Bonjour je voudrais de l'aide pour interpreter l'analyse de roguekiller
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: HP_Propriétaire [Droits d'admin]
Mode: Recherche -- Date : 25/09/2011 18:03:31
Processus malicieux: 0
Entrees de registre: 0
Fichiers / Dossiers particuliers:
Driver: [LOADED]
SSDT[257] : NtTerminateProcess @ 0x805C8DA6 -> HOOKED (Unknown @ 0xF7BAC28F)
SSDT[247] : NtSetValueKey @ 0x8061925E -> HOOKED (Unknown @ 0xF7BAC2A8)
SSDT[213] : NtSetContextThread @ 0x805C7A8C -> HOOKED (Unknown @ 0xF7BAC2F3)
SSDT[204] : NtRestoreKey @ 0x8061C6CC -> HOOKED (Unknown @ 0xF7BAC2B7)
SSDT[193] : NtReplaceKey @ 0x8061CDC0 -> HOOKED (Unknown @ 0xF7BAC2BC)
SSDT[128] : NtOpenThread @ 0x805C1684 -> HOOKED (Unknown @ 0xF7BAC285)
SSDT[122] : NtOpenProcess @ 0x805C13F8 -> HOOKED (Unknown @ 0xF7BAC280)
SSDT[98] : NtLoadKey @ 0x8061CF10 -> HOOKED (Unknown @ 0xF7BAC2B2)
SSDT[68] : NtDuplicateObject @ 0x805B39A2 -> HOOKED (Unknown @ 0xF7BAC2DF)
SSDT[65] : NtDeleteValueKey @ 0x8061B358 -> HOOKED (Unknown @ 0xF7BAC2AD)
SSDT[63] : NtDeleteKey @ 0x8061B188 -> HOOKED (Unknown @ 0xF7BAC2A3)
SSDT[53] : NtCreateThread @ 0x805C736A -> HOOKED (Unknown @ 0xF7BAC294)
SSDT[50] : NtCreateSection @ 0x805A0816 -> HOOKED (Unknown @ 0xF7BAC2EE)
SSDT[41] : NtCreateKey @ 0x8061ACEC -> HOOKED (Unknown @ 0xF7BAC29E)
SSDT[25] : NtClose @ 0x805B1D8E -> HOOKED (Unknown @ 0xF7BAC2E4)
S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xF7BAC2FD)
S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xF7BAC2F8)
Merci
Antivirus- Antispywares & Antimalwares
- Pare-feu
- Nettoyeurs fichiers & registre
- Navigateurs & Clients mail
Tutoriel Hijackthis- Tutoriel Malwarebytes
- Tutoriel RSIT
- Tutoriel CCleaner
- Tutoriel GlaryUtilities
- Tutoriel UsbFix
- Tutoriel AD-Remover
- Astuce Navipromo
- Astuce rogues
- Désactiver l'UAC sous
 |
 |
 |
 |
 |
 |
-
- Publicité
Analyse roguekiller
15 messages
• Page 1 sur 1
• Copier l’adresse BBCode de la page
Publicité
Re: Analyse roguekiller
de bleuet » 25 Sep 2011 20:19
Tu as passé RK car tu avais des doutes sur un rogue possible sur ton système ?
Avant d'aller plus loin, un bon diagnostic à faire >
A TITRE PREVENTIF , peux-tu ?
Télécharger ZHPDiag >
http://telechargement.zebulon.fr/zhpdiag.html
/!\Il est très important de l'enregistrer sur le bureau / !\
Une fois téléchargé, Une icône apparaitra alors sur le bureau.
Ouvrir alors ce fichier, (clic droit exécuter en tant qu'administrateur pour Vista/W 7) pour lancer le programme d'assistant d'installation.
Installer le avec les paramètres par défaut sans oublier de cocher la case "Créer une icône sur le bureau"
Lancement et diagnostic :
Une fois installé si le logiciel ne se lance pas tout seul, double clic sur le raccourci qui se sera créé sur le bureau (clique droit, exécuter en tant qu'administrateur pour VISTA/ W 7)
En même temps que ZHPDiag, sont créés les icônes de ZHPFix et MBRCheck qui peuvent être utilisés.(Ces programmes se retrouvent dans le dossier programme ZHPDiag).
- Cliquer sur la flèche verte pour sa mise à jour.S'il est à jour, message > "votre version est à jour".
- Cliquer alors sur la loupe pour lancer le diagnostic.
Patientez jusqu'à la fin de l'analyse. Il peut arriver que le logiciel donne l'impression d'être bloqué ; patienter.
En cas de blocage sur la section O80, cliquer sur le tournevis pour le décocher. - Le diagnostic terminé,sauvegarder le rapport sur le Bureau en cliquant sur la disquette bleue.
- Enregistrer le rapport sur le bureau affin de le retrouver plus facilement
A partir de ce lien : www.cijoint.fr
ou celui-ci si le précédent est en erreur.
cjoint.com
Sur la page qui s'ouvre :
- Cliquer sur "Parcourir" dans la partie "Sélectionnez le fichier que vous souhaitez déposer"
- Sélectionner le rapport ZHPdiag.txt qui se trouve sur le Bureau
- Cliquer ensuite sur " Cliquez ici pour déposer le fichier ". Un lien va se former.
Il ne reste plus qu'à copier/coller ce lien sur le forum.
Note : ZHPDiag une fois installé, vérifier sa dernière mise à jour avec la grosse flèche verte.
