Virus fichier x system32
Fermé
alpha761
Messages postés
17
Date d'inscription
dimanche 25 mai 2008
Statut
Membre
Dernière intervention
26 février 2015
-
2 févr. 2015 à 16:30
alpha761 Messages postés 17 Date d'inscription dimanche 25 mai 2008 Statut Membre Dernière intervention 26 février 2015 - 6 févr. 2015 à 11:15
alpha761 Messages postés 17 Date d'inscription dimanche 25 mai 2008 Statut Membre Dernière intervention 26 février 2015 - 6 févr. 2015 à 11:15
A voir également:
- Virus fichier x system32
- Fichier rar - Guide
- Fichier host - Guide
- Comment ouvrir un fichier epub ? - Guide
- Comment réduire la taille d'un fichier - Guide
- Ouvrir fichier .bin - Guide
25 réponses
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
2 févr. 2015 à 16:33
2 févr. 2015 à 16:33
Hello
Tu as la détection exacte d'avast (le nom du fichier)?
Tu as la détection exacte d'avast (le nom du fichier)?
alpha761
Messages postés
17
Date d'inscription
dimanche 25 mai 2008
Statut
Membre
Dernière intervention
26 février 2015
3 févr. 2015 à 16:28
3 févr. 2015 à 16:28
oui normalement c'est
c:/windows/system32/x
c:/windows/system32/x
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
3 févr. 2015 à 17:55
3 févr. 2015 à 17:55
* Désactives avast via la boule orange clic droit>gestion des agents>désactiver pour dix minutes
* Télécharge ZHPDiag (de Nicolas Coolman)
https://nicolascoolman.eu ou https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
* Au cas où le premier lien ne marcherai pas, clique sur celui de dessous
ftp://zebulon.fr/ZHPDiag2.exe
* Double clic si tu es sous windows xp(sinon clic droit afin de l'exécuter en tant qu'admin à partir de Vista)
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Surtout, n'oublie pas d'installer son icône sur le bureau l'icône est en forme de parchemin
https://www.cjoint.com/13sp/CIvuQfap3YY_zhpdiag.png
* A l'ouverture du logiciel il te sera proposé 3 options "rechercher", "configurer" et complet
* Cliques sur "complet"
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Pour héberger le rapport, rends toi sur cjoint.com
* Clique sur choisissez un fichier va chercher le rapport dans ton PC.
* Le rapport est hébergé:
- Pour XP : C:\Documents and Settings\username\Local Settings\Application Data\ZHP
- Depuis Vista : C:\Users\username\AppData\Roaming\ZHP
* Une fois le rapport trouvé, sélectionne le, et clique sur Ouvrir
* Choisis le type de diffusion (illimitée ou 21 jours)
* Puis cliques sur créer le lien cjoint
* Une fois que tu auras obtenu le lien copies colle dans ta prochaine réponse
* Pour t'aider https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
* Télécharge ZHPDiag (de Nicolas Coolman)
https://nicolascoolman.eu ou https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
* Au cas où le premier lien ne marcherai pas, clique sur celui de dessous
ftp://zebulon.fr/ZHPDiag2.exe
* Double clic si tu es sous windows xp(sinon clic droit afin de l'exécuter en tant qu'admin à partir de Vista)
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Surtout, n'oublie pas d'installer son icône sur le bureau l'icône est en forme de parchemin
https://www.cjoint.com/13sp/CIvuQfap3YY_zhpdiag.png
* A l'ouverture du logiciel il te sera proposé 3 options "rechercher", "configurer" et complet
* Cliques sur "complet"
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Pour héberger le rapport, rends toi sur cjoint.com
* Clique sur choisissez un fichier va chercher le rapport dans ton PC.
* Le rapport est hébergé:
- Pour XP : C:\Documents and Settings\username\Local Settings\Application Data\ZHP
- Depuis Vista : C:\Users\username\AppData\Roaming\ZHP
* Une fois le rapport trouvé, sélectionne le, et clique sur Ouvrir
* Choisis le type de diffusion (illimitée ou 21 jours)
* Puis cliques sur créer le lien cjoint
* Une fois que tu auras obtenu le lien copies colle dans ta prochaine réponse
* Pour t'aider https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
alpha761
Messages postés
17
Date d'inscription
dimanche 25 mai 2008
Statut
Membre
Dernière intervention
26 février 2015
5 févr. 2015 à 10:32
5 févr. 2015 à 10:32
bonjours lilidurhone ;
voici le rapport:
~ Report of ZHPDiag v2015.2.2.15 - Nicolas Coolman (02/02/2015)
~ Launched by NetS (05/02/2015 10:22:20)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Web forum address : https://nicolascoolman.eu
~ Translated by
~ Version State : Updated version.
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control : Not Found
---\\ Internet browsers
MSIE: Internet Explorer v6.0.2900.5512
MFIE: Mozilla Firefox 35.0.1 (Defaut)
GCIE: Google Chrome v40.0.2214.94
---\\ Windows product information
~ Langage: Anglais
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
---\\ System protection software
Avast Free Antivirus v10.0.2208
---\\ System optimization software
CCleaner
---\\ Sharing software PeerToPeer
---\\ Surveillance software
Adobe Flash Player 16 NPAPI
Adobe Reader 9.3.3 - Français
Java 7 Update 71
---\\ Information on the system
~ Processor: x86 Family 15 Model 6 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1982 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 38 GB (55%) free of 68 GB
---\\ Connection to the system mode
~ Computer Name: SERVEUR
~ User Name: NetS
~ All Users Names: SUPPORT_388945a0, NetS, HelpAssistant, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\NetS\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\NetS\Application Data\
~ %Desktop% : C:\Documents and Settings\NetS\Bureau\
~ %Favorites% : C:\Documents and Settings\NetS\Favoris\
~ %LocalAppData% : C:\Documents and Settings\NetS\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\NetS\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumeration of the disk units
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 38 Go of 68 Go)
D: Hard drive, Flash drive, Thumb drive (Free 23 Go of 68 Go)
E: Hard drive, Flash drive, Thumb drive (Free 0 Go of 98 Go)
F: Hard drive, Flash drive, Thumb drive (Free 43 Go of 98 Go)
G: Hard drive, Flash drive, Thumb drive (Free 5 Go of 134 Go)
H: CD-ROM drive (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)
L: Floppy drive, Flash card reader, USB Key (Not Inserted)
M: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 37 Scanned in 00mn 00s
---\\ Search Generic System Files
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.26/11/2014 - 11:04:32.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.4A6E04EA20F48D750D9BFED8600D516B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/04/2008 - 17:33:50.) -- C:\WINDOWS\system32\wininet.dll [670208]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 17:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.322D0E36693D6E24A2398BEE62A268CD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/04/2008 - 10:19:24.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138112]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 10:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 09:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 16:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 07:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 17:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 09:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 09:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 10:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.68755F0FF16070178B54674FE5B847B0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/04/2008 - 10:17:02.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456576]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 10:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 10:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 17:47:24.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 10:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 18:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 16:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/11
~ Mes musiques (My Musics) : 1/28
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/56
~ Mon Bureau (My Desktop) : 1/8863
~ Menu demarrer (Programs) : 1/57
~ Hidden Files: Scanned in 00mn 08s
---\\ Process running
[MD5.E3F7EC811923F3F1A77B185F22638E5E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1560]
[MD5.14D6542607ACD4B2D1DDB1A36E0D8813] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [271744] [PID.168]
[MD5.F5A2923259EFA96FD62074DACA0625BB] - (.S3 Graphics, Inc. - No Comment.) -- C:\WINDOWS\system32\VTTimer.exe [53248] [PID.392]
[MD5.E02C1E225E8B86880AF3E09D418DF664] - (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\WINDOWS\system32\S3trayp.exe [176128] [PID.476]
[MD5.44ADDA5FB88EE14F57A246285775AC2F] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112] [PID.496]
[MD5.C584F7A0E5CE67B70CB6893ED63BF7B0] - (.CANON INC. - Canon Advanced Printing Technology RPC Serv.) -- C:\WINDOWS\system32\CNAB4RPK.exe [63112] [PID.620]
[MD5.C493E204784A3076D1E33764C7CAFAC6] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [157480] [PID.1068]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.1384]
[MD5.7E67B4EC2654AA1716B96C51B9AE862D] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe [939520] [PID.1552]
[MD5.D2B87FC03BE28CD0B33C2B5C1119FD8E] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744] [PID.1644]
[MD5.3F3A26E471CCCB3CFFCA68F0C052F35F] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.exe [249440] [PID.1624]
[MD5.7D6E1809C844B1D2AA02B6DCF1950084] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [31087200] [PID.1412]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1828]
[MD5.DBDB1A25291B2D18C614F5CA963156A8] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696] [PID.124]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.exe [322120] [PID.472]
[MD5.F56197D5CBDCC6A87C242DC8B8EEEE34] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [256536] [PID.240]
[MD5.39D4F18B4D1B2C72097E74D45D36202C] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [540968] [PID.2056]
[MD5.52B3F695EDC908F3575A6834311E2968] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IEMonitor.exe [251312] [PID.3332]
[MD5.A53CC4C0FA7DA7CDC8DDDF4A0E6123F9] - (.Microsoft Corporation - Microsoft Excel.) -- C:\Program Files\Microsoft Office\Office14\EXCEL.exe [20753760] [PID.3760]
[MD5.265B49EF94A5AA713192EE97A7D248B5] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [338032] [PID.4036]
[MD5.5E85E14E91DC7EC217119178210F130B] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe [530816] [PID.2316]
[MD5.BE52EDAADE29AC59681B6CD60E257C92] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8158720] [PID.228]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Documents and Settings\NetS\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
---\\ Google Chrome Extension Folder
~ Google Lines Browser: 0 Scanned in 00mn 06s
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\NetS\Application Data\Mozilla\Firefox\Profiles\ywnrml2h.default\prefs.js
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\amazondotcom.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\answers.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\creativecommons.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay.xml =>Toolbar.eBay
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml
M0 - MFSP: prefs.js [NetS - ywnrml2h.default] https://www.google.com/?gws_rd=ssl
P2 - FPN:Firefox Plugin Navigator . (.Foxit Software Company - Foxit Reader Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\npFoxitReaderPlugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.3.3".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.71.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.71.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.71.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2105] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Ringz Studio\Storm Codec\Plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1212] - (.RealNetworks, Inc. - 6.0.12.1212.) -- C:\Program Files\Ringz Studio\Storm Codec\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.2] - (.VideoLAN - VLC media player Web Plugin 2.1.0.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
~ Firefox Browser: 29 Scanned in 00mn 00s
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.VideoLAN - VLC media player Web Plugin 2.1.0.) (No version) -- (.not file.) =>.VideoLAN
~ IE Browser: 9 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects (O2)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Tonec Inc. - IDM BHO Module.) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMIECC.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphan key
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
~ BHO: 26 Scanned in 00mn 01s
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - [HKLM]{21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Orphan key
~ Toolbar: Scanned in 00mn 00s
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [StormCodec_Helper] . (...) -- C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [NWEReboot] Orphan key
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [VTTimer] . (.S3 Graphics, Inc. - No Comment.) -- C:\WINDOWS\system32\VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] . (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\WINDOWS\system32\S3trayp.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\Ringz Studio\Storm Codec\QTTask.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Orphan key
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Orphan key
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Winsock: 4 Scanned in 00mn 00s
---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1422709590281
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{48B7C3D8-5FD9-44CF-AF9F-0293DE47FBD2}: NameServer = 192.168.1.1,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{832E9D2D-37C6-4979-B2B1-1F65F8723A3C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{48B7C3D8-5FD9-44CF-AF9F-0293DE47FBD2}: NameServer = 192.168.1.1,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{832E9D2D-37C6-4979-B2B1-1F65F8723A3C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{48B7C3D8-5FD9-44CF-AF9F-0293DE47FBD2}: NameServer = 192.168.1.1,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{832E9D2D-37C6-4979-B2B1-1F65F8723A3C}: NameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Extra protocols (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
~ SSODL: 4 Scanned in 00mn 00s
---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 6 Scanned in 00mn 08s
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Word.) - C:\Program Files\Microsoft Office\Office14\WINWORD.exe
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Task Planned Automatically (039)
[MD5.4BB7714617D50D77FCDA6B0182FD8A9A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [857888]
[MD5.A2A9C100FE1BE20A76C0B80D4CA44103] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\WINDOWS\Tasks\avast! Emergency Update.job [364]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: AppleSoftwareUpdate - (.Apple Inc..) -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [284]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1052]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1056]
~ Scheduled Task: 13 Scanned in 00mn 00s
---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_01\bin\regutils.dll
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp.inf =>.Microsoft Corporation
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'installation individualisée de Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\WINDOWS\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\40.0.2214.94\Installer\chrmstp.exe
O40 - ASIC: Shockwave Flash Object - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 16.0 r0.) -- C:\WINDOWS\system32\Macromed\Flash\Flash32_16_0_0_296.ocx
O40 - ASIC: Installed Component - S-1-5-21-448539723-1532298954-1606980848-1003 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID
~ Active Setup: 19 Scanned in 00mn 00s
---\\ Drivers launched at startup (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! TDI Redirect Driver.) - C:\WINDOWS\system32\drivers\aswRdr.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\WINDOWS\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\WINDOWS\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\WINDOWS\system32\drivers\aswTdi.sys
O41 - Driver: (BIOS) . (.BIOSTAR Group - I/O Interface driver file.) - C:\WINDOWS\system32\drivers\BIOS.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (InCDPass) . (. - .) - C:\WINDOWS\system32\drivers\InCDPass.sys (.not file.)
O41 - Driver: (InCDRm) . (. - .) - C:\WINDOWS\system32\drivers\InCDRm.sys (.not file.)
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Drivers: 81 Scanned in 00mn 00s
---\\ Software installed (O42)
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 16 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader 9.3.3 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A93000000001}
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM] -- {2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {28ED482A-56DB-47D9-8D9E-990FA8CD7D3D}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM] -- Avast
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon LBP2900 - (...) [HKLM] -- Canon LBP2900
O42 - Logiciel: CopyTrans Control Center Uninstall Only - (.WindSolutions.) [HKCU] -- CopyTrans Suite
O42 - Logiciel: Creative Painter - (...) [HKLM] -- CreativePainter
O42 - Logiciel: Désinstaller l'imprimante EPSON SX130 Series - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX130 Series
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EasyCafe Server 2.2 (Firewall Edition) - (.TinaSoft Software & Internet Solutions.) [HKLM] -- EasyCafe Server 2.2 (Firewall Edition)
O42 - Logiciel: Express English - (.ONH1986.) [HKLM] -- InstallShield_{C09FAAA5-2FE4-4F79-9957-F06D7F0BD1F8}
O42 - Logiciel: FormatFactory 3.00 - (.Free Time.) [HKLM] -- FormatFactory
O42 - Logiciel: Foxit Reader - (.Foxit Software Company.) [HKLM] -- Foxit Reader
O42 - Logiciel: Free Earth ScreenSaver 1.0 - (...) [HKLM] -- Free Earth ScreenSaver_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (...) [HKLM] -- HDMI
O42 - Logiciel: Java 7 Update 71 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F03217071FF}
O42 - Logiciel: Java(TM) SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 6.0 Parser - (.Microsoft Corporation.) [HKLM] -- {AEB9948B-4FF2-47C9-990E-47014492A0FE}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Mozilla Firefox 35.0.1 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 35.0.1 (x86 en-US)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Nero 7 - (.Nero AG.) [HKLM] -- {13E7F4A4-33A0-16B0-6486-FAA38C2A7067}
O42 - Logiciel: Nero 7 Premium - (.Nero AG.) [HKLM] -- {4781569D-5404-1F26-4B2B-6DF444441031}
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM] -- {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}
O42 - Logiciel: Realtek AC'97 Audio - (...) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Secret Maryo Chronicles - (.Florian Richter.) [HKLM] -- secretmaryo
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Skype(TM) 7.1 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Storm Codec - (.lain.) [HKLM] -- Storm Codec 5
O42 - Logiciel: USB Disk Security 5.1.0.15 - (.zbshareware, Inc..) [HKLM] -- USB Disk Security_is1
O42 - Logiciel: VIA Chrome9 HC IGP Family Display - (...) [HKLM] -- VIA Chrome9 HC IGP Family Display
O42 - Logiciel: VLC media player 2.1.2 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: WinRAR archiver - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {B8032A6B-C4D0-4744-B75F-9DDCB56B5C6F}
O42 - Logiciel: pdfsam - (...) [HKCU] -- pdfsam
~ Logic: 48 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN PIP]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BoaSoftware]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DScaler5]
[HKCU\Software\DownloadManager]
[HKCU\Software\EPSON]
[HKCU\Software\ESET]
[HKCU\Software\Foxit Software]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\GSpot Appliance Corp]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\IM Providers]
[HKCU\Software\Install]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Ligos]
[HKCU\Software\Macromedia]
[HKCU\Software\MediaChance]
[HKCU\Software\Moko Systems]
[HKCU\Software\Moonlight Cordless]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PIP]
[HKCU\Software\Pictures Software Inc]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Skype]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\drpsu]
[HKCU\Software\yahoo]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\AskBarDis]
[HKLM\Software\Borland]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\Creative Tech]
[HKLM\Software\Digital River]
[HKLM\Software\EPSON]
[HKLM\Software\ESET]
[HKLM\Software\Foxit Software]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Gabest]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\Internet Download Manager]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\MokoSystems]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\ONH1986]
[HKLM\Software\On2 Technologies]
[HKLM\Software\PIP]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\Storm Codec]
[HKLM\Software\The Silicon Realms Toolworks]
[HKLM\Software\TinaSoft]
[HKLM\Software\Uniblue]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\ahead]
[HKLM\Software\jumpshot.com]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
[HKLM\Software\zbshareware]
~ Key Software: 206 Scanned in 00mn 00s
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 17/09/2009 - 11:04:12 - [] ----D C:\Program Files\Fichiers communs
O43 - CFD: 17/09/2009 - 11:26:42 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 17/09/2009 - 11:26:44 - [] ----D C:\Program Files\MSN
O43 - CFD: 17/09/2009 - 11:27:10 - [] ----D C:\Program Files\MSN Gaming Zone
O43 - CFD: 17/09/2009 - 11:27:12 - [] ----D C:\Program Files\Messenger
O43 - CFD: 17/09/2009 - 11:27:18 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 17/09/2009 - 11:27:18 - [] ----D C:\Program Files\Online Services
O43 - CFD: 17/09/2009 - 11:27:28 - [0] ----D C:\Program Files\ComPlus Applications
O43 - CFD: 17/09/2009 - 11:28:08 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 17/09/2009 - 11:28:14 - [] ----D C:\Program Files\Outlook Express =>.Microsoft Corporation
O43 - CFD: 17/09/2009 - 11:28:16 - [] ----D C:\Program Files\NetMeeting
O43 - CFD: 17/09/2009 - 11:28:36 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 17/09/2009 - 11:29:16 - [] ----D C:\Program Files\Services en ligne
O43 - CFD: 17/09/2009 - 11:29:18 - [0] --H-D C:\Program Files\WindowsUpdate
O43 - CFD: 17/09/2009 - 11:30:48 - [] ----D C:\Program Files\microsoft frontpage
O43 - CFD: 17/09/2009 - 11:30:50 - [] ----D C:\Program Files\xerox
O43 - CFD: 17/09/2009 - 13:11:32 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 17/09/2009 - 14:07:46 - [] ----D C:\Program Files\VIA
O43 - CFD: 17/09/2009 - 14:08:32 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 17/09/2009 - 14:09:48 - [0] ----D C:\Program Files\S3
O43 - CFD: 17/09/2009 - 14:17:40 - [] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 17/09/2009 - 14:20:56 - [0] ----D C:\Program Files\Reganam
O43 - CFD: 17/09/2009 - 14:20:56 - [0] ----D C:\Program Files\Conduit
O43 - CFD: 17/09/2009 - 14:23:46 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 17/09/2009 - 13:24:16 - [] ----D C:\Program Files\Ringz Studio
O43 - CFD: 17/09/2009 - 13:26:24 - [] ----D C:\Program Files\Java
O43 - CFD: 17/09/2009 - 13:27:42 - [] ----D C:\Program Files\Google
O43 - CFD: 17/09/2009 - 13:32:02 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 17/09/2009 - 13:49:16 - [0] ----D C:\Program Files\GRETECH
O43 - CFD: 17/09/2009 - 13:49:54 - [] ----D C:\Program Files\Ela-Salaty
O43 - CFD: 17/09/2009 - 13:51:08 - [] ----D C:\Program Files\Free Earth ScreenSaver
O43 - CFD: 17/09/2009 - 13:57:40 - [] ----D C:\Program Files\CreativePainter
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Program Files\Adobe
O43 - CFD: 17/09/2009 - 14:02:30 - [] ----D C:\Program Files\Secret Maryo Chronicles
O43 - CFD: 17/09/2009 - 14:03:24 - [] ----D C:\Program Files\ONH1986
O43 - CFD: 17/09/2009 - 14:23:52 - [] ----D C:\Program Files\Nero
O43 - CFD: 28/10/2009 - 17:04:32 - [] ----D C:\Program Files\Intel
