ---A- . (...) -- C:\Windows\zip.exe [68096]
~ Scan Files in 00mn 14s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ Scan Keys in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s
---\\ MountPoints2 Shell Key (O51) (None)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\ETDCtrl [Key] . (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O53 - SMSR:HKLM\...\startupreg\Gestionnaire de connexion 3G+ SFR [Key] . (.SFR - Gestionnaire de connexion.) -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR_Gestionnaire_connexion.exe
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
~ Scan SMSR Keys in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Scan Drivers in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 1.34 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 28/05/2009 - C:\windows\system32\Drivers\SABI.sys (SABI) .(.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - LEGACY_SABI
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Scan Services in 00mn 01s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporati
Rapport de ZHPDiag v1.34.44 par Nicolas Coolman, Update du 19/01/2013
Run by Cedric at 22/01/2013 22:58:07
State : Version à jour.
UAC : Deactivate by program
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 18.0.1 v18.0.1 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : X8XG7
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1013 MB (15% free)
System Restore: Activé (Enable)
System drive C: has 9 GB (10%) free of 87 GB
---\\ Logged in mode
~ Computer Name: CEDRIC-PC
~ User Name: Cedric
~ All Users Names: Cedric, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Cedric\AppData\Roaming\
~ %Desktop% : C:\Users\Cedric\Desktop\
~ %Favorites% : C:\Users\Cedric\Favorites\
~ %LocalAppData% : C:\Users\Cedric\AppData\Local\
~ %StartMenu% : C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 9 Go of 87 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 7 Go of 130 Go)
E:\ CD-ROM drive (Free 0 Go of 0 Go)
F:\ Floppy drive, Flash card reader, USB Key (Free 3 Go of 4 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.7FA3A810F383588D46220967DE8B64FF] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/11/2012 - 02:57:37.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.0D87503986BB3DFED58E343FE39DDE13] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 18:18:09.) -- C:\Windows\system32\Drivers\ntfs.sys [1211760]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Scan Generic Processes in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes Favoris (My Favorites) : 1/40
~ Mes Documents (My Documents) : 1/7
~ Mon Bureau (My Desktop) : 1/195
~ Menu demarrer (Programs) : 1/29
~ Scan Hidden Files in 00mn 01s
---\\ Processus lancés
[MD5.E4F17DB1964B3BDC5E972901B7E0C943] - (.SFR - Gestionnaire de connexion.) -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR_Gestionnaire_connexion.exe [805848] [PID.1964]
[MD5.FBED7D9DC34BB8B51BA7E8ED831C9F9E] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [862064] [PID.2600]
[MD5.4C78DB9EFB6E8E73AD4207FFD1314B7E] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe [173080] [PID.2636]
[MD5.CFFCD1AF4F76C80E6AE2AEE561BD0BF6] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [252952] [PID.2668]
[MD5.85B2CA4013C9E98E2936E69153AEA360] - (.SEC - Samsung Recovery Solution 5.) -- C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4384560] [PID.3548]
[MD5.D9C70E8552670E7A67778ED238C18975] - (.Samsung Electronics Co., Ltd. - Smart Restarter Program.) -- C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2208624] [PID.3832]
[MD5.D7826A7440444F40E0406CF37FD2FA88] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [917400] [PID.4036]
[MD5.15DC04031C19CCF380A69E50E589317B] - (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) -- C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [775336] [PID.2184]
[MD5.3F12DC91216AAC08EBDCB8602F55D36C] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [1755504] [PID.3004]
[MD5.B8C44BF5A86B4662458F4AA8F901C94B] - (.Samsung Electronics - Samsung Update Plus Background.) -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2782064] [PID.3840]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\windows\system32\wuauclt.exe [53784] [PID.3984]
[MD5.9A4841A0CE83A768F7A5F4BA97DE02B5] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.3728]
[MD5.74EA3B22BED984C3439E4397DA5A1811] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [5170688] [PID.172]
~ Scan Processes Running in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Cedric\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Cedric\AppData\Roaming\Mozilla\Firefox\Profiles\eg2q7vf0.default\prefs.js
M3 - MFPP: Plugins - [Cedric] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Cedric] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Cedric] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Cedric] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Cedric] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Cedric] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Cedric] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Cedric - eg2q7vf0.default] https://www.google.com/?gws_rd=ssl
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10329.0.) -- c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 1
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: W2PBrowser Browser Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} . (...) -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
~ Scan BHO in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Cedric\Desktop\Auslogics Disk Defrag.lnk . (.Auslogics.) -- C:\Program Files\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe
O4 - Global Startup: C:\Users\Cedric\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Cedric\Desktop\Ordinateur - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Cedric\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gestionnaire de Connexion.lnk . (.SFR.) -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR_Gestionnaire_connexion.exe
O4 - Global Startup: C:\Users\Cedric\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Cedric\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk . (.PokerStars.) -- C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe
~ Scan Global Startup in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} . (...) -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O9 - Extra button: Samsung AnyWeb Print - {90EAE591-7E7E-434a-8E28-ECFD00071806} -- C:\Program Files\PokerStars.FR\main.ico (.not file.)