Téléchargement de ZHPDiag sur Zébulon. Le lien habituel semble avoir des soucis. Si la mise à jour ne se fait pas, passer outre. Ce doit être la version 1.28 de toute façon).
"L'expérience est une lanterne accrochée dans le dos et qui ne sert qu'à éclairer le chemin parcouru." Confucius
-
bleuet 
- Messages: 274
- Age: 51
- Inscription: 15 Oct 2010 18:59
- Sexe:
Point(s) : 1400- Donner
- Nombre de réponses utiles: 10
Re: Analyse roguekiller
de neticable » 25 Sep 2011 20:46
Merci pour ton aide
http://www.cijoint.fr/cjlink.php?file=c ... GcVrca.txt
http://www.cijoint.fr/cjlink.php?file=c ... GcVrca.txt
-
neticable 
- Progression vers le rang suivant:
- Messages: 8
- Age: 50
- Inscription: 25 Sep 2011 18:11
- Sexe:
Point(s) : 55- Donner
Re: Analyse roguekiller
de bleuet » 25 Sep 2011 21:23
Je détaille ce rapport et te tiens au courant demain.
Bonne soirée.@+ bleuet[25/09/2011)
"L'expérience est une lanterne accrochée dans le dos et qui ne sert qu'à éclairer le chemin parcouru." Confucius
-
bleuet - Messages: 274
- Age: 51
- Inscription: 15 Oct 2010 18:59
- Sexe:
Point(s) : 1400- Donner
- Nombre de réponses utiles: 10
Re: Analyse roguekiller
de bleuet » 26 Sep 2011 09:46
On va se débarrasser des infections.
Peux-tu télécharger ?
puis :
Ce qui fait 3 rapports à envoyer.
Bonne journée.@+ bleuet[26/09/2011)
"L'expérience est une lanterne accrochée dans le dos et qui ne sert qu'à éclairer le chemin parcouru." Confucius
-
bleuet - Messages: 274
- Age: 51
- Inscription: 15 Oct 2010 18:59
- Sexe:
Point(s) : 1400- Donner
- Nombre de réponses utiles: 10
Re: Analyse roguekiller
de neticable » 26 Sep 2011 15:20
Bonjour comme demandé
# AdwCleaner v1.308 - Rapport créé le 26/09/2011 à 15:12:14
# Mis à jour le 25/09/11 à 17h par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : HP_Propriétaire - NOM-EB85C523610 (Administrateur)
# Exécuté depuis : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\adwcleaner.exe
# Option [Suppression]
***** [KillNav] *****
# iexplore.exe [PID:3004] -> Tué
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
***** [Registre] *****
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Le registre ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [869 octets] - [26/09/2011 15:10:48]
AdwCleaner[S1].txt - [1026 octets] - [26/09/2011 15:11:22]
AdwCleaner[S2].txt - [845 octets] - [26/09/2011 15:12:14]
*************************
Dossier Temporaire : 0 dossier(s) et 0 fichier(s) supprimé(s)
########## EOF - C:\AdwCleaner[S2].txt - [1066 octets] ##########
# AdwCleaner v1.308 - Rapport créé le 26/09/2011 à 15:11:22
# Mis à jour le 25/09/11 à 17h par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : HP_Propriétaire - NOM-EB85C523610 (Administrateur)
# Exécuté depuis : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\adwcleaner.exe
# Option [Suppression]
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registre] *****
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Le registre ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [869 octets] - [26/09/2011 15:10:48]
AdwCleaner[S1].txt - [804 octets] - [26/09/2011 15:11:22]
*************************
Dossier Temporaire : 6 dossier(s) et 4 fichier(s) supprimé(s)
########## EOF - C:\AdwCleaner[S1].txt - [1025 octets] ##########
# AdwCleaner v1.308 - Rapport créé le 26/09/2011 à 15:11:22
# Mis à jour le 25/09/11 à 17h par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : HP_Propriétaire - NOM-EB85C523610 (Administrateur)
# Exécuté depuis : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\adwcleaner.exe
# Option [Suppression]
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registre] *****
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Le registre ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [869 octets] - [26/09/2011 15:10:48]
AdwCleaner[S1].txt - [804 octets] - [26/09/2011 15:11:22]
*************************
Dossier Temporaire : 6 dossier(s) et 4 fichier(s) supprimé(s)
########## EOF - C:\AdwCleaner[S1].txt - [1025 octets] ##########
# AdwCleaner v1.308 - Rapport créé le 26/09/2011 à 15:12:14
# Mis à jour le 25/09/11 à 17h par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : HP_Propriétaire - NOM-EB85C523610 (Administrateur)
# Exécuté depuis : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\adwcleaner.exe
# Option [Suppression]
***** [KillNav] *****
# iexplore.exe [PID:3004] -> Tué
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
***** [Registre] *****
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Le registre ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [869 octets] - [26/09/2011 15:10:48]
AdwCleaner[S1].txt - [1026 octets] - [26/09/2011 15:11:22]
AdwCleaner[S2].txt - [845 octets] - [26/09/2011 15:12:14]
*************************
Dossier Temporaire : 0 dossier(s) et 0 fichier(s) supprimé(s)
########## EOF - C:\AdwCleaner[S2].txt - [1066 octets] ##########