O43 - CFD: 28/10/2009 - 10:24:30 - [] ----D C:\Program Files\Windows Live
O43 - CFD: 28/10/2009 - 10:24:48 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 28/10/2009 - 10:25:18 - [] ----D C:\Program Files\Opera
O43 - CFD: 28/10/2009 - 10:25:54 - [] ----D C:\Program Files\Foxit Software
O43 - CFD: 28/10/2009 - 10:26:16 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 28/10/2009 - 10:27:08 - [] ----D C:\Program Files\Adobe Flash Player
O43 - CFD: 08/04/2010 - 20:39:04 - [] ----D C:\Program Files\USB Disk Security
O43 - CFD: 08/04/2010 - 21:17:40 - [] ----D C:\Program Files\Windows Live SkyDrive
O43 - CFD: 08/04/2010 - 21:18:28 - [] ----D C:\Program Files\Microsoft
O43 - CFD: 08/04/2010 - 21:22:00 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 08/04/2010 - 21:26:50 - [] ----D C:\Program Files\Microsoft Sync Framework
O43 - CFD: 08/04/2010 - 21:29:58 - [] ----D C:\Program Files\Microsoft Office Outlook Connector =>.Microsoft Corporation
O43 - CFD: 16/08/2013 - 10:18:52 - [] ----D C:\Program Files\Borland
O43 - CFD: 16/08/2013 - 10:48:20 - [] ----D C:\Program Files\TinaSoft
O43 - CFD: 26/11/2014 - 10:39:56 - [] ----D C:\Program Files\Canon
O43 - CFD: 26/11/2014 - 10:58:02 - [] ----D C:\Program Files\AVAST Software
O43 - CFD: 26/11/2014 - 10:59:50 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 26/11/2014 - 11:00:12 - [] ----D C:\Program Files\Microsoft Analysis Services
O43 - CFD: 26/11/2014 - 11:01:04 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 26/11/2014 - 11:02:44 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 26/11/2014 - 11:03:32 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 26/11/2014 - 18:37:34 - [] ----D C:\Program Files\pdfsam
O43 - CFD: 31/01/2015 - 14:03:20 - [] ----D C:\Program Files\epson
O43 - CFD: 31/01/2015 - 14:55:50 - [] ----D C:\Program Files\Bonjour
O43 - CFD: 31/01/2015 - 14:56:12 - [] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 31/01/2015 - 15:15:30 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 31/01/2015 - 22:54:48 - [] R---D C:\Program Files\Skype
O43 - CFD: 03/02/2015 - 22:36:00 - [] ----D C:\Program Files\FreeTime
O43 - CFD: 04/02/2015 - 09:52:10 - [] ----D C:\Program Files\iTunes
O43 - CFD: 04/02/2015 - 09:52:14 - [] ----D C:\Program Files\iPod
O43 - CFD: 05/02/2015 - 10:21:34 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 17/09/2009 - 11:04:12 - [] ----D C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 17/09/2009 - 11:04:12 - [] ----D C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 17/09/2009 - 11:04:16 - [] ----D C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 17/09/2009 - 11:28:10 - [] ----D C:\Program Files\Fichiers communs\System
O43 - CFD: 17/09/2009 - 11:28:46 - [] ----D C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 17/09/2009 - 11:28:50 - [] ----D C:\Program Files\Fichiers communs\Services
O43 - CFD: 17/09/2009 - 14:07:08 - [] ----D C:\Program Files\Fichiers communs\InstallShield
O43 - CFD: 17/09/2009 - 13:24:18 - [] ----D C:\Program Files\Fichiers communs\Real
O43 - CFD: 17/09/2009 - 13:26:22 - [] ----D C:\Program Files\Fichiers communs\Java
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 17/09/2009 - 14:23:52 - [] ----D C:\Program Files\Fichiers communs\Ahead
O43 - CFD: 08/04/2010 - 21:09:40 - [] ----D C:\Program Files\Fichiers communs\Windows Live
O43 - CFD: 26/11/2014 - 11:03:02 - [] ----D C:\Program Files\Fichiers communs\DESIGNER
O43 - CFD: 31/01/2015 - 14:00:22 - [] ----D C:\Program Files\Fichiers communs\EPSON
O43 - CFD: 31/01/2015 - 14:55:28 - [] ----D C:\Program Files\Fichiers communs\Apple
O43 - CFD: 31/01/2015 - 22:54:50 - [] ----D C:\Program Files\Fichiers communs\Skype
O43 - CFD: 17/09/2009 - 11:03:32 - [] -S--D C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 17/09/2009 - 13:27:08 - [] ----D C:\Documents and Settings\All Users\Application Data\Skype
O43 - CFD: 17/09/2009 - 13:27:44 - [] ----D C:\Documents and Settings\All Users\Application Data\Google
O43 - CFD: 28/10/2009 - 10:28:04 - [] ----D C:\Documents and Settings\All Users\Application Data\Avira
O43 - CFD: 26/11/2014 - 10:57:38 - [] ----D C:\Documents and Settings\All Users\Application Data\AVAST Software
O43 - CFD: 26/11/2014 - 10:59:48 - [] ----D C:\Documents and Settings\All Users\Application Data\Microsoft Help
O43 - CFD: 26/11/2014 - 11:10:12 - [] ----D C:\Documents and Settings\All Users\Application Data\Sun
O43 - CFD: 26/11/2014 - 19:50:52 - [] ----D C:\Documents and Settings\All Users\Application Data\McAfee
O43 - CFD: 27/11/2014 - 12:11:32 - [] ----D C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 31/01/2015 - 13:58:54 - [] ----D C:\Documents and Settings\All Users\Application Data\EPSON
O43 - CFD: 31/01/2015 - 14:55:28 - [] ----D C:\Documents and Settings\All Users\Application Data\Apple
O43 - CFD: 31/01/2015 - 14:56:36 - [] ----D C:\Documents and Settings\All Users\Application Data\Apple Computer
O43 - CFD: 31/01/2015 - 15:15:30 - [] ----D C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 01/02/2015 - 10:17:16 - [] ----D C:\Documents and Settings\All Users\Application Data\WindSolutions
O43 - CFD: 04/02/2015 - 09:52:10 - [] ----D C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
O43 - CFD: 17/09/2009 - 11:03:50 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 17/09/2009 - 11:27:14 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 17/09/2009 - 11:27:24 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 17/09/2009 - 11:27:40 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux
O43 - CFD: 17/09/2009 - 14:23:48 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 17/09/2009 - 13:24:28 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Storm Codec 5
O43 - CFD: 17/09/2009 - 13:51:08 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Free Earth ScreenSaver
O43 - CFD: 17/09/2009 - 14:03:26 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ONH1986
O43 - CFD: 28/10/2009 - 10:24:30 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Live
O43 - CFD: 28/10/2009 - 10:25:54 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Foxit Reader
O43 - CFD: 28/10/2009 - 10:27:08 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Flash Player
O43 - CFD: 08/04/2010 - 20:39:06 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\USB Disk Security
O43 - CFD: 08/04/2010 - 21:30:36 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office Live Add-in
O43 - CFD: 26/11/2014 - 10:39:56 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avinstallationsprogram f?r Canon skrivare
O43 - CFD: 26/11/2014 - 11:02:32 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
O43 - CFD: 26/11/2014 - 11:03:52 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office
O43 - CFD: 26/11/2014 - 11:03:52 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SharePoint
O43 - CFD: 26/11/2014 - 11:08:00 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java
O43 - CFD: 26/11/2014 - 12:42:32 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox
O43 - CFD: 31/01/2015 - 13:59:52 - [0] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Uniblue
O43 - CFD: 31/01/2015 - 14:00:14 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\EPSON
O43 - CFD: 31/01/2015 - 17:23:48 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
O43 - CFD: 31/01/2015 - 22:54:52 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Skype
O43 - CFD: 02/02/2015 - 18:35:22 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero 7
O43 - CFD: 04/02/2015 - 09:53:08 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes
O43 - CFD: 04/02/2015 - 10:01:10 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime
O43 - CFD: 05/02/2015 - 10:21:36 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP =>.Nicolas Coolman
O43 - CFD: 17/09/2009 - 11:03:32 - [] -S--D C:\Documents and Settings\NetS\Application Data\Microsoft
O43 - CFD: 17/09/2009 - 13:11:34 - [] ----D C:\Documents and Settings\NetS\Application Data\Identities
O43 - CFD: 17/09/2009 - 14:22:18 - [] ----D C:\Documents and Settings\NetS\Application Data\DMCache
O43 - CFD: 17/09/2009 - 13:25:16 - [] ----D C:\Documents and Settings\NetS\Application Data\Sun
O43 - CFD: 17/09/2009 - 13:27:50 - [] ----D C:\Documents and Settings\NetS\Application Data\Skype
O43 - CFD: 17/09/2009 - 13:50:00 - [] ----D C:\Documents and Settings\NetS\Application Data\Google
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Documents and Settings\NetS\Application Data\InterTrust
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Documents and Settings\NetS\Application Data\Adobe
O43 - CFD: 17/09/2009 - 14:25:56 - [] ----D C:\Documents and Settings\NetS\Application Data\Ahead
O43 - CFD: 28/10/2009 - 10:25:54 - [] ----D C:\Documents and Settings\NetS\Application Data\Foxit
O43 - CFD: 28/10/2009 - 10:27:08 - [] ----D C:\Documents and Settings\NetS\Application Data\Macromedia
O43 - CFD: 26/11/2014 - 11:05:00 - [] ----D C:\Documents and Settings\NetS\Application Data\AVAST Software
O43 - CFD: 26/11/2014 - 12:42:38 - [] ----D C:\Documents and Settings\NetS\Application Data\Mozilla
O43 - CFD: 26/11/2014 - 12:42:52 - [] ----D C:\Documents and Settings\NetS\Application Data\IDM
O43 - CFD: 27/11/2014 - 11:05:08 - [] ----D C:\Documents and Settings\NetS\Application Data\Media Player Classic
O43 - CFD: 31/01/2015 - 14:57:54 - [] ----D C:\Documents and Settings\NetS\Application Data\Apple Computer
O43 - CFD: 31/01/2015 - 17:18:02 - [] ----D C:\Documents and Settings\NetS\Application Data\vlc
O43 - CFD: 01/02/2015 - 10:17:16 - [] ----D C:\Documents and Settings\NetS\Application Data\WindSolutions
O43 - CFD: 05/02/2015 - 10:21:34 - [] ----D C:\Documents and Settings\NetS\Application Data\ZHP =>.Nicolas Coolman
O43 - CFD: 17/09/2009 - 11:30:26 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft
O43 - CFD: 17/09/2009 - 14:22:26 - [0] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Conduit
O43 - CFD: 17/09/2009 - 13:27:42 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Google
O43 - CFD: 17/09/2009 - 14:28:54 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Ahead
O43 - CFD: 26/11/2014 - 11:00:02 - [0] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft Help
O43 - CFD: 26/11/2014 - 11:09:50 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Sun
O43 - CFD: 26/11/2014 - 12:42:38 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Mozilla
O43 - CFD: 26/11/2014 - 15:05:52 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Adobe
O43 - CFD: 26/11/2014 - 17:34:02 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Temp
O43 - CFD: 31/01/2015 - 14:56:16 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Apple
O43 - CFD: 31/01/2015 - 14:57:54 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Apple Computer
O43 - CFD: 31/01/2015 - 22:55:02 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Skype
O43 - CFD: 17/09/2009 - 11:29:16 - [] R---D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 17/09/2009 - 11:03:50 - [] R---D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 17/09/2009 - 14:23:48 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 17/09/2009 - 13:57:54 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Creative Painter
O43 - CFD: 17/09/2009 - 14:03:00 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Secret Maryo Chronicles
O43 - CFD: 28/10/2009 - 10:26:16 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\CCleaner
O43 - CFD: 16/08/2013 - 10:31:44 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\TinaSoft
O43 - CFD: 26/11/2014 - 18:37:34 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\PDF Split And Merge
O43 - CFD: 01/02/2015 - 10:18:12 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\CopyTrans Control Center
O43 - CFD: 03/02/2015 - 22:36:30 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\FormatFactory
~ Program Folder: 167 Scanned in 00mn 00s
---\\ Last modi
voici le rapport:
~ Report of ZHPDiag v2015.2.2.15 - Nicolas Coolman (02/02/2015)
~ Launched by NetS (05/02/2015 10:22:20)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Web forum address : https://nicolascoolman.eu
~ Translated by
~ Version State : Updated version.
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control : Not Found
---\\ Internet browsers
MSIE: Internet Explorer v6.0.2900.5512
MFIE: Mozilla Firefox 35.0.1 (Defaut)
GCIE: Google Chrome v40.0.2214.94
---\\ Windows product information
~ Langage: Anglais
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
---\\ System protection software
Avast Free Antivirus v10.0.2208
---\\ System optimization software
CCleaner
---\\ Sharing software PeerToPeer
---\\ Surveillance software
Adobe Flash Player 16 NPAPI
Adobe Reader 9.3.3 - Français
Java 7 Update 71
---\\ Information on the system
~ Processor: x86 Family 15 Model 6 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1982 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 38 GB (55%) free of 68 GB
---\\ Connection to the system mode
~ Computer Name: SERVEUR
~ User Name: NetS
~ All Users Names: SUPPORT_388945a0, NetS, HelpAssistant, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\NetS\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\NetS\Application Data\
~ %Desktop% : C:\Documents and Settings\NetS\Bureau\
~ %Favorites% : C:\Documents and Settings\NetS\Favoris\
~ %LocalAppData% : C:\Documents and Settings\NetS\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\NetS\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumeration of the disk units
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 38 Go of 68 Go)
D: Hard drive, Flash drive, Thumb drive (Free 23 Go of 68 Go)
E: Hard drive, Flash drive, Thumb drive (Free 0 Go of 98 Go)
F: Hard drive, Flash drive, Thumb drive (Free 43 Go of 98 Go)
G: Hard drive, Flash drive, Thumb drive (Free 5 Go of 134 Go)
H: CD-ROM drive (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)
L: Floppy drive, Flash card reader, USB Key (Not Inserted)
M: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 37 Scanned in 00mn 00s
---\\ Search Generic System Files
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.26/11/2014 - 11:04:32.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.4A6E04EA20F48D750D9BFED8600D516B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/04/2008 - 17:33:50.) -- C:\WINDOWS\system32\wininet.dll [670208]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 17:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.322D0E36693D6E24A2398BEE62A268CD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/04/2008 - 10:19:24.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138112]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 10:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 09:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 16:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 07:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 17:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 09:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 09:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 10:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.68755F0FF16070178B54674FE5B847B0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/04/2008 - 10:17:02.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456576]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 10:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 10:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 17:47:24.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 10:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 18:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 16:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/11
~ Mes musiques (My Musics) : 1/28
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/56
~ Mon Bureau (My Desktop) : 1/8863
~ Menu demarrer (Programs) : 1/57
~ Hidden Files: Scanned in 00mn 08s
---\\ Process running
[MD5.E3F7EC811923F3F1A77B185F22638E5E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1560]
[MD5.14D6542607ACD4B2D1DDB1A36E0D8813] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [271744] [PID.168]
[MD5.F5A2923259EFA96FD62074DACA0625BB] - (.S3 Graphics, Inc. - No Comment.) -- C:\WINDOWS\system32\VTTimer.exe [53248] [PID.392]
[MD5.E02C1E225E8B86880AF3E09D418DF664] - (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\WINDOWS\system32\S3trayp.exe [176128] [PID.476]
[MD5.44ADDA5FB88EE14F57A246285775AC2F] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112] [PID.496]
[MD5.C584F7A0E5CE67B70CB6893ED63BF7B0] - (.CANON INC. - Canon Advanced Printing Technology RPC Serv.) -- C:\WINDOWS\system32\CNAB4RPK.exe [63112] [PID.620]
[MD5.C493E204784A3076D1E33764C7CAFAC6] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [157480] [PID.1068]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.1384]
[MD5.7E67B4EC2654AA1716B96C51B9AE862D] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe [939520] [PID.1552]
[MD5.D2B87FC03BE28CD0B33C2B5C1119FD8E] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744] [PID.1644]
[MD5.3F3A26E471CCCB3CFFCA68F0C052F35F] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.exe [249440] [PID.1624]
[MD5.7D6E1809C844B1D2AA02B6DCF1950084] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [31087200] [PID.1412]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1828]
[MD5.DBDB1A25291B2D18C614F5CA963156A8] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696] [PID.124]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.exe [322120] [PID.472]
[MD5.F56197D5CBDCC6A87C242DC8B8EEEE34] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [256536] [PID.240]
[MD5.39D4F18B4D1B2C72097E74D45D36202C] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [540968] [PID.2056]
[MD5.52B3F695EDC908F3575A6834311E2968] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IEMonitor.exe [251312] [PID.3332]
[MD5.A53CC4C0FA7DA7CDC8DDDF4A0E6123F9] - (.Microsoft Corporation - Microsoft Excel.) -- C:\Program Files\Microsoft Office\Office14\EXCEL.exe [20753760] [PID.3760]
[MD5.265B49EF94A5AA713192EE97A7D248B5] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [338032] [PID.4036]
[MD5.5E85E14E91DC7EC217119178210F130B] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe [530816] [PID.2316]
[MD5.BE52EDAADE29AC59681B6CD60E257C92] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8158720] [PID.228]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Documents and Settings\NetS\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
---\\ Google Chrome Extension Folder
~ Google Lines Browser: 0 Scanned in 00mn 06s
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\NetS\Application Data\Mozilla\Firefox\Profiles\ywnrml2h.default\prefs.js
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\amazondotcom.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\answers.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\creativecommons.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay.xml =>Toolbar.eBay
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml
M0 - MFSP: prefs.js [NetS - ywnrml2h.default] https://www.google.com/?gws_rd=ssl
P2 - FPN:Firefox Plugin Navigator . (.Foxit Software Company - Foxit Reader Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\npFoxitReaderPlugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.3.3".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.71.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.71.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.71.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2105] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Ringz Studio\Storm Codec\Plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1212] - (.RealNetworks, Inc. - 6.0.12.1212.) -- C:\Program Files\Ringz Studio\Storm Codec\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.2] - (.VideoLAN - VLC media player Web Plugin 2.1.0.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
~ Firefox Browser: 29 Scanned in 00mn 00s
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.VideoLAN - VLC media player Web Plugin 2.1.0.) (No version) -- (.not file.) =>.VideoLAN
~ IE Browser: 9 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects (O2)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Tonec Inc. - IDM BHO Module.) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMIECC.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphan key
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
~ BHO: 26 Scanned in 00mn 01s
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - [HKLM]{21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Orphan key
~ Toolbar: Scanned in 00mn 00s
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [StormCodec_Helper] . (...) -- C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [NWEReboot] Orphan key
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [VTTimer] . (.S3 Graphics, Inc. - No Comment.) -- C:\WINDOWS\system32\VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] . (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\WINDOWS\system32\S3trayp.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\Ringz Studio\Storm Codec\QTTask.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Orphan key
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Orphan key
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Winsock: 4 Scanned in 00mn 00s
---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1422709590281
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{48B7C3D8-5FD9-44CF-AF9F-0293DE47FBD2}: NameServer = 192.168.1.1,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{832E9D2D-37C6-4979-B2B1-1F65F8723A3C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{48B7C3D8-5FD9-44CF-AF9F-0293DE47FBD2}: NameServer = 192.168.1.1,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{832E9D2D-37C6-4979-B2B1-1F65F8723A3C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{48B7C3D8-5FD9-44CF-AF9F-0293DE47FBD2}: NameServer = 192.168.1.1,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{832E9D2D-37C6-4979-B2B1-1F65F8723A3C}: NameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Extra protocols (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
~ SSODL: 4 Scanned in 00mn 00s
---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 6 Scanned in 00mn 08s
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Word.) - C:\Program Files\Microsoft Office\Office14\WINWORD.exe
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Task Planned Automatically (039)
[MD5.4BB7714617D50D77FCDA6B0182FD8A9A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [857888]
[MD5.A2A9C100FE1BE20A76C0B80D4CA44103] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\WINDOWS\Tasks\avast! Emergency Update.job [364]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: AppleSoftwareUpdate - (.Apple Inc..) -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [284]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1052]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1056]
~ Scheduled Task: 13 Scanned in 00mn 00s
---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_01\bin\regutils.dll
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp.inf =>.Microsoft Corporation
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'installation individualisée de Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\WINDOWS\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\40.0.2214.94\Installer\chrmstp.exe
O40 - ASIC: Shockwave Flash Object - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 16.0 r0.) -- C:\WINDOWS\system32\Macromed\Flash\Flash32_16_0_0_296.ocx
O40 - ASIC: Installed Component - S-1-5-21-448539723-1532298954-1606980848-1003 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID
~ Active Setup: 19 Scanned in 00mn 00s
---\\ Drivers launched at startup (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! TDI Redirect Driver.) - C:\WINDOWS\system32\drivers\aswRdr.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\WINDOWS\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\WINDOWS\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\WINDOWS\system32\drivers\aswTdi.sys
O41 - Driver: (BIOS) . (.BIOSTAR Group - I/O Interface driver file.) - C:\WINDOWS\system32\drivers\BIOS.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (InCDPass) . (. - .) - C:\WINDOWS\system32\drivers\InCDPass.sys (.not file.)
O41 - Driver: (InCDRm) . (. - .) - C:\WINDOWS\system32\drivers\InCDRm.sys (.not file.)