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E57BEC47-BBBF-41AD-8A76-59FEAEE86EA0}: NameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CCS\Services\Tcpip\..\{3228F444-C124-4B33-8948-854CF1A9EA80}: DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E903049-0489-4980-98E0-ADE678F5F15A}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E57BEC47-BBBF-41AD-8A76-59FEAEE86EA0}: NameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{3228F444-C124-4B33-8948-854CF1A9EA80}: DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CS1\Services\Tcpip\..\{4E903049-0489-4980-98E0-ADE678F5F15A}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{3228F444-C124-4B33-8948-854CF1A9EA80}: DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CS2\Services\Tcpip\..\{4E903049-0489-4980-98E0-ADE678F5F15A}: DhcpNameServer = 192.168.0.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (SFR.Dashboard.Service) . (.SFR - SFR.Dashboard.Service.) - C:\Program Files\SFR\Gestionnaire de Connexion\SFR.Dashboard.Service.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
[MD5.95CE557D16A75606CCC2D7F3B0B0BCCB] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.85B2CA4013C9E98E2936E69153AEA360] [APT] [advSRS5] (.SEC.) -- C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
[MD5.5569988E02ED5021D2AE207BFECC781C] [APT] [BatteryLifeExtender] (.Samsung Electronics. Co. Ltd..) -- C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe
[MD5.FBED7D9DC34BB8B51BA7E8ED831C9F9E] [APT] [EasyDisplayMgr] (.Samsung Electronics Co., Ltd..) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
[MD5.15DC04031C19CCF380A69E50E589317B] [APT] [MovieColorEnhancer] (.Samsung Electronics Co., Ltd..) -- C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Program Files\FREEzeFrog\bin\1.0.670.0\FREEzeFrogSA.exe (.not file.)
[MD5.844165C03B6D6C051B8A5F461D8F0BBB] [APT] [YourFile Update] (.http://yourfiledownloader.com.) -- C:\Program Files\YourFileDownloader\YourFileUpdater.exe
[MD5.00000000000000000000000000000000] [APT] [{81EA993B-79AC-4484-BE96-DE79B2F8D514}] (...) -- C:\Program Files\Babylon\Babylon-Pro\Utils\uninstbb.exe (.not file.)