# AdwCleaner v1.308 - Rapport créé le 26/09/2011 à 15:12:14
# Mis à jour le 25/09/11 à 17h par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : HP_Propriétaire - NOM-EB85C523610 (Administrateur)
# Exécuté depuis : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\adwcleaner.exe
# Option [Suppression]
***** [KillNav] *****
# iexplore.exe [PID:3004] -> Tué
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
***** [Registre] *****
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Le registre ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [869 octets] - [26/09/2011 15:10:48]
AdwCleaner[S1].txt - [1026 octets] - [26/09/2011 15:11:22]
AdwCleaner[S2].txt - [845 octets] - [26/09/2011 15:12:14]
*************************
Dossier Temporaire : 0 dossier(s) et 0 fichier(s) supprimé(s)
########## EOF - C:\AdwCleaner[S2].txt - [1066 octets] ##########
# AdwCleaner v1.308 - Rapport créé le 26/09/2011 à 15:11:22
# Mis à jour le 25/09/11 à 17h par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : HP_Propriétaire - NOM-EB85C523610 (Administrateur)
# Exécuté depuis : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\adwcleaner.exe
# Option [Suppression]
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registre] *****
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Le registre ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [869 octets] - [26/09/2011 15:10:48]
AdwCleaner[S1].txt - [804 octets] - [26/09/2011 15:11:22]
*************************
Dossier Temporaire : 6 dossier(s) et 4 fichier(s) supprimé(s)
########## EOF - C:\AdwCleaner[S1].txt - [1025 octets] ##########
# AdwCleaner v1.308 - Rapport créé le 26/09/2011 à 15:11:22
# Mis à jour le 25/09/11 à 17h par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : HP_Propriétaire - NOM-EB85C523610 (Administrateur)
# Exécuté depuis : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\adwcleaner.exe
# Option [Suppression]
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registre] *****
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Le registre ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [869 octets] - [26/09/2011 15:10:48]
AdwCleaner[S1].txt - [804 octets] - [26/09/2011 15:11:22]
*************************
Dossier Temporaire : 6 dossier(s) et 4 fichier(s) supprimé(s)
########## EOF - C:\AdwCleaner[S1].txt - [1025 octets] ##########
# AdwCleaner v1.308 - Rapport créé le 26/09/2011 à 15:12:14
# Mis à jour le 25/09/11 à 17h par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : HP_Propriétaire - NOM-EB85C523610 (Administrateur)
# Exécuté depuis : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\adwcleaner.exe
# Option [Suppression]
***** [KillNav] *****
# iexplore.exe [PID:3004] -> Tué
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
***** [Registre] *****
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Le registre ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [869 octets] - [26/09/2011 15:10:48]
AdwCleaner[S1].txt - [1026 octets] - [26/09/2011 15:11:22]
AdwCleaner[S2].txt - [845 octets] - [26/09/2011 15:12:14]
*************************
Dossier Temporaire : 0 dossier(s) et 0 fichier(s) supprimé(s)
########## EOF - C:\AdwCleaner[S2].txt - [1066 octets] ##########
-
neticable - Progression vers le rang suivant:
- Messages: 8
- Age: 50
- Inscription: 25 Sep 2011 18:11
- Sexe:
Point(s) : 55- Donner
Re: Analyse roguekiller
de neticable » 26 Sep 2011 15:21
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [6]) -> Lancé à 15:14:04 le 26/09/2011, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
HP_Propriétaire@NOM-EB85C523610 ( )
============== RECHERCHE ==============
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [Impossible d'obtenir la version] ****
HKLM_MozillaPlugins\Adobe Reader (x)
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Start Page - hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKCU_Toolbar\ShellBrowser|{C4069E3A-68F1-403E-B40E-20066696354B} (x)
HKLM_Toolbar|{C8137A8D-415D-450C-A1B1-D0C519D45296} (C:\Program Files\Trend Micro\Browser Guard\tmieg.dll)
HKLM_Extensions\{E2D4D26B-0180-43a4-B05F-462D6D54C789} - "Aide à la connexion" (C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{F1AD4A42-BA52-47BC-89DF-3F68F24C017F} - "TMIEGBHO Class" (C:\Program Files\Trend Micro\Browser Guard\TMAMS.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 9 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 11/06/2011 23:15:15 (2342 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 22/06/2011 21:06:31 (2446 Octet(s))
C:\Ad-Report-CLEAN[3].txt - 24/06/2011 00:25:41 (2513 Octet(s))
C:\Ad-Report-CLEAN[4].txt - 03/07/2011 18:00:51 (2644 Octet(s))
C:\Ad-Report-SCAN[1].txt - 26/05/2011 16:56:39 (2046 Octet(s))
C:\Ad-Report-SCAN[2].txt - 05/06/2011 21:11:45 (2110 Octet(s))
C:\Ad-Report-SCAN[3].txt - 15/06/2011 04:55:21 (2362 Octet(s))
C:\Ad-Report-SCAN[4].txt - 17/06/2011 00:25:38 (2335 Octet(s))
C:\Ad-Report-SCAN[5].txt - 01/07/2011 22:32:40 (2532 Octet(s))
C:\Ad-Report-SCAN[6].txt - 26/09/2011 15:14:09 (576 Octet(s))