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Drivers: 81 Scanned in 00mn 00s
---\\ Software installed (O42)
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 16 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader 9.3.3 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A93000000001}
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM] -- {2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {28ED482A-56DB-47D9-8D9E-990FA8CD7D3D}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM] -- Avast
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon LBP2900 - (...) [HKLM] -- Canon LBP2900
O42 - Logiciel: CopyTrans Control Center Uninstall Only - (.WindSolutions.) [HKCU] -- CopyTrans Suite
O42 - Logiciel: Creative Painter - (...) [HKLM] -- CreativePainter
O42 - Logiciel: Désinstaller l'imprimante EPSON SX130 Series - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX130 Series
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EasyCafe Server 2.2 (Firewall Edition) - (.TinaSoft Software & Internet Solutions.) [HKLM] -- EasyCafe Server 2.2 (Firewall Edition)
O42 - Logiciel: Express English - (.ONH1986.) [HKLM] -- InstallShield_{C09FAAA5-2FE4-4F79-9957-F06D7F0BD1F8}
O42 - Logiciel: FormatFactory 3.00 - (.Free Time.) [HKLM] -- FormatFactory
O42 - Logiciel: Foxit Reader - (.Foxit Software Company.) [HKLM] -- Foxit Reader
O42 - Logiciel: Free Earth ScreenSaver 1.0 - (...) [HKLM] -- Free Earth ScreenSaver_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (...) [HKLM] -- HDMI
O42 - Logiciel: Java 7 Update 71 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F03217071FF}
O42 - Logiciel: Java(TM) SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 6.0 Parser - (.Microsoft Corporation.) [HKLM] -- {AEB9948B-4FF2-47C9-990E-47014492A0FE}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Mozilla Firefox 35.0.1 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 35.0.1 (x86 en-US)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Nero 7 - (.Nero AG.) [HKLM] -- {13E7F4A4-33A0-16B0-6486-FAA38C2A7067}
O42 - Logiciel: Nero 7 Premium - (.Nero AG.) [HKLM] -- {4781569D-5404-1F26-4B2B-6DF444441031}
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM] -- {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}
O42 - Logiciel: Realtek AC'97 Audio - (...) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Secret Maryo Chronicles - (.Florian Richter.) [HKLM] -- secretmaryo
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Skype(TM) 7.1 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Storm Codec - (.lain.) [HKLM] -- Storm Codec 5
O42 - Logiciel: USB Disk Security 5.1.0.15 - (.zbshareware, Inc..) [HKLM] -- USB Disk Security_is1
O42 - Logiciel: VIA Chrome9 HC IGP Family Display - (...) [HKLM] -- VIA Chrome9 HC IGP Family Display
O42 - Logiciel: VLC media player 2.1.2 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: WinRAR archiver - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {B8032A6B-C4D0-4744-B75F-9DDCB56B5C6F}
O42 - Logiciel: pdfsam - (...) [HKCU] -- pdfsam
~ Logic: 48 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN PIP]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BoaSoftware]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DScaler5]
[HKCU\Software\DownloadManager]
[HKCU\Software\EPSON]
[HKCU\Software\ESET]
[HKCU\Software\Foxit Software]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\GSpot Appliance Corp]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\IM Providers]
[HKCU\Software\Install]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Ligos]
[HKCU\Software\Macromedia]
[HKCU\Software\MediaChance]
[HKCU\Software\Moko Systems]
[HKCU\Software\Moonlight Cordless]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PIP]
[HKCU\Software\Pictures Software Inc]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Skype]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\drpsu]
[HKCU\Software\yahoo]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\AskBarDis]
[HKLM\Software\Borland]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\Creative Tech]
[HKLM\Software\Digital River]
[HKLM\Software\EPSON]
[HKLM\Software\ESET]
[HKLM\Software\Foxit Software]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Gabest]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\Internet Download Manager]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\MokoSystems]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\ONH1986]
[HKLM\Software\On2 Technologies]
[HKLM\Software\PIP]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\Storm Codec]
[HKLM\Software\The Silicon Realms Toolworks]
[HKLM\Software\TinaSoft]
[HKLM\Software\Uniblue]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\ahead]
[HKLM\Software\jumpshot.com]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
[HKLM\Software\zbshareware]
~ Key Software: 206 Scanned in 00mn 00s
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 17/09/2009 - 11:04:12 - [] ----D C:\Program Files\Fichiers communs
O43 - CFD: 17/09/2009 - 11:26:42 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 17/09/2009 - 11:26:44 - [] ----D C:\Program Files\MSN
O43 - CFD: 17/09/2009 - 11:27:10 - [] ----D C:\Program Files\MSN Gaming Zone
O43 - CFD: 17/09/2009 - 11:27:12 - [] ----D C:\Program Files\Messenger
O43 - CFD: 17/09/2009 - 11:27:18 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 17/09/2009 - 11:27:18 - [] ----D C:\Program Files\Online Services
O43 - CFD: 17/09/2009 - 11:27:28 - [0] ----D C:\Program Files\ComPlus Applications
O43 - CFD: 17/09/2009 - 11:28:08 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 17/09/2009 - 11:28:14 - [] ----D C:\Program Files\Outlook Express =>.Microsoft Corporation
O43 - CFD: 17/09/2009 - 11:28:16 - [] ----D C:\Program Files\NetMeeting
O43 - CFD: 17/09/2009 - 11:28:36 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 17/09/2009 - 11:29:16 - [] ----D C:\Program Files\Services en ligne
O43 - CFD: 17/09/2009 - 11:29:18 - [0] --H-D C:\Program Files\WindowsUpdate
O43 - CFD: 17/09/2009 - 11:30:48 - [] ----D C:\Program Files\microsoft frontpage
O43 - CFD: 17/09/2009 - 11:30:50 - [] ----D C:\Program Files\xerox
O43 - CFD: 17/09/2009 - 13:11:32 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 17/09/2009 - 14:07:46 - [] ----D C:\Program Files\VIA
O43 - CFD: 17/09/2009 - 14:08:32 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 17/09/2009 - 14:09:48 - [0] ----D C:\Program Files\S3
O43 - CFD: 17/09/2009 - 14:17:40 - [] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 17/09/2009 - 14:20:56 - [0] ----D C:\Program Files\Reganam
O43 - CFD: 17/09/2009 - 14:20:56 - [0] ----D C:\Program Files\Conduit
O43 - CFD: 17/09/2009 - 14:23:46 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 17/09/2009 - 13:24:16 - [] ----D C:\Program Files\Ringz Studio
O43 - CFD: 17/09/2009 - 13:26:24 - [] ----D C:\Program Files\Java
O43 - CFD: 17/09/2009 - 13:27:42 - [] ----D C:\Program Files\Google
O43 - CFD: 17/09/2009 - 13:32:02 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 17/09/2009 - 13:49:16 - [0] ----D C:\Program Files\GRETECH
O43 - CFD: 17/09/2009 - 13:49:54 - [] ----D C:\Program Files\Ela-Salaty
O43 - CFD: 17/09/2009 - 13:51:08 - [] ----D C:\Program Files\Free Earth ScreenSaver
O43 - CFD: 17/09/2009 - 13:57:40 - [] ----D C:\Program Files\CreativePainter
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Program Files\Adobe
O43 - CFD: 17/09/2009 - 14:02:30 - [] ----D C:\Program Files\Secret Maryo Chronicles
O43 - CFD: 17/09/2009 - 14:03:24 - [] ----D C:\Program Files\ONH1986
O43 - CFD: 17/09/2009 - 14:23:52 - [] ----D C:\Program Files\Nero
O43 - CFD: 28/10/2009 - 17:04:32 - [] ----D C:\Program Files\Intel
O43 - CFD: 28/10/2009 - 10:24:30 - [] ----D C:\Program Files\Windows Live
O43 - CFD: 28/10/2009 - 10:24:48 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 28/10/2009 - 10:25:18 - [] ----D C:\Program Files\Opera
O43 - CFD: 28/10/2009 - 10:25:54 - [] ----D C:\Program Files\Foxit Software
O43 - CFD: 28/10/2009 - 10:26:16 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 28/10/2009 - 10:27:08 - [] ----D C:\Program Files\Adobe Flash Player
O43 - CFD: 08/04/2010 - 20:39:04 - [] ----D C:\Program Files\USB Disk Security
O43 - CFD: 08/04/2010 - 21:17:40 - [] ----D C:\Program Files\Windows Live SkyDrive
O43 - CFD: 08/04/2010 - 21:18:28 - [] ----D C:\Program Files\Microsoft
O43 - CFD: 08/04/2010 - 21:22:00 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 08/04/2010 - 21:26:50 - [] ----D C:\Program Files\Microsoft Sync Framework
O43 - CFD: 08/04/2010 - 21:29:58 - [] ----D C:\Program Files\Microsoft Office Outlook Connector =>.Microsoft Corporation
O43 - CFD: 16/08/2013 - 10:18:52 - [] ----D C:\Program Files\Borland
O43 - CFD: 16/08/2013 - 10:48:20 - [] ----D C:\Program Files\TinaSoft
O43 - CFD: 26/11/2014 - 10:39:56 - [] ----D C:\Program Files\Canon
O43 - CFD: 26/11/2014 - 10:58:02 - [] ----D C:\Program Files\AVAST Software
O43 - CFD: 26/11/2014 - 10:59:50 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 26/11/2014 - 11:00:12 - [] ----D C:\Program Files\Microsoft Analysis Services
O43 - CFD: 26/11/2014 - 11:01:04 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 26/11/2014 - 11:02:44 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 26/11/2014 - 11:03:32 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 26/11/2014 - 18:37:34 - [] ----D C:\Program Files\pdfsam
O43 - CFD: 31/01/2015 - 14:03:20 - [] ----D C:\Program Files\epson
O43 - CFD: 31/01/2015 - 14:55:50 - [] ----D C:\Program Files\Bonjour
O43 - CFD: 31/01/2015 - 14:56:12 - [] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 31/01/2015 - 15:15:30 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 31/01/2015 - 22:54:48 - [] R---D C:\Program Files\Skype
O43 - CFD: 03/02/2015 - 22:36:00 - [] ----D C:\Program Files\FreeTime
O43 - CFD: 04/02/2015 - 09:52:10 - [] ----D C:\Program Files\iTunes
O43 - CFD: 04/02/2015 - 09:52:14 - [] ----D C:\Program Files\iPod
O43 - CFD: 05/02/2015 - 10:21:34 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 17/09/2009 - 11:04:12 - [] ----D C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 17/09/2009 - 11:04:12 - [] ----D C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 17/09/2009 - 11:04:16 - [] ----D C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 17/09/2009 - 11:28:10 - [] ----D C:\Program Files\Fichiers communs\System
O43 - CFD: 17/09/2009 - 11:28:46 - [] ----D C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 17/09/2009 - 11:28:50 - [] ----D C:\Program Files\Fichiers communs\Services
O43 - CFD: 17/09/2009 - 14:07:08 - [] ----D C:\Program Files\Fichiers communs\InstallShield
O43 - CFD: 17/09/2009 - 13:24:18 - [] ----D C:\Program Files\Fichiers communs\Real
O43 - CFD: 17/09/2009 - 13:26:22 - [] ----D C:\Program Files\Fichiers communs\Java
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 17/09/2009 - 14:23:52 - [] ----D C:\Program Files\Fichiers communs\Ahead
O43 - CFD: 08/04/2010 - 21:09:40 - [] ----D C:\Program Files\Fichiers communs\Windows Live
O43 - CFD: 26/11/2014 - 11:03:02 - [] ----D C:\Program Files\Fichiers communs\DESIGNER
O43 - CFD: 31/01/2015 - 14:00:22 - [] ----D C:\Program Files\Fichiers communs\EPSON
O43 - CFD: 31/01/2015 - 14:55:28 - [] ----D C:\Program Files\Fichiers communs\Apple
O43 - CFD: 31/01/2015 - 22:54:50 - [] ----D C:\Program Files\Fichiers communs\Skype
O43 - CFD: 17/09/2009 - 11:03:32 - [] -S--D C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 17/09/2009 - 13:27:08 - [] ----D C:\Documents and Settings\All Users\Application Data\Skype
O43 - CFD: 17/09/2009 - 13:27:44 - [] ----D C:\Documents and Settings\All Users\Application Data\Google
O43 - CFD: 28/10/2009 - 10:28:04 - [] ----D C:\Documents and Settings\All Users\Application Data\Avira
O43 - CFD: 26/11/2014 - 10:57:38 - [] ----D C:\Documents and Settings\All Users\Application Data\AVAST Software
O43 - CFD: 26/11/2014 - 10:59:48 - [] ----D C:\Documents and Settings\All Users\Application Data\Microsoft Help
O43 - CFD: 26/11/2014 - 11:10:12 - [] ----D C:\Documents and Settings\All Users\Application Data\Sun
O43 - CFD: 26/11/2014 - 19:50:52 - [] ----D C:\Documents and Settings\All Users\Application Data\McAfee
O43 - CFD: 27/11/2014 - 12:11:32 - [] ----D C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 31/01/2015 - 13:58:54 - [] ----D C:\Documents and Settings\All Users\Application Data\EPSON
O43 - CFD: 31/01/2015 - 14:55:28 - [] ----D C:\Documents and Settings\All Users\Application Data\Apple
O43 - CFD: 31/01/2015 - 14:56:36 - [] ----D C:\Documents and Settings\All Users\Application Data\Apple Computer
O43 - CFD: 31/01/2015 - 15:15:30 - [] ----D C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 01/02/2015 - 10:17:16 - [] ----D C:\Documents and Settings\All Users\Application Data\WindSolutions
O43 - CFD: 04/02/2015 - 09:52:10 - [] ----D C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
O43 - CFD: 17/09/2009 - 11:03:50 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 17/09/2009 - 11:27:14 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 17/09/2009 - 11:27:24 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 17/09/2009 - 11:27:40 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux
O43 - CFD: 17/09/2009 - 14:23:48 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 17/09/2009 - 13:24:28 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Storm Codec 5
O43 - CFD: 17/09/2009 - 13:51:08 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Free Earth ScreenSaver
O43 - CFD: 17/09/2009 - 14:03:26 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ONH1986
O43 - CFD: 28/10/2009 - 10:24:30 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Live
O43 - CFD: 28/10/2009 - 10:25:54 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Foxit Reader
O43 - CFD: 28/10/2009 - 10:27:08 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Flash Player
O43 - CFD: 08/04/2010 - 20:39:06 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\USB Disk Security
O43 - CFD: 08/04/2010 - 21:30:36 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office Live Add-in
O43 - CFD: 26/11/2014 - 10:39:56 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avinstallationsprogram f?r Canon skrivare
O43 - CFD: 26/11/2014 - 11:02:32 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
O43 - CFD: 26/11/2014 - 11:03:52 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office
O43 - CFD: 26/11/2014 - 11:03:52 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SharePoint
O43 - CFD: 26/11/2014 - 11:08:00 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java
O43 - CFD: 26/11/2014 - 12:42:32 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox
O43 - CFD: 31/01/2015 - 13:59:52 - [0] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Uniblue
O43 - CFD: 31/01/2015 - 14:00:14 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\EPSON
O43 - CFD: 31/01/2015 - 17:23:48 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
O43 - CFD: 31/01/2015 - 22:54:52 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Skype
O43 - CFD: 02/02/2015 - 18:35:22 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero 7
O43 - CFD: 04/02/2015 - 09:53:08 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes
O43 - CFD: 04/02/2015 - 10:01:10 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime
O43 - CFD: 05/02/2015 - 10:21:36 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP =>.Nicolas Coolman
O43 - CFD: 17/09/2009 - 11:03:32 - [] -S--D C:\Documents and Settings\NetS\Application Data\Microsoft
O43 - CFD: 17/09/2009 - 13:11:34 - [] ----D C:\Documents and Settings\NetS\Application Data\Identities
O43 - CFD: 17/09/2009 - 14:22:18 - [] ----D C:\Documents and Settings\NetS\Application Data\DMCache
O43 - CFD: 17/09/2009 - 13:25:16 - [] ----D C:\Documents and Settings\NetS\Application Data\Sun
O43 - CFD: 17/09/2009 - 13:27:50 - [] ----D C:\Documents and Settings\NetS\Application Data\Skype
O43 - CFD: 17/09/2009 - 13:50:00 - [] ----D C:\Documents and Settings\NetS\Application Data\Google
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Documents and Settings\NetS\Application Data\InterTrust
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Documents and Settings\NetS\Application Data\Adobe
O43 - CFD: 17/09/2009 - 14:25:56 - [] ----D C:\Documents and Settings\NetS\Application Data\Ahead
O43 - CFD: 28/10/2009 - 10:25:54 - [] ----D C:\Documents and Settings\NetS\Application Data\Foxit
O43 - CFD: 28/10/2009 - 10:27:08 - [] ----D C:\Documents and Settings\NetS\Application Data\Macromedia
O43 - CFD: 26/11/2014 - 11:05:00 - [] ----D C:\Documents and Settings\NetS\Application Data\AVAST Software
O43 - CFD: 26/11/2014 - 12:42:38 - [] ----D C:\Documents and Settings\NetS\Application Data\Mozilla
O43 - CFD: 26/11/2014 - 12:42:52 - [] ----D C:\Documents and Settings\NetS\Application Data\IDM
O43 - CFD: 27/11/2014 - 11:05:08 - [] ----D C:\Documents and Settings\NetS\Application Data\Media Player Classic
O43 - CFD: 31/01/2015 - 14:57:54 - [] ----D C:\Documents and Settings\NetS\Application Data\Apple Computer
O43 - CFD: 31/01/2015 - 17:18:02 - [] ----D C:\Documents and Settings\NetS\Application Data\vlc
O43 - CFD: 01/02/2015 - 10:17:16 - [] ----D C:\Documents and Settings\NetS\Application Data\WindSolutions
O43 - CFD: 05/02/2015 - 10:21:34 - [] ----D C:\Documents and Settings\NetS\Application Data\ZHP =>.Nicolas Coolman
O43 - CFD: 17/09/2009 - 11:30:26 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft
O43 - CFD: 17/09/2009 - 14:22:26 - [0] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Conduit
O43 - CFD: 17/09/2009 - 13:27:42 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Google
O43 - CFD: 17/09/2009 - 14:28:54 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Ahead
O43 - CFD: 26/11/2014 - 11:00:02 - [0] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft Help
O43 - CFD: 26/11/2014 - 11:09:50 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Sun
O43 - CFD: 26/11/2014 - 12:42:38 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Mozilla
O43 - CFD: 26/11/2014 - 15:05:52 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Adobe
O43 - CFD: 26/11/2014 - 17:34:02 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Temp
O43 - CFD: 31/01/2015 - 14:56:16 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Apple
O43 - CFD: 31/01/2015 - 14:57:54 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Apple Computer
O43 - CFD: 31/01/2015 - 22:55:02 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Skype
O43 - CFD: 17/09/2009 - 11:29:16 - [] R---D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 17/09/2009 - 11:03:50 - [] R---D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 17/09/2009 - 14:23:48 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 17/09/2009 - 13:57:54 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Creative Painter
O43 - CFD: 17/09/2009 - 14:03:00 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Secret Maryo Chronicles
O43 - CFD: 28/10/2009 - 10:26:16 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\CCleaner
O43 - CFD: 16/08/2013 - 10:31:44 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\TinaSoft
O43 - CFD: 26/11/2014 - 18:37:34 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\PDF Split And Merge
O43 - CFD: 01/02/2015 - 10:18:12 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\CopyTrans Control Center
O43 - CFD: 03/02/2015 - 22:36:30 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\FormatFactory
~ Program Folder: 167 Scanned in 00mn 00s
---\\ Last modi
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
5 févr. 2015 à 10:36
5 févr. 2015 à 10:36
Héberge le rapport
alpha761
Messages postés
17
Date d'inscription
dimanche 25 mai 2008
Statut
Membre
Dernière intervention
26 février 2015
5 févr. 2015 à 10:52
5 févr. 2015 à 10:52
comment je n'ai pas compris
j'ai fais commme t'a dis et j'ai coller le rapport ici !!
tu peus mieu expliquer stp
j'ai fais commme t'a dis et j'ai coller le rapport ici !!
tu peus mieu expliquer stp
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
5 févr. 2015 à 10:56
5 févr. 2015 à 10:56
Pour héberger le rapport, rends toi sur cjoint.com
* Clique sur choisissez un fichier va chercher le rapport dans ton PC.
* Le rapport est hébergé:
- Pour XP : C:\Documents and Settings\username\Local Settings\Application Data\ZHP
- Depuis Vista : C:\Users\username\AppData\Roaming\ZHP
* Une fois le rapport trouvé, sélectionne le, et clique sur Ouvrir
* Choisis le type de diffusion (illimitée ou 21 jours)
* Puis cliques sur créer le lien cjoint
* Une fois que tu auras obtenu le lien copies colle dans ta prochaine réponse
* Pour t'aider https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
* Clique sur choisissez un fichier va chercher le rapport dans ton PC.
* Le rapport est hébergé:
- Pour XP : C:\Documents and Settings\username\Local Settings\Application Data\ZHP
- Depuis Vista : C:\Users\username\AppData\Roaming\ZHP
* Une fois le rapport trouvé, sélectionne le, et clique sur Ouvrir
* Choisis le type de diffusion (illimitée ou 21 jours)
* Puis cliques sur créer le lien cjoint
* Une fois que tu auras obtenu le lien copies colle dans ta prochaine réponse
* Pour t'aider https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
alpha761
Messages postés
17
Date d'inscription
dimanche 25 mai 2008
Statut
Membre
Dernière intervention
26 février 2015
5 févr. 2015 à 12:04
5 févr. 2015 à 12:04
~ Report of ZHPDiag v2015.2.2.15 - Nicolas Coolman (02/02/2015)
~ Launched by NetS (05/02/2015 10:22:20)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Web forum address : https://nicolascoolman.eu
~ Translated by
~ Version State : Updated version.