~ Scan Scheduled Task in 00mn 09s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.5 r502.) -- C:\windows\system32\Macromed\Flash\Flash32_11_5_502_135.ocx
~ Scan Active Setup in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (SABI) . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - C:\windows\system32\Drivers\SABI.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: C:\Windows\System32\drivers\ws2ifsl.sys (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Scan Drivers in 00mn 01s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A91000000001}
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Auslogics Disk Defrag - (.Auslogics Software Pty Ltd.) [HKLM] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1
O42 - Logiciel: BatteryLifeExtender - (.Samsung.) [HKLM] -- {EA257ECF-5F72-4461-B890-959394DCD087}
O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM] -- Broadcom 802.11 Network Adapter
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: ETDWare PS/2-X86 8.0.7.1_WHQL - (.ELAN Microelectronic Corp..) [HKLM] -- Elantech
O42 - Logiciel: Easy Display Manager - (.Samsung Electronics Co., Ltd..) [HKLM] -- {17283B95-21A8-4996-97DA-547A48DB266F}
O42 - Logiciel: Easy Network Manager - (.Samsung.) [HKLM] -- {556EAB35-CD1F-4E94-83CA-D5C9FA2CDA5B}
O42 - Logiciel: Easy Resolution Manager - (.Samsung.) [HKLM] -- {18AA278D-E0B9-4F99-ACCC-070978A38453}
O42 - Logiciel: EasyBatteryManager - (.Samsung.) [HKLM] -- {607DA1C8-34EC-4D7A-AD83-F8E5C70736DF}
O42 - Logiciel: EasyFileShare - (.Samsung.) [HKLM] -- {EA76E65F-6679-495A-A8A6-42AD6602ED4C}
O42 - Logiciel: Fast Start - (.SAMSUNG.) [HKLM] -- {77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}
O42 - Logiciel: Gestionnaire de Connexion 3.4 - (.SFR.) [HKLM] -- {FC48747D-095F-4CF6-B54E-37D4F4738A15}_is1
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Marvell Miniport Driver - (.Marvell.) [HKLM] -- Marvell Miniport Driver
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Movie Color Enhancer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}
O42 - Logiciel: Mozilla Firefox 18.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 18.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM] -- PokerStars.fr
O42 - Logiciel: REALTEK PCIE Wireless LAN Software - (.REALTEK Semiconductor Corp..) [HKLM] -- {A5C8BFF2-0044-4500-8BB5-BEB0D2335885}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SRS Premium Sound Control Panel - (.SRS Labs, Inc..) [HKLM] -- {E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}
O42 - Logiciel: Samsung AnyWeb Print - (.Samsung Electronics Co., Ltd..) [HKLM] -- {318DBE01-1E6B-4243-84B0-210391FE789A}
O42 - Logiciel: Samsung Recovery Solution 5 - (.Samsung.) [HKLM] -- {145DE957-0679-4A2A-BB5C-1D3E9808FAB2}
O42 - Logiciel: Samsung Support Center - (.Samsung.) [HKLM] -- {F687E657-F636-44DF-8125-9FEEA2C362F5}
O42 - Logiciel: Samsung Universal Print Driver - (.Samsung Electronics Co., Ltd..) [HKLM] -- Samsung Universal Print Driver
O42 - Logiciel: Samsung Universal Scan Driver - (.Samsung Electronics Co., Ltd..) [HKLM] -- Samsung Universal Scan Driver
O42 - Logiciel: Samsung Update Plus - (.Samsung Electronics Co., Ltd..) [HKLM] -- {142D8CA7-2C6F-45A7-83E3-099AAFD99133}
O42 - Logiciel: YourFileDownloader - (.http://yourfiledownloader.com/ [HKCU] -- YourFileDownloader
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Auslogics]
[HKCU\Software\Babylon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Elantech]
[HKCU\Software\Google]
[HKCU\Software\Intel]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\SFRLauncher]