Fin à: 15:14:43, 26/09/2011
============== E.O.F ==============
A plus tad Cordialement
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [6]) -> Lancé à 15:14:04 le 26/09/2011, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
HP_Propriétaire@NOM-EB85C523610 ( )
============== RECHERCHE ==============
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [Impossible d'obtenir la version] ****
HKLM_MozillaPlugins\Adobe Reader (x)
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Start Page - hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKCU_Toolbar\ShellBrowser|{C4069E3A-68F1-403E-B40E-20066696354B} (x)
HKLM_Toolbar|{C8137A8D-415D-450C-A1B1-D0C519D45296} (C:\Program Files\Trend Micro\Browser Guard\tmieg.dll)
HKLM_Extensions\{E2D4D26B-0180-43a4-B05F-462D6D54C789} - "Aide à la connexion" (C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{F1AD4A42-BA52-47BC-89DF-3F68F24C017F} - "TMIEGBHO Class" (C:\Program Files\Trend Micro\Browser Guard\TMAMS.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 9 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 11/06/2011 23:15:15 (2342 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 22/06/2011 21:06:31 (2446 Octet(s))
C:\Ad-Report-CLEAN[3].txt - 24/06/2011 00:25:41 (2513 Octet(s))
C:\Ad-Report-CLEAN[4].txt - 03/07/2011 18:00:51 (2644 Octet(s))
C:\Ad-Report-SCAN[1].txt - 26/05/2011 16:56:39 (2046 Octet(s))
C:\Ad-Report-SCAN[2].txt - 05/06/2011 21:11:45 (2110 Octet(s))
C:\Ad-Report-SCAN[3].txt - 15/06/2011 04:55:21 (2362 Octet(s))
C:\Ad-Report-SCAN[4].txt - 17/06/2011 00:25:38 (2335 Octet(s))
C:\Ad-Report-SCAN[5].txt - 01/07/2011 22:32:40 (2532 Octet(s))
C:\Ad-Report-SCAN[6].txt - 26/09/2011 15:14:09 (576 Octet(s))
Fin à: 15:14:43, 26/09/2011
============== E.O.F ==============
A plus tad Cordialement
-
neticable - Progression vers le rang suivant:
- Messages: 8
- Age: 50
- Inscription: 25 Sep 2011 18:11
- Sexe:
Point(s) : 55- Donner
Re: Analyse roguekiller
de bleuet » 26 Sep 2011 19:25
Peux-tu ?
Onvrir ZHPFix.(Clic droit exécuter en tant qu'administrateur pour Vista/W 7) par le raccourci
installé en même temps que ZHPDiag et MBRCheck ou par l'icône ZHPFix du ZHPDiag.
- Sélectionner et copier/coller le script proposé ci-dessous par clic sur le H de ZHPFix :
Le rapport se met dans la fenêtre blanche qui devient jaune quand le script apparait dans la fenêtre .
******************************- Code: Tout sélectionner
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\{56e045c6-d94b-41e8-ac4c-c2ddfb0e304a}] [] Argente FR Toolbar v2.5.6.0 (.Conduit Ltd..)
C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\fn2md5by.default\user.js (.not file.)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Multi-channel Sound Manager.lnk - Clé orpheline
O41 - Driver: ewido anti-spyware 4.0 driver (ewido anti-spyware 4.0 driver) . (. - .) - C:\Program Files\ewido anti-spyware 4.0\guard.sys (.not file.)
O43 - CFD: 02/04/2011 - 08:01:42 - [106823607] ----D- C:\Program Files\Spybot - Search & Destroy => Spybot - Search & Destroy
O64 - Services: CurCS - ??/??/???? - C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\TrueSight.sys (.not file.) - TrueSight (TrueSight) .(...) - LEGACY_TRUESIGHT
O43 - CFD: 02/04/2011 - 07:59:42 - [8903028] ----D- C:\Program Files\Nosibay
C:\Program Files\Nosibay
EmptyTemp
EmptyFlash
****************************** - Clic en bas sur OK . (ligne(s) présentée(s) maintenant avec un petit carré à gauche
- Clic sur Tous. (ligne(s) présentée(s) maintenant avec le petit carré coché
- Clic sur Nettoyer. (ligne(s) cochée(s) supprimée(s). Le rapport de suppression s'ouvre dans la fenêtre.
Tu peux fermer ZHPFix. Les rapports se trouvent dans le dossier programme.
TUTO
Fais tout de même une analyse complète avec MalwaresBytes, accepte les suppressions (s'il y a proposition) et copie/colle le rapport.
Puis remets stp un second rapport ZHPDiag.
Donc à prévoir 3 rapports.
Bonne soirée @+ bleuet
"L'expérience est une lanterne accrochée dans le dos et qui ne sert qu'à éclairer le chemin parcouru." Confucius
-
bleuet - Messages: 274
- Age: 51
- Inscription: 15 Oct 2010 18:59
- Sexe:
Point(s) : 1400- Donner
- Nombre de réponses utiles: 10
Re: Analyse roguekiller
de neticable » 26 Sep 2011 23:17
Bonsoir avec du retard 3 rapports
Rapport de ZHPFix 1.12.3362 par Nicolas Coolman, Update du 23/09/2011
Fichier d'export Registre :
Run by HP_Propriétaire at 26/09/2011 21:10:04
Windows XP Home Edition Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-p ... hpfix.html
========== Clé(s) du Registre ==========
ABSENT Key: Service Legacy: LEGACY_TRUESIGHT
========== Dossier(s) ==========
SUPPRIME Folder: C:\Program Files\Spybot - Search & Destroy
SUPPRIME Folder: C:\Program Files\Nosibay
SUPPRIME Temporaires Windows: : 9
SUPPRIME Flash Cookies: 1
========== Fichier(s) ==========
ABSENT Folder/File: c:\documents and settings\hp_propriétaire\application data\mozilla\firefox\profiles\fn2md5by.default\user.js (.not file.)