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control : Not Found
---\\ Internet browsers
MSIE: Internet Explorer v6.0.2900.5512
MFIE: Mozilla Firefox 35.0.1 (Defaut)
GCIE: Google Chrome v40.0.2214.94
---\\ Windows product information
~ Langage: Anglais
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
---\\ System protection software
Avast Free Antivirus v10.0.2208
---\\ System optimization software
CCleaner
---\\ Sharing software PeerToPeer
---\\ Surveillance software
Adobe Flash Player 16 NPAPI
Adobe Reader 9.3.3 - Français
Java 7 Update 71
---\\ Information on the system
~ Processor: x86 Family 15 Model 6 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1982 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 38 GB (55%) free of 68 GB
---\\ Connection to the system mode
~ Computer Name: SERVEUR
~ User Name: NetS
~ All Users Names: SUPPORT_388945a0, NetS, HelpAssistant, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\NetS\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\NetS\Application Data\
~ %Desktop% : C:\Documents and Settings\NetS\Bureau\
~ %Favorites% : C:\Documents and Settings\NetS\Favoris\
~ %LocalAppData% : C:\Documents and Settings\NetS\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\NetS\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumeration of the disk units
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 38 Go of 68 Go)
D: Hard drive, Flash drive, Thumb drive (Free 23 Go of 68 Go)
E: Hard drive, Flash drive, Thumb drive (Free 0 Go of 98 Go)
F: Hard drive, Flash drive, Thumb drive (Free 43 Go of 98 Go)
G: Hard drive, Flash drive, Thumb drive (Free 5 Go of 134 Go)
H: CD-ROM drive (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)
L: Floppy drive, Flash card reader, USB Key (Not Inserted)
M: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 37 Scanned in 00mn 00s
---\\ Search Generic System Files
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.26/11/2014 - 11:04:32.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.4A6E04EA20F48D750D9BFED8600D516B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/04/2008 - 17:33:50.) -- C:\WINDOWS\system32\wininet.dll [670208]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 17:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.322D0E36693D6E24A2398BEE62A268CD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/04/2008 - 10:19:24.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138112]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 10:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 09:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 16:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 07:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 17:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 09:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 09:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 10:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.68755F0FF16070178B54674FE5B847B0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/04/2008 - 10:17:02.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456576]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 10:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 10:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 17:47:24.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 10:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 18:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 16:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/11
~ Mes musiques (My Musics) : 1/28
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/56
~ Mon Bureau (My Desktop) : 1/8863
~ Menu demarrer (Programs) : 1/57
~ Hidden Files: Scanned in 00mn 08s
---\\ Process running
[MD5.E3F7EC811923F3F1A77B185F22638E5E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1560]
[MD5.14D6542607ACD4B2D1DDB1A36E0D8813] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [271744] [PID.168]
[MD5.F5A2923259EFA96FD62074DACA0625BB] - (.S3 Graphics, Inc. - No Comment.) -- C:\WINDOWS\system32\VTTimer.exe [53248] [PID.392]
[MD5.E02C1E225E8B86880AF3E09D418DF664] - (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\WINDOWS\system32\S3trayp.exe [176128] [PID.476]
[MD5.44ADDA5FB88EE14F57A246285775AC2F] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112] [PID.496]
[MD5.C584F7A0E5CE67B70CB6893ED63BF7B0] - (.CANON INC. - Canon Advanced Printing Technology RPC Serv.) -- C:\WINDOWS\system32\CNAB4RPK.exe [63112] [PID.620]
[MD5.C493E204784A3076D1E33764C7CAFAC6] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [157480] [PID.1068]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.1384]
[MD5.7E67B4EC2654AA1716B96C51B9AE862D] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe [939520] [PID.1552]
[MD5.D2B87FC03BE28CD0B33C2B5C1119FD8E] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744] [PID.1644]
[MD5.3F3A26E471CCCB3CFFCA68F0C052F35F] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.exe [249440] [PID.1624]
[MD5.7D6E1809C844B1D2AA02B6DCF1950084] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [31087200] [PID.1412]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1828]
[MD5.DBDB1A25291B2D18C614F5CA963156A8] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696] [PID.124]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.exe [322120] [PID.472]
[MD5.F56197D5CBDCC6A87C242DC8B8EEEE34] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [256536] [PID.240]
[MD5.39D4F18B4D1B2C72097E74D45D36202C] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [540968] [PID.2056]
[MD5.52B3F695EDC908F3575A6834311E2968] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IEMonitor.exe [251312] [PID.3332]
[MD5.A53CC4C0FA7DA7CDC8DDDF4A0E6123F9] - (.Microsoft Corporation - Microsoft Excel.) -- C:\Program Files\Microsoft Office\Office14\EXCEL.exe [20753760] [PID.3760]
[MD5.265B49EF94A5AA713192EE97A7D248B5] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [338032] [PID.4036]
[MD5.5E85E14E91DC7EC217119178210F130B] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe [530816] [PID.2316]
[MD5.BE52EDAADE29AC59681B6CD60E257C92] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8158720] [PID.228]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Documents and Settings\NetS\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
---\\ Google Chrome Extension Folder
~ Google Lines Browser: 0 Scanned in 00mn 06s
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\NetS\Application Data\Mozilla\Firefox\Profiles\ywnrml2h.default\prefs.js
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\amazondotcom.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\answers.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\creativecommons.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay.xml =>Toolbar.eBay
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml
M0 - MFSP: prefs.js [NetS - ywnrml2h.default] https://www.google.com/?gws_rd=ssl
P2 - FPN:Firefox Plugin Navigator . (.Foxit Software Company - Foxit Reader Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\npFoxitReaderPlugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.3.3".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.71.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.71.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.71.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2105] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Ringz Studio\Storm Codec\Plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1212] - (.RealNetworks, Inc. - 6.0.12.1212.) -- C:\Program Files\Ringz Studio\Storm Codec\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.2] - (.VideoLAN - VLC media player Web Plugin 2.1.0.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
~ Firefox Browser: 29 Scanned in 00mn 00s
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.VideoLAN - VLC media player Web Plugin 2.1.0.) (No version) -- (.not file.) =>.VideoLAN
~ IE Browser: 9 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects (O2)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Tonec Inc. - IDM BHO Module.) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMIECC.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphan key
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
~ BHO: 26 Scanned in 00mn 01s
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - [HKLM]{21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Orphan key
~ Toolbar: Scanned in 00mn 00s
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [StormCodec_Helper] . (...) -- C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [NWEReboot] Orphan key
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [VTTimer] . (.S3 Graphics, Inc. - No Comment.) -- C:\WINDOWS\system32\VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] . (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\WINDOWS\system32\S3trayp.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\Ringz Studio\Storm Codec\QTTask.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Orphan key
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Orphan key
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Winsock: 4 Scanned in 00mn 00s
---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1422709590281
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{48B7C3D8-5FD9-44CF-AF9F-0293DE47FBD2}: NameServer = 192.168.1.1,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{832E9D2D-37C6-4979-B2B1-1F65F8723A3C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{48B7C3D8-5FD9-44CF-AF9F-0293DE47FBD2}: NameServer = 192.168.1.1,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{832E9D2D-37C6-4979-B2B1-1F65F8723A3C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{48B7C3D8-5FD9-44CF-AF9F-0293DE47FBD2}: NameServer = 192.168.1.1,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{832E9D2D-37C6-4979-B2B1-1F65F8723A3C}: NameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Extra protocols (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
~ SSODL: 4 Scanned in 00mn 00s
---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 6 Scanned in 00mn 08s
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Word.) - C:\Program Files\Microsoft Office\Office14\WINWORD.exe
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Task Planned Automatically (039)
[MD5.4BB7714617D50D77FCDA6B0182FD8A9A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [857888]
[MD5.A2A9C100FE1BE20A76C0B80D4CA44103] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\WINDOWS\Tasks\avast! Emergency Update.job [364]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: AppleSoftwareUpdate - (.Apple Inc..) -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [284]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1052]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1056]
~ Scheduled Task: 13 Scanned in 00mn 00s
---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_01\bin\regutils.dll
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp.inf =>.Microsoft Corporation
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'installation individualisée de Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\WINDOWS\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\40.0.2214.94\Installer\chrmstp.exe
O40 - ASIC: Shockwave Flash Object - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 16.0 r0.) -- C:\WINDOWS\system32\Macromed\Flash\Flash32_16_0_0_296.ocx
O40 - ASIC: Installed Component - S-1-5-21-448539723-1532298954-1606980848-1003 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID
~ Active Setup: 19 Scanned in 00mn 00s
---\\ Drivers launched at startup (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! TDI Redirect Driver.) - C:\WINDOWS\system32\drivers\aswRdr.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\WINDOWS\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\WINDOWS\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\WINDOWS\system32\drivers\aswTdi.sys
O41 - Driver: (BIOS) . (.BIOSTAR Group - I/O Interface driver file.) - C:\WINDOWS\system32\drivers\BIOS.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (InCDPass) . (. - .) - C:\WINDOWS\system32\drivers\InCDPass.sys (.not file.)
O41 - Driver: (InCDRm) . (. - .) - C:\WINDOWS\system32\drivers\InCDRm.sys (.not file.)
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Drivers: 81 Scanned in 00mn 00s
---\\ Software installed (O42)
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 16 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader 9.3.3 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A93000000001}
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM] -- {2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {28ED482A-56DB-47D9-8D9E-990FA8CD7D3D}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM] -- Avast
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon LBP2900 - (...) [HKLM] -- Canon LBP2900
O42 - Logiciel: CopyTrans Control Center Uninstall Only - (.WindSolutions.) [HKCU] -- CopyTrans Suite
O42 - Logiciel: Creative Painter - (...) [HKLM] -- CreativePainter
O42 - Logiciel: Désinstaller l'imprimante EPSON SX130 Series - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX130 Series
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EasyCafe Server 2.2 (Firewall Edition) - (.TinaSoft Software & Internet Solutions.) [HKLM] -- EasyCafe Server 2.2 (Firewall Edition)
O42 - Logiciel: Express English - (.ONH1986.) [HKLM] -- InstallShield_{C09FAAA5-2FE4-4F79-9957-F06D7F0BD1F8}
O42 - Logiciel: FormatFactory 3.00 - (.Free Time.) [HKLM] -- FormatFactory
O42 - Logiciel: Foxit Reader - (.Foxit Software Company.) [HKLM] -- Foxit Reader
O42 - Logiciel: Free Earth ScreenSaver 1.0 - (...) [HKLM] -- Free Earth ScreenSaver_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (...) [HKLM] -- HDMI
O42 - Logiciel: Java 7 Update 71 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F03217071FF}
O42 - Logiciel: Java(TM) SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 6.0 Parser - (.Microsoft Corporation.) [HKLM] -- {AEB9948B-4FF2-47C9-990E-47014492A0FE}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Mozilla Firefox 35.0.1 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 35.0.1 (x86 en-US)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Nero 7 - (.Nero AG.) [HKLM] -- {13E7F4A4-33A0-16B0-6486-FAA38C2A7067}
O42 - Logiciel: Nero 7 Premium - (.Nero AG.) [HKLM] -- {4781569D-5404-1F26-4B2B-6DF444441031}
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM] -- {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}
O42 - Logiciel: Realtek AC'97 Audio - (...) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Secret Maryo Chronicles - (.Florian Richter.) [HKLM] -- secretmaryo
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Skype(TM) 7.1 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Storm Codec - (.lain.) [HKLM] -- Storm Codec 5
O42 - Logiciel: USB Disk Security 5.1.0.15 - (.zbshareware, Inc..) [HKLM] -- USB Disk Security_is1
O42 - Logiciel: VIA Chrome9 HC IGP Family Display - (...) [HKLM] -- VIA Chrome9 HC IGP Family Display
O42 - Logiciel: VLC media player 2.1.2 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: WinRAR archiver - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {B8032A6B-C4D0-4744-B75F-9DDCB56B5C6F}
O42 - Logiciel: pdfsam - (...) [HKCU] -- pdfsam
~ Logic: 48 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN PIP]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BoaSoftware]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DScaler5]
[HKCU\Software\DownloadManager]
[HKCU\Software\EPSON]
[HKCU\Software\ESET]
[HKCU\Software\Foxit Software]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\GSpot Appliance Corp]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\IM Providers]
[HKCU\Software\Install]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Ligos]
[HKCU\Software\Macromedia]
[HKCU\Software\MediaChance]
[HKCU\Software\Moko Systems]
[HKCU\Software\Moonlight Cordless]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PIP]
[HKCU\Software\Pictures Software Inc]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Skype]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\drpsu]
[HKCU\Software\yahoo]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\AskBarDis]
[HKLM\Software\Borland]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\Creative Tech]
[HKLM\Software\Digital River]
[HKLM\Software\EPSON]
[HKLM\Software\ESET]
[HKLM\Software\Foxit Software]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Gabest]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\Internet Download Manager]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\MokoSystems]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\ONH1986]
[HKLM\Software\On2 Technologies]
[HKLM\Software\PIP]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\Storm Codec]
[HKLM\Software\The Silicon Realms Toolworks]
[HKLM\Software\TinaSoft]
[HKLM\Software\Uniblue]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\ahead]
[HKLM\Software\jumpshot.com]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
[HKLM\Software\zbshareware]
~ Key Software: 206 Scanned in 00mn 00s
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 17/09/2009 - 11:04:12 - [] ----D C:\Program Files\Fichiers communs
O43 - CFD: 17/09/2009 - 11:26:42 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 17/09/2009 - 11:26:44 - [] ----D C:\Program Files\MSN
O43 - CFD: 17/09/2009 - 11:27:10 - [] ----D C:\Program Files\MSN Gaming Zone
O43 - CFD: 17/09/2009 - 11:27:12 - [] ----D C:\Program Files\Messenger
O43 - CFD: 17/09/2009 - 11:27:18 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 17/09/2009 - 11:27:18 - [] ----D C:\Program Files\Online Services
O43 - CFD: 17/09/2009 - 11:27:28 - [0] ----D C:\Program Files\ComPlus Applications
O43 - CFD: 17/09/2009 - 11:28:08 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 17/09/2009 - 11:28:14 - [] ----D C:\Program Files\Outlook Express =>.Microsoft Corporation
O43 - CFD: 17/09/2009 - 11:28:16 - [] ----D C:\Program Files\NetMeeting
O43 - CFD: 17/09/2009 - 11:28:36 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 17/09/2009 - 11:29:16 - [] ----D C:\Program Files\Services en ligne
O43 - CFD: 17/09/2009 - 11:29:18 - [0] --H-D C:\Program Files\WindowsUpdate
O43 - CFD: 17/09/2009 - 11:30:48 - [] ----D C:\Program Files\microsoft frontpage
O43 - CFD: 17/09/2009 - 11:30:50 - [] ----D C:\Program Files\xerox
O43 - CFD: 17/09/2009 - 13:11:32 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 17/09/2009 - 14:07:46 - [] ----D C:\Program Files\VIA
O43 - CFD: 17/09/2009 - 14:08:32 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 17/09/2009 - 14:09:48 - [0] ----D C:\Program Files\S3
O43 - CFD: 17/09/2009 - 14:17:40 - [] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 17/09/2009 - 14:20:56 - [0] ----D C:\Program Files\Reganam
O43 - CFD: 17/09/2009 - 14:20:56 - [0] ----D C:\Program Files\Conduit
O43 - CFD: 17/09/2009 - 14:23:46 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 17/09/2009 - 13:24:16 - [] ----D C:\Program Files\Ringz Studio
O43 - CFD: 17/09/2009 - 13:26:24 - [] ----D C:\Program Files\Java
O43 - CFD: 17/09/2009 - 13:27:42 - [] ----D C:\Program Files\Google
O43 - CFD: 17/09/2009 - 13:32:02 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 17/09/2009 - 13:49:16 - [0] ----D C:\Program Files\GRETECH
O43 - CFD: 17/09/2009 - 13:49:54 - [] ----D C:\Program Files\Ela-Salaty
O43 - CFD: 17/09/2009 - 13:51:08 - [] ----D C:\Program Files\Free Earth ScreenSaver
O43 - CFD: 17/09/2009 - 13:57:40 - [] ----D C:\Program Files\CreativePainter
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Program Files\Adobe
O43 - CFD: 17/09/2009 - 14:02:30 - [] ----D C:\Program Files\Secret Maryo Chronicles
O43 - CFD: 17/09/2009 - 14:03:24 - [] ----D C:\Program Files\ONH1986
O43 - CFD: 17/09/2009 - 14:23:52 - [] ----D C:\Program Files\Nero
O43 - CFD: 28/10/2009 - 17:04:32 - [] ----D C:\Program Files\Intel
O43 - CFD: 28/10/2009 - 10:24:30 - [] ----D C:\Program Files\Windows Live
O43 - CFD: 28/10/2009 - 10:24:48 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 28/10/2009 - 10:25:18 - [] ----D C:\Program Files\Opera
O43 - CFD: 28/10/2009 - 10:25:54 - [] ----D C:\Program Files\Foxit Software
O43 - CFD: 28/10/2009 - 10:26:16 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 28/10/2009 - 10:27:08 - [] ----D C:\Program Files\Adobe Flash Player
O43 - CFD: 08/04/2010 - 20:39:04 - [] ----D C:\Program Files\USB Disk Security
O43 - CFD: 08/04/2010 - 21:17:40 - [] ----D C:\Program Files\Windows Live SkyDrive
O43 - CFD: 08/04/2010 - 21:18:28 - [] ----D C:\Program Files\Microsoft
O43 - CFD: 08/04/2010 - 21:22:00 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 08/04/2010 - 21:26:50 - [] ----D C:\Program Files\Microsoft Sync Framework
O43 - CFD: 08/04/2010 - 21:29:58 - [] ----D C:\Program Files\Microsoft Office Outlook Connector =>.Microsoft Corporation
O43 - CFD: 16/08/2013 - 10:18:52 - [] ----D C:\Program Files\Borland
O43 - CFD: 16/08/2013 - 10:48:20 - [] ----D C:\Program Files\TinaSoft
O43 - CFD: 26/11/2014 - 10:39:56 - [] ----D C:\Program Files\Canon
O43 - CFD: 26/11/2014 - 10:58:02 - [] ----D C:\Program Files\AVAST Software
O43 - CFD: 26/11/2014 - 10:59:50 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 26/11/2014 - 11:00:12 - [] ----D C:\Program Files\Microsoft Analysis Services
O43 - CFD: 26/11/2014 - 11:01:04 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 26/11/2014 - 11:02:44 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 26/11/2014 - 11:03:32 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 26/11/2014 - 18:37:34 - [] ----D C:\Program Files\pdfsam
O43 - CFD: 31/01/2015 - 14:03:20 - [] ----D C:\Program Files\epson
O43 - CFD: 31/01/2015 - 14:55:50 - [] ----D C:\Program Files\Bonjour
O43 - CFD: 31/01/2015 - 14:56:12 - [] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 31/01/2015 - 15:15:30 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 31/01/2015 - 22:54:48 - [] R---D C:\Program Files\Skype
O43 - CFD: 03/02/2015 - 22:36:00 - [] ----D C:\Program Files\FreeTime
O43 - CFD: 04/02/2015 - 09:52:10 - [] ----D C:\Program Files\iTunes
O43 - CFD: 04/02/2015 - 09:52:14 - [] ----D C:\Program Files\iPod