[HKCU\Software\SFR]
[HKCU\Software\SSPrint]
[HKCU\Software\SSScan]
[HKCU\Software\Samsung]
[HKCU\Software\Skype]
[HKCU\Software\SpeedMaxPc]
[HKCU\Software\Sysinternals]
[HKCU\Software\Usbfix]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Atheros]
[HKLM\Software\Babylon]
[HKLM\Software\BcmSetup]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\Macromedia]
[HKLM\Software\Marvell]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SFR]
[HKLM\Software\SMLibrary]
[HKLM\Software\SPanel]
[HKLM\Software\SRS Labs]
[HKLM\Software\SSPrint]
[HKLM\Software\SSScan]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Samsung]
[HKLM\Software\SpeedMaxPc]
[HKLM\Software\SuppHelpDir]
[HKLM\Software\Swearware]
[HKLM\Software\WinRAR]
[HKLM\Software\YourFileDownloader]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/04/2011 - 15:59:45 - [223,122] ----D C:\Program Files\Adobe
O43 - CFD: 11/01/2013 - 16:30:58 - [0,001] ----D C:\Program Files\Atheros
O43 - CFD: 21/07/2011 - 20:39:53 - [8,966] ----D C:\Program Files\Auslogics
O43 - CFD: 15/11/2010 - 08:03:16 - [11,073] ----D C:\Program Files\Broadcom
O43 - CFD: 21/01/2013 - 19:51:45 - [5,023] ----D C:\Program Files\CCleaner
O43 - CFD: 21/01/2013 - 19:30:21 - [75,726] ----D C:\Program Files\Common Files
O43 - CFD: 07/04/2011 - 16:07:17 - [76,851] ----D C:\Program Files\CyberLink
O43 - CFD: 08/07/2011 - 13:03:50 - [3,997] ----D C:\Program Files\DVD Maker
O43 - CFD: 07/04/2011 - 15:55:52 - [15,729] ----D C:\Program Files\Elantech
O43 - CFD: 08/03/2012 - 22:54:10 - [0] ----D C:\Program Files\Google
O43 - CFD: 11/01/2013 - 16:29:49 - [85,942] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 15/11/2010 - 07:58:40 - [4,797] ----D C:\Program Files\Intel
O43 - CFD: 14/12/2012 - 11:00:03 - [5,570] ----D C:\Program Files\Internet Explorer
O43 - CFD: 15/11/2010 - 08:01:10 - [3,861] ----D C:\Program Files\Marvell
O43 - CFD: 08/04/2011 - 17:16:12 - [0] ----D C:\Program Files\Microsoft
O43 - CFD: 14/07/2009 - 05:52:30 - [44,813] ----D C:\Program Files\Microsoft Games
O43 - CFD: 13/05/2012 - 13:01:23 - [36,641] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 10/04/2011 - 13:05:52 - [0,015] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 21/01/2013 - 20:14:40 - [44,639] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 22/01/2013 - 12:43:27 - [0,212] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 05:52:30 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 08/04/2011 - 13:06:09 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 12/11/2012 - 17:32:07 - [94,794] ----D C:\Program Files\PokerStars.FR
O43 - CFD: 15/11/2010 - 07:59:45 - [14,710] ----D C:\Program Files\Realtek
O43 - CFD: 15/11/2010 - 08:05:27 - [5,694] ----D C:\Program Files\REALTEK PCIE Wireless LAN Software
O43 - CFD: 14/07/2009 - 05:52:30 - [37,357] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 19/06/2012 - 18:22:51 - [966,099] ----D C:\Program Files\Samsung
O43 - CFD: 07/04/2011 - 15:57:04 - [8,025] ----D C:\Program Files\Samsung AnyWeb Print
O43 - CFD: 13/09/2012 - 17:58:01 - [47,885] ----D C:\Program Files\SFR
O43 - CFD: 15/11/2010 - 08:01:00 - [1,822] ----D C:\Program Files\SRS Labs
O43 - CFD: 15/11/2010 - 08:00:32 - [0] --H-D C:\Program Files\Temp
O43 - CFD: 14/07/2009 - 05:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 08/07/2011 - 13:03:47 - [2,909] ----D C:\Program Files\Windows Defender
O43 - CFD: 08/04/2011 - 19:10:25 - [54,902] ----D C:\Program Files\Windows Live
O43 - CFD: 08/07/2011 - 13:03:50 - [5,895] ----D C:\Program Files\Windows Mail