SUPPRIME File: c:\documents and settings\all users\menu démarrer\programmes\multi-channel sound manager.lnk
ABSENT Folder/File: c:\program files\nosibay
SUPPRIME Temporaires Windows: : 10
SUPPRIME Flash Cookies: 0
========== Récapitulatif ==========
1 : Clé(s) du Registre
4 : Dossier(s)
5 : Fichier(s)
End of clean in 00mn 42s
========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 26/09/2011 21:10:04 [1138]
Malwarebytes' Anti-Malware 1.51.2.1300
http://www.malwarebytes.org
Version de la base de données: 7802
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
26/09/2011 23:05:14
mbam-log-2011-09-26 (23-05-14).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 468979
Temps écoulé: 1 heure(s), 49 minute(s), 58 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
http://www.cijoint.fr/cjlink.php?file=c ... GOQSL5.txt
Rapport de ZHPFix 1.12.3362 par Nicolas Coolman, Update du 23/09/2011
Fichier d'export Registre :
Run by HP_Propriétaire at 26/09/2011 21:10:04
Windows XP Home Edition Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-p ... hpfix.html
========== Clé(s) du Registre ==========
ABSENT Key: Service Legacy: LEGACY_TRUESIGHT
========== Dossier(s) ==========
SUPPRIME Folder: C:\Program Files\Spybot - Search & Destroy
SUPPRIME Folder: C:\Program Files\Nosibay
SUPPRIME Temporaires Windows: : 9
SUPPRIME Flash Cookies: 1
========== Fichier(s) ==========
ABSENT Folder/File: c:\documents and settings\hp_propriétaire\application data\mozilla\firefox\profiles\fn2md5by.default\user.js (.not file.)
SUPPRIME File: c:\documents and settings\all users\menu démarrer\programmes\multi-channel sound manager.lnk
ABSENT Folder/File: c:\program files\nosibay
SUPPRIME Temporaires Windows: : 10
SUPPRIME Flash Cookies: 0
========== Récapitulatif ==========
1 : Clé(s) du Registre
4 : Dossier(s)
5 : Fichier(s)
End of clean in 00mn 42s
========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 26/09/2011 21:10:04 [1138]
Malwarebytes' Anti-Malware 1.51.2.1300
http://www.malwarebytes.org
Version de la base de données: 7802
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
26/09/2011 23:05:14
mbam-log-2011-09-26 (23-05-14).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 468979
Temps écoulé: 1 heure(s), 49 minute(s), 58 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
http://www.cijoint.fr/cjlink.php?file=c ... GOQSL5.txt
-
neticable - Progression vers le rang suivant:
- Messages: 8
- Age: 50
- Inscription: 25 Sep 2011 18:11
- Sexe:
Point(s) : 55- Donner
Re: Analyse roguekiller
de bleuet » 27 Sep 2011 10:10
C'est bien.
Peux-tu mettre le second rapport de ZHPDiag ?
Le dernier rapport indique
Invité a écrit:Windows Genuine Advantage : KO => Windows Guenuine Advantage Désactivé
(J'ai vu que tu avais le pack 3.) Windows semble ne pas être activé auprès de Microsoft. Qu'en est-il exactement ?
++
"L'expérience est une lanterne accrochée dans le dos et qui ne sert qu'à éclairer le chemin parcouru." Confucius
-
bleuet - Messages: 274
- Age: 51
- Inscription: 15 Oct 2010 18:59
- Sexe:
Point(s) : 1400- Donner
- Nombre de réponses utiles: 10
Re: Analyse roguekiller
de neticable » 27 Sep 2011 13:27
Bonjour
Dernier rapport J'ai pas de problème avec windows c'est celui d'origine
Cordialement
Rapport de ZHPDiag v1.28.1354 par Nicolas Coolman, Update du 25/09/2011
Run by HP_Propriétaire at 26/09/2011 23:07:46
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
---\\ Windows Product Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ System Information
~ Processor: x86 Family 15 Model 36 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 958 MB (39% free)
System Restore: Activé (Enable)
System drive C: has 101 GB (55%) free of 181 GB
---\\ Logged in mode
~ Computer Name: NOM-EB85C523610
~ User Name: HP_Propriétaire
~ All Users Names: SUPPORT_fddfa904, SUPPORT_388945a0, HP_Propriétaire, HelpAssistant, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\
~ %Desktop% : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\
~ %Favorites% : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Favoris\
~ %LocalAppData% : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 101 Go of 181 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 6 Go)
E:\ CD-ROM drive (Free 0 Go of 0 Go)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.26/09/2011 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.26/09/2011 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.26/09/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.26/09/2011 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.26/09/2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.26/09/2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/23
~ Mes musiques (My Musics) : 1/53
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 2/44
~ Mes Documents (My Documents) : 120/16276
~ Mon Bureau (My Desktop) : 1953/3832
~ Menu demarrer (Programs) : 6/29
~ Scan Hidden Files in 00mn 10s
---\\ Processus lancés
[MD5.D21352BCAAB174948EB9672BC203BB0F] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [376832] [PID.]
[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.160]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.176]
[MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.]
[MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664] [PID.]
[MD5.F2060A34C8A75BC24A9222EB4F8C07BD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [349472] [PID.]