O43 - CFD: 05/02/2015 - 10:21:34 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 17/09/2009 - 11:04:12 - [] ----D C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 17/09/2009 - 11:04:12 - [] ----D C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 17/09/2009 - 11:04:16 - [] ----D C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 17/09/2009 - 11:28:10 - [] ----D C:\Program Files\Fichiers communs\System
O43 - CFD: 17/09/2009 - 11:28:46 - [] ----D C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 17/09/2009 - 11:28:50 - [] ----D C:\Program Files\Fichiers communs\Services
O43 - CFD: 17/09/2009 - 14:07:08 - [] ----D C:\Program Files\Fichiers communs\InstallShield
O43 - CFD: 17/09/2009 - 13:24:18 - [] ----D C:\Program Files\Fichiers communs\Real
O43 - CFD: 17/09/2009 - 13:26:22 - [] ----D C:\Program Files\Fichiers communs\Java
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 17/09/2009 - 14:23:52 - [] ----D C:\Program Files\Fichiers communs\Ahead
O43 - CFD: 08/04/2010 - 21:09:40 - [] ----D C:\Program Files\Fichiers communs\Windows Live
O43 - CFD: 26/11/2014 - 11:03:02 - [] ----D C:\Program Files\Fichiers communs\DESIGNER
O43 - CFD: 31/01/2015 - 14:00:22 - [] ----D C:\Program Files\Fichiers communs\EPSON
O43 - CFD: 31/01/2015 - 14:55:28 - [] ----D C:\Program Files\Fichiers communs\Apple
O43 - CFD: 31/01/2015 - 22:54:50 - [] ----D C:\Program Files\Fichiers communs\Skype
O43 - CFD: 17/09/2009 - 11:03:32 - [] -S--D C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 17/09/2009 - 13:27:08 - [] ----D C:\Documents and Settings\All Users\Application Data\Skype
O43 - CFD: 17/09/2009 - 13:27:44 - [] ----D C:\Documents and Settings\All Users\Application Data\Google
O43 - CFD: 28/10/2009 - 10:28:04 - [] ----D C:\Documents and Settings\All Users\Application Data\Avira
O43 - CFD: 26/11/2014 - 10:57:38 - [] ----D C:\Documents and Settings\All Users\Application Data\AVAST Software
O43 - CFD: 26/11/2014 - 10:59:48 - [] ----D C:\Documents and Settings\All Users\Application Data\Microsoft Help
O43 - CFD: 26/11/2014 - 11:10:12 - [] ----D C:\Documents and Settings\All Users\Application Data\Sun
O43 - CFD: 26/11/2014 - 19:50:52 - [] ----D C:\Documents and Settings\All Users\Application Data\McAfee
O43 - CFD: 27/11/2014 - 12:11:32 - [] ----D C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 31/01/2015 - 13:58:54 - [] ----D C:\Documents and Settings\All Users\Application Data\EPSON
O43 - CFD: 31/01/2015 - 14:55:28 - [] ----D C:\Documents and Settings\All Users\Application Data\Apple
O43 - CFD: 31/01/2015 - 14:56:36 - [] ----D C:\Documents and Settings\All Users\Application Data\Apple Computer
O43 - CFD: 31/01/2015 - 15:15:30 - [] ----D C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 01/02/2015 - 10:17:16 - [] ----D C:\Documents and Settings\All Users\Application Data\WindSolutions
O43 - CFD: 04/02/2015 - 09:52:10 - [] ----D C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
O43 - CFD: 17/09/2009 - 11:03:50 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 17/09/2009 - 11:27:14 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 17/09/2009 - 11:27:24 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 17/09/2009 - 11:27:40 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux
O43 - CFD: 17/09/2009 - 14:23:48 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 17/09/2009 - 13:24:28 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Storm Codec 5
O43 - CFD: 17/09/2009 - 13:51:08 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Free Earth ScreenSaver
O43 - CFD: 17/09/2009 - 14:03:26 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ONH1986
O43 - CFD: 28/10/2009 - 10:24:30 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Live
O43 - CFD: 28/10/2009 - 10:25:54 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Foxit Reader
O43 - CFD: 28/10/2009 - 10:27:08 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Flash Player
O43 - CFD: 08/04/2010 - 20:39:06 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\USB Disk Security
O43 - CFD: 08/04/2010 - 21:30:36 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office Live Add-in
O43 - CFD: 26/11/2014 - 10:39:56 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avinstallationsprogram f?r Canon skrivare
O43 - CFD: 26/11/2014 - 11:02:32 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
O43 - CFD: 26/11/2014 - 11:03:52 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office
O43 - CFD: 26/11/2014 - 11:03:52 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SharePoint
O43 - CFD: 26/11/2014 - 11:08:00 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java
O43 - CFD: 26/11/2014 - 12:42:32 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox
O43 - CFD: 31/01/2015 - 13:59:52 - [0] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Uniblue
O43 - CFD: 31/01/2015 - 14:00:14 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\EPSON
O43 - CFD: 31/01/2015 - 17:23:48 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
O43 - CFD: 31/01/2015 - 22:54:52 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Skype
O43 - CFD: 02/02/2015 - 18:35:22 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero 7
O43 - CFD: 04/02/2015 - 09:53:08 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes
O43 - CFD: 04/02/2015 - 10:01:10 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime
O43 - CFD: 05/02/2015 - 10:21:36 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP =>.Nicolas Coolman
O43 - CFD: 17/09/2009 - 11:03:32 - [] -S--D C:\Documents and Settings\NetS\Application Data\Microsoft
O43 - CFD: 17/09/2009 - 13:11:34 - [] ----D C:\Documents and Settings\NetS\Application Data\Identities
O43 - CFD: 17/09/2009 - 14:22:18 - [] ----D C:\Documents and Settings\NetS\Application Data\DMCache
O43 - CFD: 17/09/2009 - 13:25:16 - [] ----D C:\Documents and Settings\NetS\Application Data\Sun
O43 - CFD: 17/09/2009 - 13:27:50 - [] ----D C:\Documents and Settings\NetS\Application Data\Skype
O43 - CFD: 17/09/2009 - 13:50:00 - [] ----D C:\Documents and Settings\NetS\Application Data\Google
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Documents and Settings\NetS\Application Data\InterTrust
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Documents and Settings\NetS\Application Data\Adobe
O43 - CFD: 17/09/2009 - 14:25:56 - [] ----D C:\Documents and Settings\NetS\Application Data\Ahead
O43 - CFD: 28/10/2009 - 10:25:54 - [] ----D C:\Documents and Settings\NetS\Application Data\Foxit
O43 - CFD: 28/10/2009 - 10:27:08 - [] ----D C:\Documents and Settings\NetS\Application Data\Macromedia
O43 - CFD: 26/11/2014 - 11:05:00 - [] ----D C:\Documents and Settings\NetS\Application Data\AVAST Software
O43 - CFD: 26/11/2014 - 12:42:38 - [] ----D C:\Documents and Settings\NetS\Application Data\Mozilla
O43 - CFD: 26/11/2014 - 12:42:52 - [] ----D C:\Documents and Settings\NetS\Application Data\IDM
O43 - CFD: 27/11/2014 - 11:05:08 - [] ----D C:\Documents and Settings\NetS\Application Data\Media Player Classic
O43 - CFD: 31/01/2015 - 14:57:54 - [] ----D C:\Documents and Settings\NetS\Application Data\Apple Computer
O43 - CFD: 31/01/2015 - 17:18:02 - [] ----D C:\Documents and Settings\NetS\Application Data\vlc
O43 - CFD: 01/02/2015 - 10:17:16 - [] ----D C:\Documents and Settings\NetS\Application Data\WindSolutions
O43 - CFD: 05/02/2015 - 10:21:34 - [] ----D C:\Documents and Settings\NetS\Application Data\ZHP =>.Nicolas Coolman
O43 - CFD: 17/09/2009 - 11:30:26 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft
O43 - CFD: 17/09/2009 - 14:22:26 - [0] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Conduit
O43 - CFD: 17/09/2009 - 13:27:42 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Google
O43 - CFD: 17/09/2009 - 14:28:54 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Ahead
O43 - CFD: 26/11/2014 - 11:00:02 - [0] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft Help
O43 - CFD: 26/11/2014 - 11:09:50 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Sun
O43 - CFD: 26/11/2014 - 12:42:38 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Mozilla
O43 - CFD: 26/11/2014 - 15:05:52 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Adobe
O43 - CFD: 26/11/2014 - 17:34:02 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Temp
O43 - CFD: 31/01/2015 - 14:56:16 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Apple
O43 - CFD: 31/01/2015 - 14:57:54 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Apple Computer
O43 - CFD: 31/01/2015 - 22:55:02 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Skype
O43 - CFD: 17/09/2009 - 11:29:16 - [] R---D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 17/09/2009 - 11:03:50 - [] R---D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 17/09/2009 - 14:23:48 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 17/09/2009 - 13:57:54 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Creative Painter
O43 - CFD: 17/09/2009 - 14:03:00 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Secret Maryo Chronicles
O43 - CFD: 28/10/2009 - 10:26:16 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\CCleaner
O43 - CFD: 16/08/2013 - 10:31:44 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\TinaSoft
O43 - CFD: 26/11/2014 - 18:37:34 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\PDF Split And Merge
O43 - CFD: 01/02/2015 - 10:18:12 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\CopyTrans Control Center
O43 - CFD: 03/02/2015 - 22:36:30 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\FormatFactory
~ Program Folder: 167 Scanned in 00mn 00s
---\\ Last modified or created files under Windows and Sy
~ Launched by NetS (05/02/2015 10:22:20)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Web forum address : https://nicolascoolman.eu
~ Translated by
~ Version State : Updated version.
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control : Not Found
---\\ Internet browsers
MSIE: Internet Explorer v6.0.2900.5512
MFIE: Mozilla Firefox 35.0.1 (Defaut)
GCIE: Google Chrome v40.0.2214.94
---\\ Windows product information
~ Langage: Anglais
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
---\\ System protection software
Avast Free Antivirus v10.0.2208
---\\ System optimization software
CCleaner
---\\ Sharing software PeerToPeer
---\\ Surveillance software
Adobe Flash Player 16 NPAPI
Adobe Reader 9.3.3 - Français
Java 7 Update 71
---\\ Information on the system
~ Processor: x86 Family 15 Model 6 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1982 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 38 GB (55%) free of 68 GB
---\\ Connection to the system mode
~ Computer Name: SERVEUR
~ User Name: NetS
~ All Users Names: SUPPORT_388945a0, NetS, HelpAssistant, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\NetS\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\NetS\Application Data\
~ %Desktop% : C:\Documents and Settings\NetS\Bureau\
~ %Favorites% : C:\Documents and Settings\NetS\Favoris\
~ %LocalAppData% : C:\Documents and Settings\NetS\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\NetS\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumeration of the disk units
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 38 Go of 68 Go)
D: Hard drive, Flash drive, Thumb drive (Free 23 Go of 68 Go)
E: Hard drive, Flash drive, Thumb drive (Free 0 Go of 98 Go)
F: Hard drive, Flash drive, Thumb drive (Free 43 Go of 98 Go)
G: Hard drive, Flash drive, Thumb drive (Free 5 Go of 134 Go)
H: CD-ROM drive (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)
L: Floppy drive, Flash card reader, USB Key (Not Inserted)
M: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 37 Scanned in 00mn 00s
---\\ Search Generic System Files
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.26/11/2014 - 11:04:32.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.4A6E04EA20F48D750D9BFED8600D516B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/04/2008 - 17:33:50.) -- C:\WINDOWS\system32\wininet.dll [670208]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 17:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.322D0E36693D6E24A2398BEE62A268CD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/04/2008 - 10:19:24.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138112]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 10:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 09:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 16:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 07:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 17:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 09:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 09:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 10:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.68755F0FF16070178B54674FE5B847B0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/04/2008 - 10:17:02.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456576]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 10:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 10:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 17:47:24.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 10:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 18:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 16:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/11
~ Mes musiques (My Musics) : 1/28
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/56
~ Mon Bureau (My Desktop) : 1/8863
~ Menu demarrer (Programs) : 1/57
~ Hidden Files: Scanned in 00mn 08s
---\\ Process running
[MD5.E3F7EC811923F3F1A77B185F22638E5E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1560]
[MD5.14D6542607ACD4B2D1DDB1A36E0D8813] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [271744] [PID.168]
[MD5.F5A2923259EFA96FD62074DACA0625BB] - (.S3 Graphics, Inc. - No Comment.) -- C:\WINDOWS\system32\VTTimer.exe [53248] [PID.392]
[MD5.E02C1E225E8B86880AF3E09D418DF664] - (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\WINDOWS\system32\S3trayp.exe [176128] [PID.476]
[MD5.44ADDA5FB88EE14F57A246285775AC2F] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112] [PID.496]
[MD5.C584F7A0E5CE67B70CB6893ED63BF7B0] - (.CANON INC. - Canon Advanced Printing Technology RPC Serv.) -- C:\WINDOWS\system32\CNAB4RPK.exe [63112] [PID.620]
[MD5.C493E204784A3076D1E33764C7CAFAC6] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [157480] [PID.1068]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.1384]
[MD5.7E67B4EC2654AA1716B96C51B9AE862D] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe [939520] [PID.1552]
[MD5.D2B87FC03BE28CD0B33C2B5C1119FD8E] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744] [PID.1644]
[MD5.3F3A26E471CCCB3CFFCA68F0C052F35F] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.exe [249440] [PID.1624]
[MD5.7D6E1809C844B1D2AA02B6DCF1950084] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [31087200] [PID.1412]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1828]
[MD5.DBDB1A25291B2D18C614F5CA963156A8] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696] [PID.124]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.exe [322120] [PID.472]
[MD5.F56197D5CBDCC6A87C242DC8B8EEEE34] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [256536] [PID.240]
[MD5.39D4F18B4D1B2C72097E74D45D36202C] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [540968] [PID.2056]
[MD5.52B3F695EDC908F3575A6834311E2968] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IEMonitor.exe [251312] [PID.3332]
[MD5.A53CC4C0FA7DA7CDC8DDDF4A0E6123F9] - (.Microsoft Corporation - Microsoft Excel.) -- C:\Program Files\Microsoft Office\Office14\EXCEL.exe [20753760] [PID.3760]
[MD5.265B49EF94A5AA713192EE97A7D248B5] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [338032] [PID.4036]
[MD5.5E85E14E91DC7EC217119178210F130B] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe [530816] [PID.2316]
[MD5.BE52EDAADE29AC59681B6CD60E257C92] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8158720] [PID.228]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Documents and Settings\NetS\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
---\\ Google Chrome Extension Folder
~ Google Lines Browser: 0 Scanned in 00mn 06s
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\NetS\Application Data\Mozilla\Firefox\Profiles\ywnrml2h.default\prefs.js
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\amazondotcom.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\answers.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\creativecommons.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay.xml =>Toolbar.eBay
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia.xml
M3 - MFPP: Plugins - [NetS] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml
M0 - MFSP: prefs.js [NetS - ywnrml2h.default] https://www.google.com/?gws_rd=ssl
P2 - FPN:Firefox Plugin Navigator . (.Foxit Software Company - Foxit Reader Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\npFoxitReaderPlugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.3.3".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.71.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.71.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.71.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2105] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Ringz Studio\Storm Codec\Plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1212] - (.RealNetworks, Inc. - 6.0.12.1212.) -- C:\Program Files\Ringz Studio\Storm Codec\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.2] - (.VideoLAN - VLC media player Web Plugin 2.1.0.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
~ Firefox Browser: 29 Scanned in 00mn 00s
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.VideoLAN - VLC media player Web Plugin 2.1.0.) (No version) -- (.not file.) =>.VideoLAN
~ IE Browser: 9 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects (O2)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Tonec Inc. - IDM BHO Module.) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMIECC.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphan key
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
~ BHO: 26 Scanned in 00mn 01s
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - [HKLM]{21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Orphan key
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Orphan key
~ Toolbar: Scanned in 00mn 00s
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [StormCodec_Helper] . (...) -- C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [NWEReboot] Orphan key
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [VTTimer] . (.S3 Graphics, Inc. - No Comment.) -- C:\WINDOWS\system32\VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] . (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\WINDOWS\system32\S3trayp.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\Ringz Studio\Storm Codec\QTTask.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Documents and Settings\NetS\Local Settings\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Orphan key
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Orphan key
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Winsock: 4 Scanned in 00mn 00s
---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1422709590281
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{48B7C3D8-5FD9-44CF-AF9F-0293DE47FBD2}: NameServer = 192.168.1.1,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{832E9D2D-37C6-4979-B2B1-1F65F8723A3C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{48B7C3D8-5FD9-44CF-AF9F-0293DE47FBD2}: NameServer = 192.168.1.1,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{832E9D2D-37C6-4979-B2B1-1F65F8723A3C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{48B7C3D8-5FD9-44CF-AF9F-0293DE47FBD2}: NameServer = 192.168.1.1,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{832E9D2D-37C6-4979-B2B1-1F65F8723A3C}: NameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Extra protocols (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
~ SSODL: 4 Scanned in 00mn 00s
---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 6 Scanned in 00mn 08s
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Word.) - C:\Program Files\Microsoft Office\Office14\WINWORD.exe
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Task Planned Automatically (039)
[MD5.4BB7714617D50D77FCDA6B0182FD8A9A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [857888]
[MD5.A2A9C100FE1BE20A76C0B80D4CA44103] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\WINDOWS\Tasks\avast! Emergency Update.job [364]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: AppleSoftwareUpdate - (.Apple Inc..) -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [284]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1052]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1056]
~ Scheduled Task: 13 Scanned in 00mn 00s
---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_01\bin\regutils.dll
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp.inf =>.Microsoft Corporation
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'installation individualisée de Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\WINDOWS\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\40.0.2214.94\Installer\chrmstp.exe
O40 - ASIC: Shockwave Flash Object - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 16.0 r0.) -- C:\WINDOWS\system32\Macromed\Flash\Flash32_16_0_0_296.ocx
O40 - ASIC: Installed Component - S-1-5-21-448539723-1532298954-1606980848-1003 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID
~ Active Setup: 19 Scanned in 00mn 00s
---\\ Drivers launched at startup (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! TDI Redirect Driver.) - C:\WINDOWS\system32\drivers\aswRdr.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\WINDOWS\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\WINDOWS\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\WINDOWS\system32\drivers\aswTdi.sys
O41 - Driver: (BIOS) . (.BIOSTAR Group - I/O Interface driver file.) - C:\WINDOWS\system32\drivers\BIOS.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (InCDPass) . (. - .) - C:\WINDOWS\system32\drivers\InCDPass.sys (.not file.)
O41 - Driver: (InCDRm) . (. - .) - C:\WINDOWS\system32\drivers\InCDRm.sys (.not file.)