O43 - CFD: 08/07/2011 - 13:03:50 - [6,298] ----D C:\Program Files\Windows Media Player
O43 - CFD: 14/07/2009 - 05:52:30 - [11,632] ----D C:\Program Files\Windows NT
O43 - CFD: 08/07/2011 - 13:03:50 - [4,213] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 08/07/2011 - 13:03:50 - [0,181] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 08/07/2011 - 13:03:50 - [5,717] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 11/04/2011 - 10:07:43 - [3,707] ----D C:\Program Files\WinRAR
O43 - CFD: 13/09/2012 - 18:23:00 - [6,839] ----D C:\Program Files\YourFileDownloader
O43 - CFD: 22/01/2013 - 22:58:35 - [11,394] ----D C:\Program Files\ZHPDiag
O43 - CFD: 07/04/2011 - 15:59:57 - [4,387] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 15/11/2010 - 07:56:44 - [3,581] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 21/06/2011 - 13:33:15 - [14,047] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 07/04/2011 - 16:00:39 - [0,338] ----D C:\Program Files\Common Files\Oberon Media
O43 - CFD: 15/11/2010 - 08:17:46 - [4,403] ----D C:\Program Files\Common Files\Samsung
O43 - CFD: 14/07/2009 - 03:37:05 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 03:37:05 - [39,200] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 12/11/2011 - 03:26:27 - [9,767] ----D C:\Program Files\Common Files\System
O43 - CFD: 15/11/2010 - 07:25:01 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 07/04/2011 - 16:00:13 - [0,001] ----D C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 05:53:55 - [0] ----D C:\ProgramData\Application Data
O43 - CFD: 11/01/2013 - 16:30:37 - [0,016] ----D C:\ProgramData\Atheros
O43 - CFD: 14/07/2009 - 05:53:55 - [0] ----D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 05:53:55 - [0] ----D C:\ProgramData\Documents
O43 - CFD: 14/07/2009 - 05:53:55 - [0] ----D C:\ProgramData\Favorites
O43 - CFD: 08/04/2011 - 17:47:09 - [220,723] -S--D C:\ProgramData\Microsoft
O43 - CFD: 02/06/2012 - 23:48:59 - [0,028] ----D C:\ProgramData\Mozilla
O43 - CFD: 08/04/2011 - 17:29:17 - [0,013] ----D C:\ProgramData\Norton
O43 - CFD: 15/11/2010 - 08:19:32 - [20,667] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 15/11/2010 - 09:10:57 - [0,519] ----D C:\ProgramData\SAMSUNG
O43 - CFD: 04/09/2012 - 17:07:30 - [0] ----D C:\ProgramData\SFR
O43 - CFD: 07/04/2011 - 15:59:22 - [18,978] ----D C:\ProgramData\Skype
O43 - CFD: 11/01/2013 - 13:52:23 - [0] ----D C:\ProgramData\SpeedMaxPc
O43 - CFD: 14/07/2009 - 05:53:55 - [0] ----D C:\ProgramData\Start Menu
O43 - CFD: 09/09/2012 - 10:49:20 - [0] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 05:53:55 - [0] ----D C:\ProgramData\Templates
O43 - CFD: 07/04/2011 - 16:45:19 - [19,635] ----D C:\ProgramData\WinClon
O43 - CFD: 13/04/2011 - 20:43:16 - [4,128] ----D C:\Users\Cedric\AppData\Roaming\Adobe
O43 - CFD: 21/07/2011 - 20:40:05 - [0,392] ----D C:\Users\Cedric\AppData\Roaming\Auslogics
O43 - CFD: 13/09/2012 - 18:04:46 - [0,000] ----D C:\Users\Cedric\AppData\Roaming\DriverCure
O43 - CFD: 02/06/2011 - 21:18:40 - [0] ----D C:\Users\Cedric\AppData\Roaming\GetRightToGo
O43 - CFD: 07/04/2011 - 16:08:22 - [0] ----D C:\Users\Cedric\AppData\Roaming\Identities
O43 - CFD: 07/04/2011 - 15:56:00 - [0] ----D C:\Users\Cedric\AppData\Roaming\InstallShield
O43 - CFD: 07/04/2011 - 16:58:28 - [0,004] ----D C:\Users\Cedric\AppData\Roaming\Macromedia
O43 - CFD: 11/01/2013 - 16:34:33 - [2,138] -S--D C:\Users\Cedric\AppData\Roaming\Microsoft
O43 - CFD: 23/07/2011 - 11:52:25 - [24,990] ----D C:\Users\Cedric\AppData\Roaming\Mozilla