[MD5.D3F9205CC4CB07553F2F9472C767EA87] - (.Teruten - FsUsbDevice.) -- C:\WINDOWS\system32\FsUsbExService.Exe [233472] [PID.]
[MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]
[MD5.9696786759C4B43FA5C894747E893EA2] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [73728] [PID.]
[MD5.7AEA4DF1CA68FD45DD4BBE1F0243CE7F] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.]
[MD5.2DD856C4A4D61D682A7007505C8AD98F] - (.TuneUp Software - TuneUp Utilities Service.) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [1526592] [PID.]
[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.]
[MD5.E611C000DBFD4E250AB7806F74B895D8] - (.TuneUp Software - TuneUp Utilities.) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe [671552] [PID.2676]
[MD5.C81BE1B951C36E97D3DA90DA745DA5F7] - (.Hewlett-Packard Company - KBD EXE.) -- C:\HP\KBD\KBD.EXE [61440] [PID.1012]
[MD5.7B8875A5B04932AC73AFD8079864DB68] - (.Realtek Semiconductor Corp. - Realtek Audio - Event Monitor.) -- C:\WINDOWS\ALCXMNTR.EXE [57344] [PID.3528]
[MD5.29E8E6B337D61C931B11A90A98310626] - (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064] [PID.3672]
[MD5.C0FD8553CECDE061AD3E7C1CC80C7EDB] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160] [PID.1000]
[MD5.E51BD095B2FDF56B17EE010BB794D6ED] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820520] [PID.]
[MD5.7F7BC88C8FB6B52989E0E93084B5E678] - (.Microsoft Corporation - Windows® installer.) -- C:\WINDOWS\system32\msiexec.exe [95744] [PID.]
[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816] [PID.2732]
[MD5.D30EB2F98504F30ECAAEEF90DDC7DE98] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2122752] [PID.2260]
[MD5.AB0A7CA90D9E3D6A193905DC1715DED0] - (.Microsoft Corporation - Windows User Mode Driver Manager.) -- C:\WINDOWS\system32\wdfmgr.exe [38912] [PID.]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]
~ Scan Processes Running in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\fn2md5by.default\prefs.js
C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\fn2md5by.default\user.js (.not file.)
M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\fn2md5by.default\searchplugins\orange.xml
M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [HP_Propriétaire - fn2md5by.default] http://fr.msn.com
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\fsonlinescanner@f-secure.com] [] {PRODUCT-NAME} v1.00 (.F-Secure Corporation.)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\info@djzig.com] [] LavaFox V1 v1.1.6 (.Zigboom.)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v7.1.20110316W (.Google Inc..)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\{56e045c6-d94b-41e8-ac4c-c2ddfb0e304a}] [] Argente FR Toolbar v2.5.6.0 (.Conduit Ltd..)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}] [] AmbientFox v0.4 (.Ambientthemes.)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\{D46E8522-6E86-44b1-A622-58C0668AD78E}] [] Classic Compact v3.6.0 (.Ken Barbalace EnvironmentalChemistry.com.)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\{e001c731-5e37-4538-a5cb-8168736a2360}] [] BitDefender QuickScanner v3.6.0 (.BitDefender R&D Team.)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}] [] Adobe DLM (powered by getPlus(R)) v1.6.2.63 (.NOS Microsystems Ltd..)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.3.2".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16263.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2240] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.2.2298] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1348] - (.RealNetworks, Inc. - 6.0.12.1348.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com
R0 - HKUS\S-1-5-21-3553853109-1193228773-2612436283-1008\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Barre d'outils client IE Google.) -- c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: TMIEGBHO - {F1AD4A42-BA52-47BC-89DF-3F68F24C017F} . (.Trend Micro Inc. - Pas de description.) -- C:\Program Files\Trend Micro\Browser Guard\TMAMS.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Barre d'outils client IE Google.) -- c:\program files\google\googletoolbar1.dll
O3 - Toolbar: TMBGBAR TOOLBAR - {C8137A8D-415D-450C-A1B1-D0C519D45296} . (.Trend Micro Inc. - Pas de description.) -- C:\Program Files\Trend Micro\Browser Guard\tmieg.dll
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [HPBootOp] . (.Hewlett-Packard Company - HP Boot Optimizer.) -- C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-3553853109-1193228773-2612436283-1008\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\CDBurnerXP.lnk . (.Canneverbe Limited.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\DVD Play.lnk . (.CyberLink Corp..) -- C:\Program Files\HP\DVDPlay\DVDPlay.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Lanceur de tâches Microsoft Works.lnk . (.Microsoft® Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Access.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\accicons.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Excel.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft FrontPage.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\misc.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Office PowerPoint Viewer 2003.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Outlook.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\outicon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft PhotoDraw.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office\PHOTODRW.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft PowerPoint.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\pptico.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Publisher.lnk . (...) -- C:\WINDOWS\Installer\{0004040C-78E1-11D2-B60F-006097C998E7}\pubs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Word.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\My PC Choice.lnk . (...) -- C:\hp\VINETLINK\VINETLINK.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\TuneUp Utilities 2011.lnk . (.TuneUp Software.) -- C:\Program Files\TuneUp Utilities 2011\Integrator.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Search.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Traduire à partir de l'anglais . (.Google Inc. - Barre d'outils client IE Google.) -- C:\Program Files\Google\GoogleToolbar1.dll