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Drivers: 81 Scanned in 00mn 00s
---\\ Software installed (O42)
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 16 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader 9.3.3 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A93000000001}
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM] -- {2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {28ED482A-56DB-47D9-8D9E-990FA8CD7D3D}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM] -- Avast
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon LBP2900 - (...) [HKLM] -- Canon LBP2900
O42 - Logiciel: CopyTrans Control Center Uninstall Only - (.WindSolutions.) [HKCU] -- CopyTrans Suite
O42 - Logiciel: Creative Painter - (...) [HKLM] -- CreativePainter
O42 - Logiciel: Désinstaller l'imprimante EPSON SX130 Series - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX130 Series
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EasyCafe Server 2.2 (Firewall Edition) - (.TinaSoft Software & Internet Solutions.) [HKLM] -- EasyCafe Server 2.2 (Firewall Edition)
O42 - Logiciel: Express English - (.ONH1986.) [HKLM] -- InstallShield_{C09FAAA5-2FE4-4F79-9957-F06D7F0BD1F8}
O42 - Logiciel: FormatFactory 3.00 - (.Free Time.) [HKLM] -- FormatFactory
O42 - Logiciel: Foxit Reader - (.Foxit Software Company.) [HKLM] -- Foxit Reader
O42 - Logiciel: Free Earth ScreenSaver 1.0 - (...) [HKLM] -- Free Earth ScreenSaver_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (...) [HKLM] -- HDMI
O42 - Logiciel: Java 7 Update 71 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F03217071FF}
O42 - Logiciel: Java(TM) SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 6.0 Parser - (.Microsoft Corporation.) [HKLM] -- {AEB9948B-4FF2-47C9-990E-47014492A0FE}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Mozilla Firefox 35.0.1 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 35.0.1 (x86 en-US)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Nero 7 - (.Nero AG.) [HKLM] -- {13E7F4A4-33A0-16B0-6486-FAA38C2A7067}
O42 - Logiciel: Nero 7 Premium - (.Nero AG.) [HKLM] -- {4781569D-5404-1F26-4B2B-6DF444441031}
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM] -- {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}
O42 - Logiciel: Realtek AC'97 Audio - (...) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Secret Maryo Chronicles - (.Florian Richter.) [HKLM] -- secretmaryo
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Skype(TM) 7.1 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Storm Codec - (.lain.) [HKLM] -- Storm Codec 5
O42 - Logiciel: USB Disk Security 5.1.0.15 - (.zbshareware, Inc..) [HKLM] -- USB Disk Security_is1
O42 - Logiciel: VIA Chrome9 HC IGP Family Display - (...) [HKLM] -- VIA Chrome9 HC IGP Family Display
O42 - Logiciel: VLC media player 2.1.2 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: WinRAR archiver - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {B8032A6B-C4D0-4744-B75F-9DDCB56B5C6F}
O42 - Logiciel: pdfsam - (...) [HKCU] -- pdfsam
~ Logic: 48 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN PIP]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BoaSoftware]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DScaler5]
[HKCU\Software\DownloadManager]
[HKCU\Software\EPSON]
[HKCU\Software\ESET]
[HKCU\Software\Foxit Software]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\GSpot Appliance Corp]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\IM Providers]
[HKCU\Software\Install]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Ligos]
[HKCU\Software\Macromedia]
[HKCU\Software\MediaChance]
[HKCU\Software\Moko Systems]
[HKCU\Software\Moonlight Cordless]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PIP]
[HKCU\Software\Pictures Software Inc]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Skype]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\drpsu]
[HKCU\Software\yahoo]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\AskBarDis]
[HKLM\Software\Borland]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\Creative Tech]
[HKLM\Software\Digital River]
[HKLM\Software\EPSON]
[HKLM\Software\ESET]
[HKLM\Software\Foxit Software]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Gabest]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\Internet Download Manager]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\MokoSystems]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\ONH1986]
[HKLM\Software\On2 Technologies]
[HKLM\Software\PIP]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\Storm Codec]
[HKLM\Software\The Silicon Realms Toolworks]
[HKLM\Software\TinaSoft]
[HKLM\Software\Uniblue]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\ahead]
[HKLM\Software\jumpshot.com]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
[HKLM\Software\zbshareware]
~ Key Software: 206 Scanned in 00mn 00s
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 17/09/2009 - 11:04:12 - [] ----D C:\Program Files\Fichiers communs
O43 - CFD: 17/09/2009 - 11:26:42 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 17/09/2009 - 11:26:44 - [] ----D C:\Program Files\MSN
O43 - CFD: 17/09/2009 - 11:27:10 - [] ----D C:\Program Files\MSN Gaming Zone
O43 - CFD: 17/09/2009 - 11:27:12 - [] ----D C:\Program Files\Messenger
O43 - CFD: 17/09/2009 - 11:27:18 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 17/09/2009 - 11:27:18 - [] ----D C:\Program Files\Online Services
O43 - CFD: 17/09/2009 - 11:27:28 - [0] ----D C:\Program Files\ComPlus Applications
O43 - CFD: 17/09/2009 - 11:28:08 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 17/09/2009 - 11:28:14 - [] ----D C:\Program Files\Outlook Express =>.Microsoft Corporation
O43 - CFD: 17/09/2009 - 11:28:16 - [] ----D C:\Program Files\NetMeeting
O43 - CFD: 17/09/2009 - 11:28:36 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 17/09/2009 - 11:29:16 - [] ----D C:\Program Files\Services en ligne
O43 - CFD: 17/09/2009 - 11:29:18 - [0] --H-D C:\Program Files\WindowsUpdate
O43 - CFD: 17/09/2009 - 11:30:48 - [] ----D C:\Program Files\microsoft frontpage
O43 - CFD: 17/09/2009 - 11:30:50 - [] ----D C:\Program Files\xerox
O43 - CFD: 17/09/2009 - 13:11:32 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 17/09/2009 - 14:07:46 - [] ----D C:\Program Files\VIA
O43 - CFD: 17/09/2009 - 14:08:32 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 17/09/2009 - 14:09:48 - [0] ----D C:\Program Files\S3
O43 - CFD: 17/09/2009 - 14:17:40 - [] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 17/09/2009 - 14:20:56 - [0] ----D C:\Program Files\Reganam
O43 - CFD: 17/09/2009 - 14:20:56 - [0] ----D C:\Program Files\Conduit
O43 - CFD: 17/09/2009 - 14:23:46 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 17/09/2009 - 13:24:16 - [] ----D C:\Program Files\Ringz Studio
O43 - CFD: 17/09/2009 - 13:26:24 - [] ----D C:\Program Files\Java
O43 - CFD: 17/09/2009 - 13:27:42 - [] ----D C:\Program Files\Google
O43 - CFD: 17/09/2009 - 13:32:02 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 17/09/2009 - 13:49:16 - [0] ----D C:\Program Files\GRETECH
O43 - CFD: 17/09/2009 - 13:49:54 - [] ----D C:\Program Files\Ela-Salaty
O43 - CFD: 17/09/2009 - 13:51:08 - [] ----D C:\Program Files\Free Earth ScreenSaver
O43 - CFD: 17/09/2009 - 13:57:40 - [] ----D C:\Program Files\CreativePainter
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Program Files\Adobe
O43 - CFD: 17/09/2009 - 14:02:30 - [] ----D C:\Program Files\Secret Maryo Chronicles
O43 - CFD: 17/09/2009 - 14:03:24 - [] ----D C:\Program Files\ONH1986
O43 - CFD: 17/09/2009 - 14:23:52 - [] ----D C:\Program Files\Nero
O43 - CFD: 28/10/2009 - 17:04:32 - [] ----D C:\Program Files\Intel
O43 - CFD: 28/10/2009 - 10:24:30 - [] ----D C:\Program Files\Windows Live
O43 - CFD: 28/10/2009 - 10:24:48 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 28/10/2009 - 10:25:18 - [] ----D C:\Program Files\Opera
O43 - CFD: 28/10/2009 - 10:25:54 - [] ----D C:\Program Files\Foxit Software
O43 - CFD: 28/10/2009 - 10:26:16 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 28/10/2009 - 10:27:08 - [] ----D C:\Program Files\Adobe Flash Player
O43 - CFD: 08/04/2010 - 20:39:04 - [] ----D C:\Program Files\USB Disk Security
O43 - CFD: 08/04/2010 - 21:17:40 - [] ----D C:\Program Files\Windows Live SkyDrive
O43 - CFD: 08/04/2010 - 21:18:28 - [] ----D C:\Program Files\Microsoft
O43 - CFD: 08/04/2010 - 21:22:00 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 08/04/2010 - 21:26:50 - [] ----D C:\Program Files\Microsoft Sync Framework
O43 - CFD: 08/04/2010 - 21:29:58 - [] ----D C:\Program Files\Microsoft Office Outlook Connector =>.Microsoft Corporation
O43 - CFD: 16/08/2013 - 10:18:52 - [] ----D C:\Program Files\Borland
O43 - CFD: 16/08/2013 - 10:48:20 - [] ----D C:\Program Files\TinaSoft
O43 - CFD: 26/11/2014 - 10:39:56 - [] ----D C:\Program Files\Canon
O43 - CFD: 26/11/2014 - 10:58:02 - [] ----D C:\Program Files\AVAST Software
O43 - CFD: 26/11/2014 - 10:59:50 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 26/11/2014 - 11:00:12 - [] ----D C:\Program Files\Microsoft Analysis Services
O43 - CFD: 26/11/2014 - 11:01:04 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 26/11/2014 - 11:02:44 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 26/11/2014 - 11:03:32 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 26/11/2014 - 18:37:34 - [] ----D C:\Program Files\pdfsam
O43 - CFD: 31/01/2015 - 14:03:20 - [] ----D C:\Program Files\epson
O43 - CFD: 31/01/2015 - 14:55:50 - [] ----D C:\Program Files\Bonjour
O43 - CFD: 31/01/2015 - 14:56:12 - [] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 31/01/2015 - 15:15:30 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 31/01/2015 - 22:54:48 - [] R---D C:\Program Files\Skype
O43 - CFD: 03/02/2015 - 22:36:00 - [] ----D C:\Program Files\FreeTime
O43 - CFD: 04/02/2015 - 09:52:10 - [] ----D C:\Program Files\iTunes
O43 - CFD: 04/02/2015 - 09:52:14 - [] ----D C:\Program Files\iPod
O43 - CFD: 05/02/2015 - 10:21:34 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 17/09/2009 - 11:04:12 - [] ----D C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 17/09/2009 - 11:04:12 - [] ----D C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 17/09/2009 - 11:04:16 - [] ----D C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 17/09/2009 - 11:28:10 - [] ----D C:\Program Files\Fichiers communs\System
O43 - CFD: 17/09/2009 - 11:28:46 - [] ----D C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 17/09/2009 - 11:28:50 - [] ----D C:\Program Files\Fichiers communs\Services
O43 - CFD: 17/09/2009 - 14:07:08 - [] ----D C:\Program Files\Fichiers communs\InstallShield
O43 - CFD: 17/09/2009 - 13:24:18 - [] ----D C:\Program Files\Fichiers communs\Real
O43 - CFD: 17/09/2009 - 13:26:22 - [] ----D C:\Program Files\Fichiers communs\Java
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 17/09/2009 - 14:23:52 - [] ----D C:\Program Files\Fichiers communs\Ahead
O43 - CFD: 08/04/2010 - 21:09:40 - [] ----D C:\Program Files\Fichiers communs\Windows Live
O43 - CFD: 26/11/2014 - 11:03:02 - [] ----D C:\Program Files\Fichiers communs\DESIGNER
O43 - CFD: 31/01/2015 - 14:00:22 - [] ----D C:\Program Files\Fichiers communs\EPSON
O43 - CFD: 31/01/2015 - 14:55:28 - [] ----D C:\Program Files\Fichiers communs\Apple
O43 - CFD: 31/01/2015 - 22:54:50 - [] ----D C:\Program Files\Fichiers communs\Skype
O43 - CFD: 17/09/2009 - 11:03:32 - [] -S--D C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 17/09/2009 - 13:27:08 - [] ----D C:\Documents and Settings\All Users\Application Data\Skype
O43 - CFD: 17/09/2009 - 13:27:44 - [] ----D C:\Documents and Settings\All Users\Application Data\Google
O43 - CFD: 28/10/2009 - 10:28:04 - [] ----D C:\Documents and Settings\All Users\Application Data\Avira
O43 - CFD: 26/11/2014 - 10:57:38 - [] ----D C:\Documents and Settings\All Users\Application Data\AVAST Software
O43 - CFD: 26/11/2014 - 10:59:48 - [] ----D C:\Documents and Settings\All Users\Application Data\Microsoft Help
O43 - CFD: 26/11/2014 - 11:10:12 - [] ----D C:\Documents and Settings\All Users\Application Data\Sun
O43 - CFD: 26/11/2014 - 19:50:52 - [] ----D C:\Documents and Settings\All Users\Application Data\McAfee
O43 - CFD: 27/11/2014 - 12:11:32 - [] ----D C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 31/01/2015 - 13:58:54 - [] ----D C:\Documents and Settings\All Users\Application Data\EPSON
O43 - CFD: 31/01/2015 - 14:55:28 - [] ----D C:\Documents and Settings\All Users\Application Data\Apple
O43 - CFD: 31/01/2015 - 14:56:36 - [] ----D C:\Documents and Settings\All Users\Application Data\Apple Computer
O43 - CFD: 31/01/2015 - 15:15:30 - [] ----D C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 01/02/2015 - 10:17:16 - [] ----D C:\Documents and Settings\All Users\Application Data\WindSolutions
O43 - CFD: 04/02/2015 - 09:52:10 - [] ----D C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
O43 - CFD: 17/09/2009 - 11:03:50 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 17/09/2009 - 11:27:14 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 17/09/2009 - 11:27:24 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 17/09/2009 - 11:27:40 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux
O43 - CFD: 17/09/2009 - 14:23:48 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 17/09/2009 - 13:24:28 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Storm Codec 5
O43 - CFD: 17/09/2009 - 13:51:08 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Free Earth ScreenSaver
O43 - CFD: 17/09/2009 - 14:03:26 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ONH1986
O43 - CFD: 28/10/2009 - 10:24:30 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Live
O43 - CFD: 28/10/2009 - 10:25:54 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Foxit Reader
O43 - CFD: 28/10/2009 - 10:27:08 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Flash Player
O43 - CFD: 08/04/2010 - 20:39:06 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\USB Disk Security
O43 - CFD: 08/04/2010 - 21:30:36 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office Live Add-in
O43 - CFD: 26/11/2014 - 10:39:56 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avinstallationsprogram f?r Canon skrivare
O43 - CFD: 26/11/2014 - 11:02:32 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
O43 - CFD: 26/11/2014 - 11:03:52 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office
O43 - CFD: 26/11/2014 - 11:03:52 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SharePoint
O43 - CFD: 26/11/2014 - 11:08:00 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java
O43 - CFD: 26/11/2014 - 12:42:32 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox
O43 - CFD: 31/01/2015 - 13:59:52 - [0] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Uniblue
O43 - CFD: 31/01/2015 - 14:00:14 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\EPSON
O43 - CFD: 31/01/2015 - 17:23:48 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
O43 - CFD: 31/01/2015 - 22:54:52 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Skype
O43 - CFD: 02/02/2015 - 18:35:22 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero 7
O43 - CFD: 04/02/2015 - 09:53:08 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes
O43 - CFD: 04/02/2015 - 10:01:10 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime
O43 - CFD: 05/02/2015 - 10:21:36 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP =>.Nicolas Coolman
O43 - CFD: 17/09/2009 - 11:03:32 - [] -S--D C:\Documents and Settings\NetS\Application Data\Microsoft
O43 - CFD: 17/09/2009 - 13:11:34 - [] ----D C:\Documents and Settings\NetS\Application Data\Identities
O43 - CFD: 17/09/2009 - 14:22:18 - [] ----D C:\Documents and Settings\NetS\Application Data\DMCache
O43 - CFD: 17/09/2009 - 13:25:16 - [] ----D C:\Documents and Settings\NetS\Application Data\Sun
O43 - CFD: 17/09/2009 - 13:27:50 - [] ----D C:\Documents and Settings\NetS\Application Data\Skype
O43 - CFD: 17/09/2009 - 13:50:00 - [] ----D C:\Documents and Settings\NetS\Application Data\Google
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Documents and Settings\NetS\Application Data\InterTrust
O43 - CFD: 17/09/2009 - 14:00:56 - [] ----D C:\Documents and Settings\NetS\Application Data\Adobe
O43 - CFD: 17/09/2009 - 14:25:56 - [] ----D C:\Documents and Settings\NetS\Application Data\Ahead
O43 - CFD: 28/10/2009 - 10:25:54 - [] ----D C:\Documents and Settings\NetS\Application Data\Foxit
O43 - CFD: 28/10/2009 - 10:27:08 - [] ----D C:\Documents and Settings\NetS\Application Data\Macromedia
O43 - CFD: 26/11/2014 - 11:05:00 - [] ----D C:\Documents and Settings\NetS\Application Data\AVAST Software
O43 - CFD: 26/11/2014 - 12:42:38 - [] ----D C:\Documents and Settings\NetS\Application Data\Mozilla
O43 - CFD: 26/11/2014 - 12:42:52 - [] ----D C:\Documents and Settings\NetS\Application Data\IDM
O43 - CFD: 27/11/2014 - 11:05:08 - [] ----D C:\Documents and Settings\NetS\Application Data\Media Player Classic
O43 - CFD: 31/01/2015 - 14:57:54 - [] ----D C:\Documents and Settings\NetS\Application Data\Apple Computer
O43 - CFD: 31/01/2015 - 17:18:02 - [] ----D C:\Documents and Settings\NetS\Application Data\vlc
O43 - CFD: 01/02/2015 - 10:17:16 - [] ----D C:\Documents and Settings\NetS\Application Data\WindSolutions
O43 - CFD: 05/02/2015 - 10:21:34 - [] ----D C:\Documents and Settings\NetS\Application Data\ZHP =>.Nicolas Coolman
O43 - CFD: 17/09/2009 - 11:30:26 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft
O43 - CFD: 17/09/2009 - 14:22:26 - [0] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Conduit
O43 - CFD: 17/09/2009 - 13:27:42 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Google
O43 - CFD: 17/09/2009 - 14:28:54 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Ahead
O43 - CFD: 26/11/2014 - 11:00:02 - [0] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Microsoft Help
O43 - CFD: 26/11/2014 - 11:09:50 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Sun
O43 - CFD: 26/11/2014 - 12:42:38 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Mozilla
O43 - CFD: 26/11/2014 - 15:05:52 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Adobe
O43 - CFD: 26/11/2014 - 17:34:02 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Temp
O43 - CFD: 31/01/2015 - 14:56:16 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Apple
O43 - CFD: 31/01/2015 - 14:57:54 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Apple Computer
O43 - CFD: 31/01/2015 - 22:55:02 - [] ----D C:\Documents and Settings\NetS\Local Settings\Application Data\Skype
O43 - CFD: 17/09/2009 - 11:29:16 - [] R---D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 17/09/2009 - 11:03:50 - [] R---D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 17/09/2009 - 14:23:48 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 17/09/2009 - 13:57:54 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Creative Painter
O43 - CFD: 17/09/2009 - 14:03:00 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\Secret Maryo Chronicles
O43 - CFD: 28/10/2009 - 10:26:16 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\CCleaner
O43 - CFD: 16/08/2013 - 10:31:44 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\TinaSoft
O43 - CFD: 26/11/2014 - 18:37:34 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\PDF Split And Merge
O43 - CFD: 01/02/2015 - 10:18:12 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\CopyTrans Control Center
O43 - CFD: 03/02/2015 - 22:36:30 - [] ----D C:\Documents and Settings\NetS\Menu Démarrer\Programmes\FormatFactory
~ Program Folder: 167 Scanned in 00mn 00s
---\\ Last modified or created files under Windows and Sy
alpha761
Messages postés
17
Date d'inscription
dimanche 25 mai 2008
Statut
Membre
Dernière intervention
26 février 2015
5 févr. 2015 à 12:08
5 févr. 2015 à 12:08
je sais pa mais c'est celui la le rapport que j'ai
alpha761
Messages postés
17
Date d'inscription
dimanche 25 mai 2008
Statut
Membre
Dernière intervention
26 février 2015
5 févr. 2015 à 13:12
5 févr. 2015 à 13:12
tu peus expliquer comment est ce rapport (un exemplaire ou klk chose )
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
5 févr. 2015 à 13:14
5 févr. 2015 à 13:14
alpha761
Messages postés
17
Date d'inscription
dimanche 25 mai 2008
Statut
Membre
Dernière intervention
26 février 2015
5 févr. 2015 à 14:55
5 févr. 2015 à 14:55
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
5 févr. 2015 à 15:02
5 févr. 2015 à 15:02
Alpha
# Télécharge UsbFix par El Desaparecido sur ton Bureau.
# Si ton antivirus affiche une alerte, ignore-la et désactive l'antivirus temporairement.
# Branche toutes tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.
# Double clique sur UsbFix.exe.
# Clique sur Options, dans le menu BBCode choisis CCM.
# Valide en cliquant sur Appliquer.
# UsbFix se relancera pour prendre en compte tes réglages.
# Clique maintenant sur Nettoyage.
# Laisse travailler l'outil, ton bureau ne sera pas accessible durant la phase de nettoyage, c'est normal.
# À la fin du scan, un rapport va s'afficher, poste-le dans ta prochaine réponse sur le forum.
# Le rapport est aussi sauvegardé à la racine du disque système.
(C:\Usbfix\Log\UsbFix [Clean ...txt).
( CTRL+A pour sélectionner, CTRL+C pour copier et CTRL+V pour coller )
# ->> Tutoriel (aide) en images sur le site de l'auteur.
# Télécharge UsbFix par El Desaparecido sur ton Bureau.
# Si ton antivirus affiche une alerte, ignore-la et désactive l'antivirus temporairement.
# Branche toutes tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.
# Double clique sur UsbFix.exe.
# Clique sur Options, dans le menu BBCode choisis CCM.
# Valide en cliquant sur Appliquer.
# UsbFix se relancera pour prendre en compte tes réglages.
# Clique maintenant sur Nettoyage.
# Laisse travailler l'outil, ton bureau ne sera pas accessible durant la phase de nettoyage, c'est normal.
# À la fin du scan, un rapport va s'afficher, poste-le dans ta prochaine réponse sur le forum.
# Le rapport est aussi sauvegardé à la racine du disque système.
(C:\Usbfix\Log\UsbFix [Clean ...txt).
( CTRL+A pour sélectionner, CTRL+C pour copier et CTRL+V pour coller )
# ->> Tutoriel (aide) en images sur le site de l'auteur.
alpha761
Messages postés
17
Date d'inscription
dimanche 25 mai 2008
Statut
Membre
Dernière intervention
26 février 2015
5 févr. 2015 à 15:57
5 févr. 2015 à 15:57
j'ai finis ! que faire apres ?
alpha761
Messages postés
17
Date d'inscription
dimanche 25 mai 2008
Statut
Membre
Dernière intervention
26 février 2015
5 févr. 2015 à 15:58
5 févr. 2015 à 15:58
je n'arrive pas a coller le rapport cic !
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
5 févr. 2015 à 15:59
5 févr. 2015 à 15:59
Me poster le rapport ^^
alpha761
Messages postés
17
Date d'inscription
dimanche 25 mai 2008
Statut
Membre
Dernière intervention
26 février 2015
5 févr. 2015 à 16:02
5 févr. 2015 à 16:02
je fais copier et quand je colle ici je valide mais mais ne s'afiche pas dans la discusion
alpha761
Messages postés
17
Date d'inscription
dimanche 25 mai 2008
Statut
Membre
Dernière intervention
26 février 2015
5 févr. 2015 à 16:02
5 févr. 2015 à 16:02
############################## | UsbFix V 7.812 | [Nettoyage]
Utilisateur: NetS (Administrateur) # SERVEUR
Mis à jour le 03/02/2015 par El Desaparecido - SosVirus
Lancé à 15:27:08 | 05/02/2015
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Assistance : https://depannageinformatique.org/acheter/reservation/?f=6
Détection en Live : http://comment-supprimer.fr/
Contact : https://www.usb-antivirus.com/fr/contact/
################## | System information |
CPU: Intel(R) Pentium(R) 4 CPU 3.00GHz
RAM -> [Total : 1982 Mo | Free : 773 Mo]
Boot: Normal boot
OS: Microsoft Windows XP (5.1.2600 32-Bit) Service Pack 3
WB: Internet Explorer : 6.00.2900.5512
WB: Google Chrome : 40.0.2214.94
WB: Mozilla Firefox : 35.0.1
################## | Security Information |
FW: Windows Firewall [Actif]
SC: Security Center [(!) Désactivé]
WU: Windows Update [(!) Désactivé]
################## | Disk Information |
C:\ (%SystemDrive%) -> Disque fixe # 68 Go (38 Go libre(s) - 56%) [] # FAT32
D:\ -> Disque fixe # 68 Go (23 Go libre(s) - 34%) [] # FAT32
E:\ -> Disque fixe # 98 Go (269 Mo libre(s) - 0%) [disque local(E:)] # NTFS
F:\ -> Disque fixe # 98 Go (43 Go libre(s) - 44%) [MOHAMED] # FAT32
G:\ -> Disque fixe # 134 Go (5 Go libre(s) - 3%) [] # NTFS
I:\ -> Disque amovible # 4 Go (4 Go libre(s) - 97%) [] # FAT32
################## | Recherche générique |
Supprimé! I:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx
Supprimé! I:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665
Supprimé! C:\WINDOWS\system32\tools\hide.exe
Supprimé! D:\Skypee\AutoIt3.exe
Supprimé! D:\Skypee\googleupdate.a3x
Supprimé! D:\Skypee
Supprimé! E:\Skypee\AutoIt3.exe
Supprimé! E:\Skypee\googleupdate.a3x
Supprimé! E:\Skypee
Supprimé! F:\Skypee\AutoIt3.exe
Supprimé! F:\Skypee\googleupdate.a3x
Supprimé! F:\Skypee
Supprimé! G:\Skypee\AutoIt3.exe
Supprimé! G:\Skypee\googleupdate.a3x
Supprimé! G:\Skypee
(!) Fichiers temporaires supprimés. (136.512642860413 MB)
################## | Registre |
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] Explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\WINDOWS\system32\userinit.exe,
04 - HKCU\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
04 - HKCU\..\Run : [IDMan] C:\DOCUME~1\NetS\LOCALS~1\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe /onboot
04 - HKCU\..\Run : [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX130"
04 - HKCU\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKLM\..\Run : [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
04 - HKLM\..\Run : [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
04 - HKLM\..\Run : [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
04 - HKLM\..\Run : [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [RTHDCPL] RTHDCPL.EXE
04 - HKLM\..\Run : [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
04 - HKLM\..\Run : [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
04 - HKLM\..\Run : [Persistence] C:\WINDOWS\system32\igfxpers.exe
04 - HKLM\..\Run : [VTTimer] VTTimer.exe
04 - HKLM\..\Run : [S3Trayp] S3trayp.exe
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
04 - HKLM\..\Run : [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files\Ringz Studio\Storm Codec\QTTask.exe" -atboottime
04 - HKU\S-1-5-19\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-20\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
04 - HKU\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run : [IDMan] C:\DOCUME~1\NetS\LOCALS~1\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe /onboot
04 - HKU\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run : [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX130"
04 - HKU\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-18\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
################## | UsbFix - Information |
Info : Comment supprimer l'infection des raccourcis sur USB ? (Video)
Info : L'infection des raccourcis USB, c'est quoi ?