O43 - CFD: 07/04/2011 - 15:57:04 - [0,001] ----D C:\Users\Cedric\AppData\Roaming\Samsung
O43 - CFD: 13/09/2012 - 18:04:46 - [0] ----D C:\Users\Cedric\AppData\Roaming\SpeedMaxPc
O43 - CFD: 11/04/2011 - 12:02:07 - [0,000] ----D C:\Users\Cedric\AppData\Roaming\WinRAR
O43 - CFD: 13/09/2012 - 18:22:59 - [0] ----D C:\Users\Cedric\AppData\Roaming\YourFileDownloader
O43 - CFD: 13/04/2011 - 20:43:59 - [45,358] ----D C:\Users\Cedric\AppData\Local\Adobe
O43 - CFD: 07/04/2011 - 15:55:23 - [0] ----D C:\Users\Cedric\AppData\Local\Application Data
O43 - CFD: 06/01/2013 - 03:55:12 - [0] ----D C:\Users\Cedric\AppData\Local\CrashDumps
O43 - CFD: 02/01/2013 - 16:35:21 - [0,510] ----D C:\Users\Cedric\AppData\Local\Diagnostics
O43 - CFD: 25/07/2011 - 11:47:09 - [6,182] ----D C:\Users\Cedric\AppData\Local\Google
O43 - CFD: 07/04/2011 - 15:55:23 - [0] ----D C:\Users\Cedric\AppData\Local\Historique
O43 - CFD: 25/11/2012 - 22:28:43 - [0] ----D C:\Users\Cedric\AppData\Local\Macromedia
O43 - CFD: 25/11/2012 - 22:28:43 - [29,092] ----D C:\Users\Cedric\AppData\Local\Microsoft
O43 - CFD: 08/04/2011 - 19:44:09 - [0,080] ----D C:\Users\Cedric\AppData\Local\Microsoft Games
O43 - CFD: 19/06/2012 - 18:24:45 - [0] ----D C:\Users\Cedric\AppData\Local\MigWiz
O43 - CFD: 23/07/2011 - 11:52:06 - [60,482] ----D C:\Users\Cedric\AppData\Local\Mozilla
O43 - CFD: 09/09/2012 - 10:49:19 - [0] ----D C:\Users\Cedric\AppData\Local\Orange
O43 - CFD: 16/12/2012 - 12:48:10 - [1,982] ----D C:\Users\Cedric\AppData\Local\PokerStars.FR
O43 - CFD: 04/09/2012 - 17:07:47 - [6,845] ----D C:\Users\Cedric\AppData\Local\SFR
O43 - CFD: 07/04/2011 - 16:09:20 - [0,003] ----D C:\Users\Cedric\AppData\Local\SRS Labs
O43 - CFD: 22/01/2013 - 22:55:31 - [0,468] ----D C:\Users\Cedric\AppData\Local\temp
O43 - CFD: 07/04/2011 - 15:55:23 - [0] ----D C:\Users\Cedric\AppData\Local\Temporary Internet Files
O43 - CFD: 11/09/2012 - 15:16:11 - [0,132] ----D C:\Users\Cedric\AppData\Local\VirtualStore
O43 - CFD: 14/07/2009 - 05:42:04 - [0,014] R---D C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 21/07/2012 - 23:30:51 - [0,000] R---D C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 07/04/2011 - 16:07:19 - [0,005] ----D C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
O43 - CFD: 14/07/2009 - 05:37:42 - [0,001] R---D C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 21/07/2012 - 23:30:51 - [0,000] R---D C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 11/04/2011 - 10:07:43 - [0,003] ----D C:\Users\Cedric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Scan Program Folder in 00mn 14s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.68BCD8CE8E6DA42FAB7F70DFA195A6C3] - 22/01/2013 - 22:46:56 ---A- . (...) -- C:\Windows\WindowsUpdate.log [848510]
O44 - LFC:[MD5.9982DE5B241F4776F71698EB4D4FC7E9] - 22/01/2013 - 22:40:27 ---A- . (...) -- C:\Windows\setupact.log [168]
O44 - LFC:[MD5.1C36078702AEA54522672F17CA6BEAC7] - 22/01/2013 - 22:40:24 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/01/2013 - 12:43:53 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.0529EA7D27F150F84B895F8C44BE1C63] - 22/01/2013 - 12:43:51 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [259232]
O44 - LFC:[MD5.CA4705EF62ABF9F6134A17520021E43A] - 21/01/2013 - 21:42:25 ---A- . (...) -- C:\UsbFix.txt [9984]
O44 - LFC:[MD5.F05C7FB6C111BB957EAF6B55B86CE441] - 21/01/2013 - 21:42:24 ---A- . (...) -- C:\UsbFix_Upload_Me_CEDRIC-PC.zip [1117979]
O44 - LFC:[MD5.DD597D14783F7D36365A4E4188056251] - 21/01/2013 - 20:19:08 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1549700]