O8 - Extra context menu item: Pages liées . (.Google Inc. - Barre d'outils client IE Google.) -- C:\Program Files\Google\GoogleToolbar1.dll
O8 - Extra context menu item: Pages similaires . (.Google Inc. - Barre d'outils client IE Google.) -- C:\Program Files\Google\GoogleToolbar1.dll
O8 - Extra context menu item: Recherche &Google . (.Google Inc. - Barre d'outils client IE Google.) -- C:\Program Files\Google\GoogleToolbar1.dll
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google . (.Google Inc. - Barre d'outils client IE Google.) -- C:\Program Files\Google\GoogleToolbar1.dll
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} . (...) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (...) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A20EECFA-1547-4D2F-8FED-F8B04E06D21C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer = 15.243.128.51 15.243.160.51
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpDomain = rgv.hp.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{A20EECFA-1547-4D2F-8FED-F8B04E06D21C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer = 15.243.128.51 15.243.160.51
O17 - HKLM\System\CS1\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpDomain = rgv.hp.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{A20EECFA-1547-4D2F-8FED-F8B04E06D21C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer = 15.243.128.51 15.243.160.51
O17 - HKLM\System\CS2\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpDomain = rgv.hp.com
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\WINDOWS\system32\FsUsbExService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMSAccess (NMSAccess) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{248B98ED-C8E3-49EA-B73F-1D85873C51A2}.job
~ Scan Scheduled Task in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\system32\DRIVERS\AmdK8.sys
O41 - Driver: (AvgArCln) . (.GRISOFT, s.r.o. - AVG7 Clean Driver.) - C:\WINDOWS\system32\DRIVERS\AvgArCln.sys
O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver
O42 - Logiciel: AVG Anti-Rootkit Free - (.GRISOFT.) [HKLM] -- AVGantiRootkit
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader X (10.1.0) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Amélioration de nos services - (.Hewlett-Packard.) [HKLM] -- InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {853A4763-6643-4604-8D64-28BDD8925F4C}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Arovax AntiSpyware 2.1.153 - (.Arovax Software.) [HKLM] -- Arovax AntiSpyware
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: BleachBit - (.BleachBit.) [HKLM] -- BleachBit
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {C2E4B5BD-32DB-4817-A060-341AB17C3F90}
O42 - Logiciel: BugOff 1.10 - (.Soeperman Enterprises Ltd..) [HKLM] -- BugOff
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Canon MP Navigator EX 2.0 - (.Pas de propriétaire.) [HKLM] -- MP Navigator EX 2.0
O42 - Logiciel: Canon MP240 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP240_series
O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Utilities My Printer - (.Pas de propriétaire.) [HKLM] -- CanonMyPrinter
O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propriétaire.) [HKLM] -- CanonSolutionMenu
O42 - Logiciel: Enregistrement utilisateur de Canon MP240 series - (.Pas de propriétaire.) [HKLM] -- Enregistrement utilisateur de Canon MP240 series
O42 - Logiciel: FCleaner 1.3.1.621 - (.FTweak, Inc..) [HKLM] -- FCleaner_is1
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Pas de propriétaire.) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008}
O42 - Logiciel: HP Appareils photos Photosmart 5.0 - (.HP.) [HKLM] -- {C83A12B9-B31B-461A-BBD4-CE9B988094F1}
O42 - Logiciel: HP Boot Optimizer - (.Hewlett-Packard Company.) [HKLM] -- {3BA95526-6AE0-4B87-A62D-17187EF565FC}
O42 - Logiciel: HP DVD Play 1.0 - (.Pas de propriétaire.) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1}
O42 - Logiciel: HP Deskjet Printer Preload - (.Hewlett-Packard Company.) [HKLM] -- {2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
O42 - Logiciel: HP Document Viewer 5.3 - (.HP.) [HKLM] -- HP Document Viewer
O42 - Logiciel: HP Imaging Device Functions 6.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Multimedia Keyboard Software - (.Pas de propriétaire.) [HKLM] -- KBD
O42 - Logiciel: HP PSC & OfficeJet 5.3.A - (.HP.) [HKLM] -- {3E386744-10FA-44b2-98C9-DF7A270DECB3}
O42 - Logiciel: HP PSC & OfficeJet 5.3.B - (.HP.) [HKLM] -- {5B79CFD1-6845-4158-9D7D-6BE89DF2C135}
O42 - Logiciel: HP Photosmart 330,380,420,470,7800,8000,8200 Series - (.HP.) [HKLM] -- {33D6CC28-9F75-4d1b-A11D-98895B3A3729}
O42 - Logiciel: HP Photosmart Premier Software 6.0 - (.HP.) [HKLM] -- HP Photo & Imaging
O42 - Logiciel: HP Software Update - (.HEWLET~1|Hewlett-Packard.) [HKLM] -- {ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.3 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: INFORAD MANAGER 3.6 - (.Pas de propriétaire.) [HKLM] -- INFORAD MANAGER_is1
O42 - Logiciel: J2SE Runtime Environment 5.0 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150050}
O42 - Logiciel: Java(TM) 6 Update 25 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216025F0}