Détection en Live : http://comment-supprimer.fr/
################## | Hijack |
################## | C:\ %SystemDrive% - Disque Fixe (FAT32) |
[17/09/2009 - 11:30:32 | RASH | 0 Ko] - C:\IO.SYS
[17/09/2009 - 11:30:32 | RASH | 0 Ko] - C:\MSDOS.SYS
[17/09/2009 - 11:30:32 | A | 0 Ko] - C:\CONFIG.SYS
[05/02/2015 - 10:07:48 | ASH | 1474560 Ko] - C:\pagefile.sys
[17/09/2009 - 14:13:06 | N | 0 Ko] - C:\sqmnoopt00.sqm
[17/09/2009 - 14:13:06 | N | 0 Ko] - C:\sqmdata00.sqm
[05/02/2015 - 15:27:26 | A | 13 Ko] - C:\PDOXUSRS.NET
[05/02/2015 - 15:04:20 | D] - C:\Config.Msi
[28/10/2009 - 17:14:08 | A | 2 Ko] - C:\RHDSetup.log
[19/04/2010 - 10:14:34 | A | 0 Ko] - C:\dfinstall.log
[19/04/2010 - 08:56:42 | ASH | 0 Ko] - C:\boot.ini
[29/12/2004 - 06:57:36 | RA | 17 Ko] - C:\DBI.EXE
[15/04/2008 - 18:00:00 | N | 46 Ko] - C:\NTDETECT.COM
[07/09/2002 - 00:00:00 | N | 5 Ko] - C:\Bootfont.bin
[05/02/2015 - 14:41:02 | A | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[17/09/2009 - 11:30:32 | A | 0 Ko] - C:\AUTOEXEC.BAT
[05/02/2015 - 09:57:50 | D] - C:\FOUND.003
[04/02/2015 - 09:30:36 | D] - C:\FOUND.002
[03/02/2015 - 09:14:38 | D] - C:\FOUND.001
[01/02/2015 - 10:02:36 | SHD] - C:\FOUND.000
[11/10/2003 - 21:49:54 | D] - C:\Pink Panther
[15/04/2008 - 18:00:00 | RASH | 244 Ko] - C:\ntldr
[28/04/2009 - 14:28:52 | D] - C:\Yamaha Supercross
[17/09/2009 - 10:59:00 | D] - C:\WINDOWS
[17/09/2009 - 11:03:14 | D] - C:\Documents and Settings
[17/09/2009 - 11:29:32 | RD] - C:\Program Files
[17/09/2009 - 14:13:42 | D] - C:\Recycled
[28/10/2009 - 17:04:28 | D] - C:\Intel
[26/11/2014 - 10:59:40 | RHD] - C:\MSOCache
[05/02/2015 - 14:39:36 | A | 0 Ko] - C:\Documents
[05/02/2015 - 15:22:04 | D] - C:\UsbFix
################## | D:\ - Disque Fixe (FAT32) |
[10/06/2014 - 16:59:54 | N | 0 Ko] - D:\~$moh.khiat.xlsx
[08/12/2014 - 12:37:04 | D] - D:\msdownld.tmp
[15/07/2009 - 11:33:44 | N | 536016 Ko] - D:\music international.mp4
[23/05/2013 - 21:43:34 | D] - D:\AUTORUN.INF
[27/11/2014 - 12:32:50 | N | 2220862 Ko] - D:\image001.GHS
[27/11/2014 - 12:29:12 | N | 4177920 Ko] - D:\imagegood.GHO
[17/09/2009 - 14:22:20 | D] - D:\Downloads
[05/09/2012 - 18:25:44 | D] - D:\photou de mimina
[02/01/2013 - 14:54:48 | D] - D:\sabrinaa_inf2013
[16/08/2013 - 10:02:38 | D] - D:\Skype
[16/08/2013 - 10:03:58 | D] - D:\ziwa
[28/10/2013 - 15:30:26 | D] - D:\Office 2010 32Bit By issame Mcd
[24/06/2014 - 20:15:42 | D] - D:\br
[25/06/2014 - 18:20:36 | D] - D:\PES_2009_DEMO
[13/08/2014 - 12:53:20 | D] - D:\matche algerie
[13/08/2014 - 13:11:20 | D] - D:\document word
[31/08/2014 - 12:34:20 | D] - D:\Recycled
[24/09/2014 - 11:37:20 | D] - D:\travail
[30/10/2014 - 07:10:04 | D] - D:\????? ???? ????? ?????? ???????
[30/11/2014 - 18:17:38 | D] - D:\FFOutput
[20/12/2014 - 11:00:46 | D] - D:\alalaa
[20/12/2014 - 14:52:54 | D] - D:\GTA2
[31/01/2015 - 10:37:24 | D] - D:\Nouveau dossier
################## | E:\ - Disque Fixe (NTFS) |
[30/06/2013 - 18:15:22 | N | 11 Ko] - E:\Classeur1.xlsx
[26/11/2012 - 19:38:28 | N | 459 Ko] - E:\?????? ???????.pdf
[16/03/2013 - 19:32:00 | N | 153 Ko] - E:\?????? ? ???????.pdf
[25/10/2014 - 19:32:04 | N | 1554887 Ko] - E:\BKEP1HD.MP4
[11/04/2013 - 11:48:46 | N | 5266 Ko] - E:\iqraa kitab allah.mp3
[31/01/2015 - 12:18:55 | A | 26 Ko] - E:\10926382_415718228594593_1017076905658457267_n.jpg
[12/01/2015 - 11:55:36 | D] - E:\AUTORUN.INF
[16/08/2013 - 11:58:45 | N | 3778750 Ko] - E:\serveur.GHO
[14/07/2012 - 13:11:22 | N | 16749 Ko] - E:\??? ????? ???????- YouTube.FLV
[31/03/2014 - 07:59:21 | SH | 60 Ko] - E:\Thumbs.db
[17/07/2014 - 09:14:46 | SHD] - E:\RECYCLER
[26/11/2014 - 12:00:58 | D] - E:\e
[26/11/2014 - 12:01:34 | D] - E:\abdel hamide kashk
[27/11/2014 - 10:33:58 | D] - E:\Compilation chaabi
[27/11/2014 - 10:34:40 | D] - E:\English
[27/11/2014 - 10:34:54 | D] - E:\GTA San Andreas Turbo_XD Mod v2
[27/11/2014 - 10:35:21 | D] - E:\khodir photo
[27/11/2014 - 10:35:30 | D] - E:\malouf
[27/11/2014 - 10:36:06 | D] - E:\musique
[27/11/2014 - 10:36:19 | D] - E:\??? ?????? secteur
[27/11/2014 - 10:36:26 | D] - E:\??? ?? ?????????
[27/11/2014 - 10:36:34 | D] - E:\???? ????
[05/01/2015 - 23:16:44 | D] - E:\Med
[07/01/2015 - 15:14:11 | D] - E:\Nouveau dossier film
[08/01/2015 - 19:44:28 | D] - E:\Music Atef 2015
[24/01/2015 - 23:21:14 | D] - E:\atef nedjar
################## | F:\ - Disque Fixe (FAT32) |
[28/09/2013 - 13:36:44 | A | 13 Ko] - F:\produit.xlsx
[13/09/2011 - 13:31:02 | A | 353 Ko] - F:\??????.xls
[01/04/2014 - 15:59:42 | A | 1461 Ko] - F:\Rapport hebdomadaire MARS.xls
[14/01/2008 - 19:33:44 | A | 5347 Ko] - F:\_IRE3.WMV
[12/11/2012 - 12:18:18 | A | 0 Ko] - F:\messaoud.txt
[12/05/2013 - 20:11:24 | A | 0 Ko] - F:\hakimboutelaa.txt
[11/06/2013 - 20:31:06 | A | 0 Ko] - F:\rdp.txt
[11/06/2014 - 12:10:46 | A | 0 Ko] - F:\mouna.txt
[28/12/2014 - 12:46:30 | A | 1 Ko] - F:\hamam.txt
[15/02/2012 - 13:00:12 | N | 1066 Ko] - F:\ordonance rabah.tif
[29/05/2013 - 12:03:42 | A | 34 Ko] - F:\????????? ????????? ??????????? ???????.rar
[25/12/2013 - 17:03:18 | A | 1054 Ko] - F:\flash pour epson.rar
[06/03/2006 - 17:22:28 | A | 679 Ko] - F:\??? ???????? 2.pps
[04/02/2012 - 19:53:08 | A | 588 Ko] - F:\demande-certificat-selection-dyn.pdf
[27/01/2014 - 14:11:18 | A | 582 Ko] - F:\???? ????.pdf
[27/01/2014 - 14:11:22 | A | 582 Ko] - F:\???? ??????.pdf
[15/01/2015 - 13:19:28 | A | 344 Ko] - F:\C.V..pdf
[28/09/2013 - 08:03:28 | A | 4472 Ko] - F:\02 Desert Rose.mp3
[03/11/2011 - 16:07:10 | N | 59 Ko] - F:\Photo 002.jpg
[11/11/2011 - 17:51:10 | A | 36 Ko] - F:\alpha.jpg
[28/02/2012 - 14:39:08 | A | 774 Ko] - F:\Photo0405.jpg
[28/02/2012 - 14:45:44 | A | 902 Ko] - F:\Photo0406.jpg
[06/11/2012 - 10:58:42 | N | 674 Ko] - F:\Photo1213.jpg
[01/12/2012 - 12:49:58 | N | 948 Ko] - F:\Photo1249.jpg
[28/09/2013 - 07:54:04 | N | 2 Ko] - F:\AlbumArt_{9084CE7A-82D2-4BFB-86AA-650B38B81F81}_Small.jpg
[28/09/2013 - 07:54:04 | N | 2 Ko] - F:\AlbumArtSmall.jpg
[28/09/2013 - 07:54:04 | N | 8 Ko] - F:\AlbumArt_{9084CE7A-82D2-4BFB-86AA-650B38B81F81}_Large.jpg
[28/09/2013 - 07:54:04 | N | 8 Ko] - F:\Folder.jpg
[03/11/2014 - 15:06:04 | A | 135 Ko] - F:\LA FEUILLE DE CH?NE ET LE GLAND _ Mandrine6's Blog.htm
[14/01/2013 - 20:10:16 | A | 5882 Ko] - F:\TeraSoft2.exe
[08/02/2014 - 20:14:12 | A | 4788 Ko] - F:\tzsb.exe
[01/12/2011 - 12:30:32 | A | 13 Ko] - F:\bougharouat.docx
[16/01/2012 - 11:46:20 | A | 262 Ko] - F:\155-374.docx
[01/02/2012 - 22:57:46 | A | 13 Ko] - F:\facture telephone.docx
[28/06/2012 - 16:00:20 | A | 128 Ko] - F:\liesse.docx
[07/01/2013 - 13:44:58 | A | 15 Ko] - F:\??????? ??????? ?????? ??? ??????? 2013.docx
[27/04/2013 - 14:56:14 | A | 21 Ko] - F:\zoheir boulkalia.docx
[15/05/2013 - 19:18:14 | A | 30 Ko] - F:\????????? ????????? ??????????? ???????1.docx
[19/09/2013 - 09:57:38 | N | 0 Ko] - F:\~$C.V..docx
[04/11/2013 - 09:22:34 | N | 0 Ko] - F:\~$DE ACCEE.docx
[26/04/2014 - 13:37:20 | A | 12 Ko] - F:\????.docx
[03/05/2014 - 14:19:34 | A | 34 Ko] - F:\????????? ????????? ??????????? ???????.docx
[08/07/2014 - 11:15:50 | A | 18 Ko] - F:\boudjeriou halim cv.docx
[24/12/2014 - 10:29:58 | A | 18 Ko] - F:\?? ????? ??????? ??? ???????.docx
[15/01/2015 - 13:18:28 | A | 44 Ko] - F:\C.V..docx
[22/11/2011 - 20:41:12 | A | 26 Ko] - F:\bourechak.doc
[31/12/2012 - 19:21:28 | N | 0 Ko] - F:\~$????.doc
[18/01/2015 - 11:29:46 | A | 48 Ko] - F:\attestation de travail.doc
[15/01/2015 - 13:36:14 | ASH | 66 Ko] - F:\Thumbs.db
[24/07/2012 - 22:40:08 | A | 2089 Ko] - F:\Ghost Boot CD.daa
[11/11/2011 - 17:51:10 | A | 358 Ko] - F:\alpha.bcw
[29/09/2010 - 20:15:18 | A | 712986 Ko] - F:\Solomon.Kane.avi
[25/07/2011 - 10:45:22 | D] - F:\Google Chrome 3.0.195.21
[01/09/2007 - 05:15:00 | D] - F:\program1
[29/07/2011 - 17:09:20 | D] - F:\COURS PHOTOSHOP
[04/08/2011 - 11:44:54 | D] - F:\Favoris
[04/08/2011 - 14:18:16 | D] - F:\word
[07/08/2011 - 11:43:16 | D] - F:\DOCUMENTS
[10/08/2011 - 21:49:10 | D] - F:\mr bean
[16/08/2011 - 21:57:06 | D] - F:\samah
[09/11/2011 - 14:24:36 | D] - F:\photoshop7me
[14/12/2011 - 17:07:22 | D] - F:\EnglishLearning ????? ????? ?????????? ??????
[16/01/2012 - 11:30:58 | D] - F:\LIVRE
[09/03/2012 - 22:12:02 | D] - F:\keny G+turk
[02/04/2012 - 19:15:34 | D] - F:\CANADA
[06/09/2012 - 20:12:40 | D] - F:\cd
[17/10/2012 - 08:24:06 | D] - F:\????? ????? ??????
[19/11/2012 - 11:21:32 | D] - F:\PHOTO
[08/01/2013 - 18:15:18 | D] - F:\POWER POINT DE 2ème AM SC
[02/02/2013 - 05:15:40 | D] - F:\FONT
[02/02/2013 - 05:34:06 | D] - F:\foto
[16/02/2013 - 07:06:28 | D] - F:\blog
[30/04/2013 - 21:38:28 | D] - F:\key
[22/05/2013 - 20:46:02 | D] - F:\BOULABIZA FIN
[23/05/2013 - 21:43:34 | D] - F:\1
[02/09/2013 - 12:47:14 | D] - F:\site
[01/10/2013 - 18:45:52 | D] - F:\Nouveau dossier
[25/12/2013 - 14:17:42 | D] - F:\internet
[30/03/2014 - 09:20:08 | D] - F:\salah namouchi
[20/05/2014 - 08:09:30 | D] - F:\Recycled
[03/08/2014 - 11:08:36 | D] - F:\travail
[04/08/2014 - 15:34:48 | D] - F:\?????? ???????_fichiers
[13/08/2014 - 14:54:18 | D] - F:\memoir
[29/10/2014 - 11:03:02 | D] - F:\??????
[03/11/2014 - 15:05:44 | D] - F:\LA FEUILLE DE CH?NE ET LE GLAND _ Mandrine6's Blog_fichiers
[05/12/2014 - 17:23:30 | D] - F:\ammar medjrab
[17/12/2014 - 11:03:38 | D] - F:\font arab
[06/01/2015 - 16:25:58 | D] - F:\Marseille Bejaia PROMOTIONS billet bateaux pas cher Marseille Bejaia_files
[03/02/2015 - 22:36:40 | D] - F:\FFOutput
################## | G:\ - Disque Fixe (NTFS) |
[30/04/2014 - 21:57:24 | N | 83076 Ko] - G:\avast-2014-9.0+serial.zip
[26/11/2014 - 12:14:48 | D] - G:\Ridge.Racer.Unbounded-SKIDROW
[06/02/2014 - 18:07:42 | N | 1216 Ko] - G:\Image.nrg
[29/07/2013 - 11:54:06 | N | 661824 Ko] - G:\Windows XP Professional 32-bit - Black Edition v2009.1.24.iso
[12/01/2015 - 11:55:38 | D] - G:\AUTORUN.INF
[28/07/2013 - 13:15:19 | N | 4607840 Ko] - G:\post08nouveau.GHO
[16/01/2012 - 11:46:20 | N | 262 Ko] - G:\155-374.docx
[22/01/2012 - 12:00:22 | N | 249 Ko] - G:\375-588.docx
[22/01/2012 - 12:19:42 | N | 465 Ko] - G:\155-588.docx
[03/08/2013 - 23:19:46 | N | 24 Ko] - G:\?????01.06.2013.docx
[03/08/2013 - 23:22:14 | N | 20 Ko] - G:\cahier de charge marché.docx
[26/11/2014 - 10:08:32 | D] - G:\avast-2014-9.0+serial
[06/08/2014 - 23:32:51 | SHD] - G:\RECYCLER
[26/11/2014 - 12:14:30 | D] - G:\40000_lettres_types_correspondance
[26/11/2014 - 12:14:43 | D] - G:\INF
[26/11/2014 - 12:14:52 | D] - G:\Star Wars Galactic Battlegrounds
[26/11/2014 - 12:14:58 | D] - G:\Top dance 2010 ringtones volume1
[26/11/2014 - 12:15:04 | D] - G:\???????
[07/12/2014 - 19:10:22 | D] - G:\G
[24/12/2014 - 11:09:13 | D] - G:\DIPLOME
[22/01/2015 - 14:14:50 | D] - G:\3d ?????