O44 - LFC:[MD5.91895E23B42FB51F8AE913001DF22DC6] - 21/01/2013 - 20:19:08 ---A- . (...) -- C:\Windows\System32\perfc009.dat [106388]
O44 - LFC:[MD5.870800102B0030B3ED1140494FCF3FDF] - 21/01/2013 - 20:19:08 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [130754]
O44 - LFC:[MD5.F0D618A4451328565F3C7DBE4B9912E3] - 21/01/2013 - 20:19:08 ---A- . (...) -- C:\Windows\System32\perfh009.dat [616008]
O44 - LFC:[MD5.A3AEE033ED89A9FC3885728242DCC5D3] - 21/01/2013 - 20:19:08 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [704480]
O44 - LFC:[MD5.1758839F95710A7F7F6D1D8561770593] - 21/01/2013 - 19:45:00 ----- . (...) -- C:\ComboFix.txt [7946]
O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 21/01/2013 - 19:38:45 ---A- . (...) -- C:\Windows\system.ini [215]
O44 - LFC:[MD5.753BC16326FEE4A421ACB636CCD602F4] - 21/01/2013 - 19:17:27 ---A- . (.NirSoft - NirCmd.) -- C:\Windows\NIRCMD.exe [60416]
O44 - LFC:[MD5.A46842C9B0C567A5A9584E83A163560C] - 21/01/2013 - 19:17:27 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\Windows\SWREG.exe [518144]
O44 - LFC:[MD5.0297C72529807322B152F517FDB0A9FC] - 21/01/2013 - 19:17:27 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\Windows\SWSC.exe [406528]
O44 - LFC:[MD5.7510957F96C730DFF20087A16628F8FE] - 11/01/2013 - 16:31:06 ----- . (...) -- C:\setup.log [184]
O44 - LFC:[MD5.7D0A662D7B116169854B4EC941A7822D] - 11/01/2013 - 16:29:54 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\Drivers\athr.sys [1247744]
O44 - LFC:[MD5.7D0A662D7B116169854B4EC941A7822D] - 11/01/2013 - 16:29:54 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\athr.sys [1247744]
O44 - LFC:[MD5.A067A19A91C2AA0198F9BD01A5CEF5C6] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classement GRB.) -- C:\Windows\System32\grb.rs [21504]
O44 - LFC:[MD5.4F5C56DBF076D5BBB1D22B37BF281396] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classement PEGI au Portugal.) -- C:\Windows\System32\pegi-pt.rs [20480]
O44 - LFC:[MD5.5109C45498BC709C8A7E016D5FFCCAC2] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classement PEGI.) -- C:\Windows\System32\pegi.rs [20480]
O44 - LFC:[MD5.9B7D7F4D1F79E8B7D727BE94B1630D59] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classement PEGI/BBFC.) -- C:\Windows\System32\pegibbfc.rs [44544]
O44 - LFC:[MD5.9EDCFA23CC081E38C86CA309D0F7E3DC] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classement USK.) -- C:\Windows\System32\usk.rs [30720]
O44 - LFC:[MD5.41CE7975CAD7BCF92538D2C452239523] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classification COB-AU.) -- C:\Windows\System32\cob-au.rs [40960]
O44 - LFC:[MD5.27828AAA24AA46F11036954ADE355C1C] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classification DJCTQ.) -- C:\Windows\System32\djctq.rs [15360]
O44 - LFC:[MD5.A704E750245D5D4EE4A23E99A00F27D5] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classification FPB.) -- C:\Windows\System32\fpb.rs [46592]
O44 - LFC:[MD5.ED59143843560B5EDB543C2A48CB9E4B] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de classification OFLC-NZ.) -- C:\Windows\System32\oflc-nz.rs [45568]
O44 - LFC:[MD5.6EC618588447B82EA8D88719EE46F725] - 10/01/2013 - 12:30:50 ---A- . (.Microsoft - Système de notation CSRR.) -- C:\Windows\System32\csrr.rs [43520]
O44 - LFC:[MD5.DDD1C4AB9A9DAE6D4092C4C95E714650] - 10/01/2013 - 12:30:49 ---A- . (.Microsoft - Système de classement ESRB.) -- C:\Windows\System32\esrb.rs [51712]
O44 - LFC:[MD5.7752619457598CF057C4CC02A0867029] - 10/01/2013 - 12:30:48 ---A- . (.Microsoft - Système de classement CERO.) -- C:\Windows\System32\cero.rs [55296]
O44 - LFC:[MD5.CBC69A055EF410CBD65593E4808B6DB4] - 10/01/2013 - 12:30:48 ---A- . (.Microsoft - Système de classement OFLC.) -- C:\Windows\System32\oflc.rs [23552]
O44 - LFC:[MD5.72035C97983745E742D71E9A8EF70BBB] - 10/01/2013 - 12:30:48 ---A- . (.Microsoft - Système de classement PEGI en Finlande.) -- C:\Windows\System32\pegi-fi.rs [20480]
O44 - LFC:[MD5.40B6E9A9D0F022160B9C5F6B32079BCF] - 09/01/2013 - 18:32:33 ---A- . (...) -- C:\Windows\System32\MRT.INI [118]
O44 - LFC:[MD5.1153AC6E133AA849853DFD407B086B80] - 30/11/2012 - 00:17:39 ---A- . (...) -- C:\Windows\System32\locale.nls [420064]
O44 - LFC:[MD5.F042EE4C8D66248D9B86DCF52ABAE416] - 26/06/2011 - 07:45:56 ---A- . (...) -- C:\Windows\PEV.exe [256000]
O44 - LFC:[MD5.0277C027A26428DB64EF4F64F52BB4FD] - 07/11/2010 - 18:20:24 ---A- . (...) -- C:\Windows\MBR.exe [208896]
O44 - LFC:[MD5.F27B9878F13C8643AF0AEC62F85FB5B9] - 16/10/2010 - 11:20:00 ---A- . (...) -- C:\Windows\System32\athrext.cat [58276]
O44 - LFC:[MD5.F57F197C5424B9E87BC669EE1E53200E] - 11/10/2010 - 15:51:28 ---A- . (...) -- C:\Windows\System32\netathr.inf [354972]
O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 31/08/2000 - 01:00:00 ---A- . (...) -- C:\Windows\grep.exe [80412]
O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 31/08/2000 - 01:00:00 ---A- . (...) -- C:\Windows\sed.exe [98816]
O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 31/08/2000 - 01:00:00 ---A- . (...) -- C:\Windows\zip.exe [68096]
~ Scan Files in 00mn 14s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ Scan Keys in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s
---\\ MountPoints2 Shell Key (O51) (None)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\ETDCtrl [Key] . (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O53 - SMSR:HKLM\...\startupreg\Gestionnaire de connexion 3G+ SFR [Key] . (.SFR - Gestionnaire de connexion.) -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR_Gestionnaire_connexion.exe
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
~ Scan SMSR Keys in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Scan Drivers in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 1.34 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 28/05/2009 - C:\windows\system32\Drivers\SABI.sys (SABI) .(.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - LEGACY_SABI
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Scan Services in 00mn 01s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporati
bonjour si c'est bien cela mais pas comme cela il faut lire les procédure jusqu'au bout avant de faire les choses demander comme cela tu aurais vue que j'avais mis
Pour me le transmettre clique sur ce lien :
https://www.cjoint.com/
Clique sur Parcourir et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\bureau\.ZHPDiag.txt
ou directement en choisissant bureau et ZHPDiag.txt clique dessus
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://cjoint.com/data/0KAoeRbq7Szgg.htm
est ajouté dans la page.
Copie ce lien dans ta réponse.
et si problème passe par celui ci : http://pjjoint.malekal.com/
Pour me le transmettre clique sur ce lien :
https://www.cjoint.com/
Clique sur Parcourir et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\bureau\.ZHPDiag.txt
ou directement en choisissant bureau et ZHPDiag.txt clique dessus
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://cjoint.com/data/0KAoeRbq7Szgg.htm
est ajouté dans la page.
Copie ce lien dans ta réponse.
et si problème passe par celui ci : http://pjjoint.malekal.com/