################## | I:\ - Disque USB (FAT32) |
[08/01/2015 - 21:27:00 | A | 353 Ko] - I:\img381.jpg
[29/01/2015 - 11:49:32 | N | 248 Ko] - I:\P29-01-15_11.49.jpg
[29/01/2015 - 11:50:08 | N | 278 Ko] - I:\P29-01-15_11.50.jpg
[29/01/2015 - 16:59:46 | A | 31 Ko] - I:\10488319_1575629312651497_1900598688835315178_n.jpg
[29/01/2015 - 15:39:24 | A | 107256 Ko] - I:\iTunesSetup.exe
[29/01/2015 - 16:07:36 | A | 5160 Ko] - I:\Install_CopyTransControlCenter.exe
[27/01/2015 - 12:24:44 | D] - I:\gggggg
[27/01/2015 - 12:30:18 | D] - I:\Nouveau dossier (8)
[29/01/2015 - 15:47:06 | RSHD] - I:\RECYCLER
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | https://www.sosvirus.net/ | https://www.usbfix.net/ |
Utilisateur: NetS (Administrateur) # SERVEUR
Mis à jour le 03/02/2015 par El Desaparecido - SosVirus
Lancé à 15:27:08 | 05/02/2015
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Assistance : https://depannageinformatique.org/acheter/reservation/?f=6
Détection en Live : http://comment-supprimer.fr/
Contact : https://www.usb-antivirus.com/fr/contact/
################## | System information |
CPU: Intel(R) Pentium(R) 4 CPU 3.00GHz
RAM -> [Total : 1982 Mo | Free : 773 Mo]
Boot: Normal boot
OS: Microsoft Windows XP (5.1.2600 32-Bit) Service Pack 3
WB: Internet Explorer : 6.00.2900.5512
WB: Google Chrome : 40.0.2214.94
WB: Mozilla Firefox : 35.0.1
################## | Security Information |
FW: Windows Firewall [Actif]
SC: Security Center [(!) Désactivé]
WU: Windows Update [(!) Désactivé]
################## | Disk Information |
C:\ (%SystemDrive%) -> Disque fixe # 68 Go (38 Go libre(s) - 56%) [] # FAT32
D:\ -> Disque fixe # 68 Go (23 Go libre(s) - 34%) [] # FAT32
E:\ -> Disque fixe # 98 Go (269 Mo libre(s) - 0%) [disque local(E:)] # NTFS
F:\ -> Disque fixe # 98 Go (43 Go libre(s) - 44%) [MOHAMED] # FAT32
G:\ -> Disque fixe # 134 Go (5 Go libre(s) - 3%) [] # NTFS
I:\ -> Disque amovible # 4 Go (4 Go libre(s) - 97%) [] # FAT32
################## | Recherche générique |
Supprimé! I:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx
Supprimé! I:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665
Supprimé! C:\WINDOWS\system32\tools\hide.exe
Supprimé! D:\Skypee\AutoIt3.exe
Supprimé! D:\Skypee\googleupdate.a3x
Supprimé! D:\Skypee
Supprimé! E:\Skypee\AutoIt3.exe
Supprimé! E:\Skypee\googleupdate.a3x
Supprimé! E:\Skypee
Supprimé! F:\Skypee\AutoIt3.exe
Supprimé! F:\Skypee\googleupdate.a3x
Supprimé! F:\Skypee
Supprimé! G:\Skypee\AutoIt3.exe
Supprimé! G:\Skypee\googleupdate.a3x
Supprimé! G:\Skypee
(!) Fichiers temporaires supprimés. (136.512642860413 MB)
################## | Registre |
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] Explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\WINDOWS\system32\userinit.exe,
04 - HKCU\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
04 - HKCU\..\Run : [IDMan] C:\DOCUME~1\NetS\LOCALS~1\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe /onboot
04 - HKCU\..\Run : [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX130"
04 - HKCU\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKLM\..\Run : [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
04 - HKLM\..\Run : [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
04 - HKLM\..\Run : [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
04 - HKLM\..\Run : [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [RTHDCPL] RTHDCPL.EXE
04 - HKLM\..\Run : [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
04 - HKLM\..\Run : [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
04 - HKLM\..\Run : [Persistence] C:\WINDOWS\system32\igfxpers.exe
04 - HKLM\..\Run : [VTTimer] VTTimer.exe
04 - HKLM\..\Run : [S3Trayp] S3trayp.exe
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
04 - HKLM\..\Run : [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files\Ringz Studio\Storm Codec\QTTask.exe" -atboottime
04 - HKU\S-1-5-19\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-20\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
04 - HKU\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
04 - HKU\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run : [IDMan] C:\DOCUME~1\NetS\LOCALS~1\Temp\Rar$EX00.891\IDMPortable\App\Internet Download Manager\IDMan.exe /onboot
04 - HKU\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run : [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX130"
04 - HKU\S-1-5-21-448539723-1532298954-1606980848-1003\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-18\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
################## | UsbFix - Information |
Info : Comment supprimer l'infection des raccourcis sur USB ? (Video)
Info : L'infection des raccourcis USB, c'est quoi ?
Détection en Live : http://comment-supprimer.fr/
################## | Hijack |
################## | C:\ %SystemDrive% - Disque Fixe (FAT32) |
[17/09/2009 - 11:30:32 | RASH | 0 Ko] - C:\IO.SYS
[17/09/2009 - 11:30:32 | RASH | 0 Ko] - C:\MSDOS.SYS
[17/09/2009 - 11:30:32 | A | 0 Ko] - C:\CONFIG.SYS
[05/02/2015 - 10:07:48 | ASH | 1474560 Ko] - C:\pagefile.sys
[17/09/2009 - 14:13:06 | N | 0 Ko] - C:\sqmnoopt00.sqm
[17/09/2009 - 14:13:06 | N | 0 Ko] - C:\sqmdata00.sqm
[05/02/2015 - 15:27:26 | A | 13 Ko] - C:\PDOXUSRS.NET
[05/02/2015 - 15:04:20 | D] - C:\Config.Msi
[28/10/2009 - 17:14:08 | A | 2 Ko] - C:\RHDSetup.log
[19/04/2010 - 10:14:34 | A | 0 Ko] - C:\dfinstall.log
[19/04/2010 - 08:56:42 | ASH | 0 Ko] - C:\boot.ini
[29/12/2004 - 06:57:36 | RA | 17 Ko] - C:\DBI.EXE
[15/04/2008 - 18:00:00 | N | 46 Ko] - C:\NTDETECT.COM
[07/09/2002 - 00:00:00 | N | 5 Ko] - C:\Bootfont.bin
[05/02/2015 - 14:41:02 | A | 1 Ko] - C:\PhysicalDisk0_MBR.bin
[17/09/2009 - 11:30:32 | A | 0 Ko] - C:\AUTOEXEC.BAT
[05/02/2015 - 09:57:50 | D] - C:\FOUND.003
[04/02/2015 - 09:30:36 | D] - C:\FOUND.002
[03/02/2015 - 09:14:38 | D] - C:\FOUND.001
[01/02/2015 - 10:02:36 | SHD] - C:\FOUND.000
[11/10/2003 - 21:49:54 | D] - C:\Pink Panther
[15/04/2008 - 18:00:00 | RASH | 244 Ko] - C:\ntldr
[28/04/2009 - 14:28:52 | D] - C:\Yamaha Supercross
[17/09/2009 - 10:59:00 | D] - C:\WINDOWS
[17/09/2009 - 11:03:14 | D] - C:\Documents and Settings
[17/09/2009 - 11:29:32 | RD] - C:\Program Files
[17/09/2009 - 14:13:42 | D] - C:\Recycled
[28/10/2009 - 17:04:28 | D] - C:\Intel
[26/11/2014 - 10:59:40 | RHD] - C:\MSOCache
[05/02/2015 - 14:39:36 | A | 0 Ko] - C:\Documents
[05/02/2015 - 15:22:04 | D] - C:\UsbFix
################## | D:\ - Disque Fixe (FAT32) |
[10/06/2014 - 16:59:54 | N | 0 Ko] - D:\~$moh.khiat.xlsx
[08/12/2014 - 12:37:04 | D] - D:\msdownld.tmp
[15/07/2009 - 11:33:44 | N | 536016 Ko] - D:\music international.mp4
[23/05/2013 - 21:43:34 | D] - D:\AUTORUN.INF
[27/11/2014 - 12:32:50 | N | 2220862 Ko] - D:\image001.GHS
[27/11/2014 - 12:29:12 | N | 4177920 Ko] - D:\imagegood.GHO
[17/09/2009 - 14:22:20 | D] - D:\Downloads
[05/09/2012 - 18:25:44 | D] - D:\photou de mimina
[02/01/2013 - 14:54:48 | D] - D:\sabrinaa_inf2013
[16/08/2013 - 10:02:38 | D] - D:\Skype
[16/08/2013 - 10:03:58 | D] - D:\ziwa
[28/10/2013 - 15:30:26 | D] - D:\Office 2010 32Bit By issame Mcd
[24/06/2014 - 20:15:42 | D] - D:\br
[25/06/2014 - 18:20:36 | D] - D:\PES_2009_DEMO
[13/08/2014 - 12:53:20 | D] - D:\matche algerie
[13/08/2014 - 13:11:20 | D] - D:\document word
[31/08/2014 - 12:34:20 | D] - D:\Recycled
[24/09/2014 - 11:37:20 | D] - D:\travail
[30/10/2014 - 07:10:04 | D] - D:\????? ???? ????? ?????? ???????
[30/11/2014 - 18:17:38 | D] - D:\FFOutput
[20/12/2014 - 11:00:46 | D] - D:\alalaa
[20/12/2014 - 14:52:54 | D] - D:\GTA2
[31/01/2015 - 10:37:24 | D] - D:\Nouveau dossier
################## | E:\ - Disque Fixe (NTFS) |
[30/06/2013 - 18:15:22 | N | 11 Ko] - E:\Classeur1.xlsx
[26/11/2012 - 19:38:28 | N | 459 Ko] - E:\?????? ???????.pdf
[16/03/2013 - 19:32:00 | N | 153 Ko] - E:\?????? ? ???????.pdf
[25/10/2014 - 19:32:04 | N | 1554887 Ko] - E:\BKEP1HD.MP4
[11/04/2013 - 11:48:46 | N | 5266 Ko] - E:\iqraa kitab allah.mp3
[31/01/2015 - 12:18:55 | A | 26 Ko] - E:\10926382_415718228594593_1017076905658457267_n.jpg
[12/01/2015 - 11:55:36 | D] - E:\AUTORUN.INF
[16/08/2013 - 11:58:45 | N | 3778750 Ko] - E:\serveur.GHO
[14/07/2012 - 13:11:22 | N | 16749 Ko] - E:\??? ????? ???????- YouTube.FLV
[31/03/2014 - 07:59:21 | SH | 60 Ko] - E:\Thumbs.db
[17/07/2014 - 09:14:46 | SHD] - E:\RECYCLER
[26/11/2014 - 12:00:58 | D] - E:\e
[26/11/2014 - 12:01:34 | D] - E:\abdel hamide kashk
[27/11/2014 - 10:33:58 | D] - E:\Compilation chaabi
[27/11/2014 - 10:34:40 | D] - E:\English
[27/11/2014 - 10:34:54 | D] - E:\GTA San Andreas Turbo_XD Mod v2
[27/11/2014 - 10:35:21 | D] - E:\khodir photo
[27/11/2014 - 10:35:30 | D] - E:\malouf
[27/11/2014 - 10:36:06 | D] - E:\musique
[27/11/2014 - 10:36:19 | D] - E:\??? ?????? secteur
[27/11/2014 - 10:36:26 | D] - E:\??? ?? ?????????
[27/11/2014 - 10:36:34 | D] - E:\???? ????
[05/01/2015 - 23:16:44 | D] - E:\Med
[07/01/2015 - 15:14:11 | D] - E:\Nouveau dossier film
[08/01/2015 - 19:44:28 | D] - E:\Music Atef 2015
[24/01/2015 - 23:21:14 | D] - E:\atef nedjar
################## | F:\ - Disque Fixe (FAT32) |
[28/09/2013 - 13:36:44 | A | 13 Ko] - F:\produit.xlsx
[13/09/2011 - 13:31:02 | A | 353 Ko] - F:\??????.xls
[01/04/2014 - 15:59:42 | A | 1461 Ko] - F:\Rapport hebdomadaire MARS.xls
[14/01/2008 - 19:33:44 | A | 5347 Ko] - F:\_IRE3.WMV
[12/11/2012 - 12:18:18 | A | 0 Ko] - F:\messaoud.txt
[12/05/2013 - 20:11:24 | A | 0 Ko] - F:\hakimboutelaa.txt
[11/06/2013 - 20:31:06 | A | 0 Ko] - F:\rdp.txt
[11/06/2014 - 12:10:46 | A | 0 Ko] - F:\mouna.txt
[28/12/2014 - 12:46:30 | A | 1 Ko] - F:\hamam.txt
[15/02/2012 - 13:00:12 | N | 1066 Ko] - F:\ordonance rabah.tif
[29/05/2013 - 12:03:42 | A | 34 Ko] - F:\????????? ????????? ??????????? ???????.rar
[25/12/2013 - 17:03:18 | A | 1054 Ko] - F:\flash pour epson.rar
[06/03/2006 - 17:22:28 | A | 679 Ko] - F:\??? ???????? 2.pps
[04/02/2012 - 19:53:08 | A | 588 Ko] - F:\demande-certificat-selection-dyn.pdf
[27/01/2014 - 14:11:18 | A | 582 Ko] - F:\???? ????.pdf
[27/01/2014 - 14:11:22 | A | 582 Ko] - F:\???? ??????.pdf
[15/01/2015 - 13:19:28 | A | 344 Ko] - F:\C.V..pdf
[28/09/2013 - 08:03:28 | A | 4472 Ko] - F:\02 Desert Rose.mp3
[03/11/2011 - 16:07:10 | N | 59 Ko] - F:\Photo 002.jpg
[11/11/2011 - 17:51:10 | A | 36 Ko] - F:\alpha.jpg
[28/02/2012 - 14:39:08 | A | 774 Ko] - F:\Photo0405.jpg
[28/02/2012 - 14:45:44 | A | 902 Ko] - F:\Photo0406.jpg
[06/11/2012 - 10:58:42 | N | 674 Ko] - F:\Photo1213.jpg
[01/12/2012 - 12:49:58 | N | 948 Ko] - F:\Photo1249.jpg
[28/09/2013 - 07:54:04 | N | 2 Ko] - F:\AlbumArt_{9084CE7A-82D2-4BFB-86AA-650B38B81F81}_Small.jpg
[28/09/2013 - 07:54:04 | N | 2 Ko] - F:\AlbumArtSmall.jpg
[28/09/2013 - 07:54:04 | N | 8 Ko] - F:\AlbumArt_{9084CE7A-82D2-4BFB-86AA-650B38B81F81}_Large.jpg
[28/09/2013 - 07:54:04 | N | 8 Ko] - F:\Folder.jpg
[03/11/2014 - 15:06:04 | A | 135 Ko] - F:\LA FEUILLE DE CH?NE ET LE GLAND _ Mandrine6's Blog.htm
[14/01/2013 - 20:10:16 | A | 5882 Ko] - F:\TeraSoft2.exe
[08/02/2014 - 20:14:12 | A | 4788 Ko] - F:\tzsb.exe
[01/12/2011 - 12:30:32 | A | 13 Ko] - F:\bougharouat.docx
[16/01/2012 - 11:46:20 | A | 262 Ko] - F:\155-374.docx
[01/02/2012 - 22:57:46 | A | 13 Ko] - F:\facture telephone.docx
[28/06/2012 - 16:00:20 | A | 128 Ko] - F:\liesse.docx
[07/01/2013 - 13:44:58 | A | 15 Ko] - F:\??????? ??????? ?????? ??? ??????? 2013.docx
[27/04/2013 - 14:56:14 | A | 21 Ko] - F:\zoheir boulkalia.docx
[15/05/2013 - 19:18:14 | A | 30 Ko] - F:\????????? ????????? ??????????? ???????1.docx
[19/09/2013 - 09:57:38 | N | 0 Ko] - F:\~$C.V..docx
[04/11/2013 - 09:22:34 | N | 0 Ko] - F:\~$DE ACCEE.docx
[26/04/2014 - 13:37:20 | A | 12 Ko] - F:\????.docx
[03/05/2014 - 14:19:34 | A | 34 Ko] - F:\????????? ????????? ??????????? ???????.docx
[08/07/2014 - 11:15:50 | A | 18 Ko] - F:\boudjeriou halim cv.docx
[24/12/2014 - 10:29:58 | A | 18 Ko] - F:\?? ????? ??????? ??? ???????.docx
[15/01/2015 - 13:18:28 | A | 44 Ko] - F:\C.V..docx
[22/11/2011 - 20:41:12 | A | 26 Ko] - F:\bourechak.doc
[31/12/2012 - 19:21:28 | N | 0 Ko] - F:\~$????.doc
[18/01/2015 - 11:29:46 | A | 48 Ko] - F:\attestation de travail.doc
[15/01/2015 - 13:36:14 | ASH | 66 Ko] - F:\Thumbs.db
[24/07/2012 - 22:40:08 | A | 2089 Ko] - F:\Ghost Boot CD.daa
[11/11/2011 - 17:51:10 | A | 358 Ko] - F:\alpha.bcw
[29/09/2010 - 20:15:18 | A | 712986 Ko] - F:\Solomon.Kane.avi
[25/07/2011 - 10:45:22 | D] - F:\Google Chrome 3.0.195.21
[01/09/2007 - 05:15:00 | D] - F:\program1
[29/07/2011 - 17:09:20 | D] - F:\COURS PHOTOSHOP
[04/08/2011 - 11:44:54 | D] - F:\Favoris
[04/08/2011 - 14:18:16 | D] - F:\word
[07/08/2011 - 11:43:16 | D] - F:\DOCUMENTS
[10/08/2011 - 21:49:10 | D] - F:\mr bean
[16/08/2011 - 21:57:06 | D] - F:\samah
[09/11/2011 - 14:24:36 | D] - F:\photoshop7me
[14/12/2011 - 17:07:22 | D] - F:\EnglishLearning ????? ????? ?????????? ??????
[16/01/2012 - 11:30:58 | D] - F:\LIVRE
[09/03/2012 - 22:12:02 | D] - F:\keny G+turk
[02/04/2012 - 19:15:34 | D] - F:\CANADA
[06/09/2012 - 20:12:40 | D] - F:\cd
[17/10/2012 - 08:24:06 | D] - F:\????? ????? ??????
[19/11/2012 - 11:21:32 | D] - F:\PHOTO
[08/01/2013 - 18:15:18 | D] - F:\POWER POINT DE 2ème AM SC
[02/02/2013 - 05:15:40 | D] - F:\FONT
[02/02/2013 - 05:34:06 | D] - F:\foto
[16/02/2013 - 07:06:28 | D] - F:\blog
[30/04/2013 - 21:38:28 | D] - F:\key
[22/05/2013 - 20:46:02 | D] - F:\BOULABIZA FIN
[23/05/2013 - 21:43:34 | D] - F:\1
[02/09/2013 - 12:47:14 | D] - F:\site
[01/10/2013 - 18:45:52 | D] - F:\Nouveau dossier
[25/12/2013 - 14:17:42 | D] - F:\internet
[30/03/2014 - 09:20:08 | D] - F:\salah namouchi
[20/05/2014 - 08:09:30 | D] - F:\Recycled
[03/08/2014 - 11:08:36 | D] - F:\travail
[04/08/2014 - 15:34:48 | D] - F:\?????? ???????_fichiers
[13/08/2014 - 14:54:18 | D] - F:\memoir
[29/10/2014 - 11:03:02 | D] - F:\??????
[03/11/2014 - 15:05:44 | D] - F:\LA FEUILLE DE CH?NE ET LE GLAND _ Mandrine6's Blog_fichiers
[05/12/2014 - 17:23:30 | D] - F:\ammar medjrab
[17/12/2014 - 11:03:38 | D] - F:\font arab
[06/01/2015 - 16:25:58 | D] - F:\Marseille Bejaia PROMOTIONS billet bateaux pas cher Marseille Bejaia_files
[03/02/2015 - 22:36:40 | D] - F:\FFOutput
################## | G:\ - Disque Fixe (NTFS) |
[30/04/2014 - 21:57:24 | N | 83076 Ko] - G:\avast-2014-9.0+serial.zip
[26/11/2014 - 12:14:48 | D] - G:\Ridge.Racer.Unbounded-SKIDROW
[06/02/2014 - 18:07:42 | N | 1216 Ko] - G:\Image.nrg
[29/07/2013 - 11:54:06 | N | 661824 Ko] - G:\Windows XP Professional 32-bit - Black Edition v2009.1.24.iso
[12/01/2015 - 11:55:38 | D] - G:\AUTORUN.INF
[28/07/2013 - 13:15:19 | N | 4607840 Ko] - G:\post08nouveau.GHO
[16/01/2012 - 11:46:20 | N | 262 Ko] - G:\155-374.docx
[22/01/2012 - 12:00:22 | N | 249 Ko] - G:\375-588.docx
[22/01/2012 - 12:19:42 | N | 465 Ko] - G:\155-588.docx
[03/08/2013 - 23:19:46 | N | 24 Ko] - G:\?????01.06.2013.docx
[03/08/2013 - 23:22:14 | N | 20 Ko] - G:\cahier de charge marché.docx
[26/11/2014 - 10:08:32 | D] - G:\avast-2014-9.0+serial
[06/08/2014 - 23:32:51 | SHD] - G:\RECYCLER
[26/11/2014 - 12:14:30 | D] - G:\40000_lettres_types_correspondance
[26/11/2014 - 12:14:43 | D] - G:\INF
[26/11/2014 - 12:14:52 | D] - G:\Star Wars Galactic Battlegrounds
[26/11/2014 - 12:14:58 | D] - G:\Top dance 2010 ringtones volume1
[26/11/2014 - 12:15:04 | D] - G:\???????
[07/12/2014 - 19:10:22 | D] - G:\G
[24/12/2014 - 11:09:13 | D] - G:\DIPLOME
[22/01/2015 - 14:14:50 | D] - G:\3d ?????
################## | I:\ - Disque USB (FAT32) |
[08/01/2015 - 21:27:00 | A | 353 Ko] - I:\img381.jpg
[29/01/2015 - 11:49:32 | N | 248 Ko] - I:\P29-01-15_11.49.jpg
[29/01/2015 - 11:50:08 | N | 278 Ko] - I:\P29-01-15_11.50.jpg
[29/01/2015 - 16:59:46 | A | 31 Ko] - I:\10488319_1575629312651497_1900598688835315178_n.jpg
[29/01/2015 - 15:39:24 | A | 107256 Ko] - I:\iTunesSetup.exe
[29/01/2015 - 16:07:36 | A | 5160 Ko] - I:\Install_CopyTransControlCenter.exe
[27/01/2015 - 12:24:44 | D] - I:\gggggg
[27/01/2015 - 12:30:18 | D] - I:\Nouveau dossier (8)
[29/01/2015 - 15:47:06 | RSHD] - I:\RECYCLER
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | https://www.sosvirus.net/ | https://www.usbfix.net/ |
alpha761
Messages postés
17
Date d'inscription
dimanche 25 mai 2008
Statut
Membre
Dernière intervention
26 février 2015
5 févr. 2015 à 16:03
5 févr. 2015 à 16:03
voila le rapport
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
5 févr. 2015 à 16:04
5 févr. 2015 à 16:04
Comme pour zhpdiag tu l'héberge sur cjoint