O42 - Logiciel: Java(TM) 6 Update 26 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216026FF}
O42 - Logiciel: Lecteur Windows Media 10 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] -- {56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft Office 2000 CD-ROM 2 - (.Microsoft Corporation.) [HKLM] -- {0004040C-78E1-11D2-B60F-006097C998E7}
O42 - Logiciel: Microsoft Office 2000 Premium - (.Microsoft Corporation.) [HKLM] -- {0000040C-78E1-11D2-B60F-006097C998E7}
O42 - Logiciel: Microsoft PhotoDraw 2000 - (.Pas de propriétaire.) [HKLM] -- Microsoft PhotoDraw 2000
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {A059DE09-1B49-4450-B340-7AE097EC3F04}
O42 - Logiciel: Module d’enregistrement 1.5.1.2 - (.YDP SA.) [HKLM] -- FlashComponents
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {AC599724-5755-48C1-ABE7-ABB857652930}
O42 - Logiciel: PC-Doctor 5 for Windows - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows
O42 - Logiciel: PS2 - (.Pas de propriétaire.) [HKLM] -- PS2
O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 6194C28A8F62DD817EA1B918E6E46E806A21B452
O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 65B6FE5418CE28F4D72543FB2D964C3CEC83F161
O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) - (.Nokia.) [HKLM] -- 3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F
O42 - Logiciel: Panneau de contrôle ATI - (.Pas de propriétaire.) [HKLM] -- {0BEDBD4E-2D34-47B5-9973-57E62B29307C}
O42 - Logiciel: Python 2.2 pywin32 extensions (build 203) - (.Pas de propriétaire.) [HKLM] -- pywin32-py2.2
O42 - Logiciel: Python 2.2.3 - (.PythonLabs at Zope Corporation.) [HKLM] -- Python 2.2.3
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: Rapid Cleaner - (.Douali Nassim.) [HKLM] -- {145DE4FE-6384-49C9-8C7F-6EA25D233254}_is1
O42 - Logiciel: RealPlayer - (.Pas de propriétaire.) [HKLM] -- RealPlayer 6.0
O42 - Logiciel: Reflex TBC - (.Pas de propriétaire.) [HKLM] -- {1B49062F-7914-4ABF-90F9-90B3FAEAFB4C}
O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Composite Device
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: SAMSUNG SYMBIAN USB Download Driver - (.SAMSUNG Electronics CO,.LTD.) [HKLM] -- {D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}
O42 - Logiciel: SAMSUNG USB Mobile Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG USB Mobile Device
O42 - Logiciel: Samsung Mobile Modem Device Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile Modem Device
O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: SamsungConnectivityCableDriver - (.Samsung.) [HKLM] -- {7E84FAC8-C518-40F9-9807-7455301D6D25}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Sierra Print Artist 4.0 (md) - (.Pas de propriétaire.) [HKLM] -- Print Artist 4.0 Gold
O42 - Logiciel: Sonic Express Labeler - (.Sonic Solutions.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
O42 - Logiciel: Sonic MyDVD Plus - (.Sonic Solutions.) [HKLM] -- {21657574-BD54-48A2-9450-EB03B2C7FC29}
O42 - Logiciel: Sonic RecordNow Audio - (.Sonic Solutions.) [HKLM] -- {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
O42 - Logiciel: Sonic RecordNow Copy - (.Sonic Solutions.) [HKLM] -- {B12665F4-4E93-4AB4-B7FC-37053B524629}
O42 - Logiciel: Sonic RecordNow Data - (.Sonic Solutions.) [HKLM] -- {075473F5-846A-448B-BCB3-104AA1760205}
O42 - Logiciel: Sonic Update Manager - (.Sonic Solutions.) [HKLM] -- {30465B6C-B53F-49A1-9EBA-A3F187AD502E}
O42 - Logiciel: Toolbar Uninstaller 1.0.0.1 - (.Decomputeur.nl.) [HKLM] -- Toolbar Uninstaller_is1
O42 - Logiciel: TuneUp Utilities 2011 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities 2011
O42 - Logiciel: Utilités Sierra - (.Pas de propriétaire.) [HKLM] -- Utilités Sierra
O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {F59A9E08-A6A4-4ACF-91F2-D0344956C30B}
O42 - Logiciel: muvee autoProducer 4.5 - (.muvee Technologies.) [HKLM] -- {E073D315-3C54-44BF-A1B2-B5583AEA618C}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\Adobe]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Auslogics]
[HKCU\Software\Avira]
[HKCU\Software\BleachBit]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\ClearProg]
[HKCU\Software\FTweak]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Leadertech]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mobileleader]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Samsung]
[HKCU\Software\Sonic]
[HKCU\Software\Sysinternals]
[HKCU\Software\TCP Optimizer]
[HKCU\Software\TrendMicro]
[HKCU\Software\TuneUp]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\stevengould.org]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Ahead]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Avance]
[HKLM\Software\Avira]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Commest]
[HKLM\Software\CyberLink]
[HKLM\Software\DEVGURU]
[HKLM\Software\Debug]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\Grisoft]
[HKLM\Software\HPQ]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\InstallShield]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LEAD Technologies, Inc.]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MarkAny]
[HKLM\Software\McAfee.com]
[HKLM\Software\MicroVision]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PC-Doctor]
[HKLM\Software\PCSuite]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Python]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RichFX]
[HKLM\Software\Samsung]
[HKLM\Software\Schlumberger]
[HKLM\Software\Sierra OnLine]
[HKLM\Software\Sonic]
[HKLM\Software\SymNRT]
[HKLM\Software\Symantec]
[HKLM\Software\TrendMicro]
[HKLM\Software\TuneUp]
[HKLM\Software\Wilson WindowWare]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\X-AVCSD]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\muvee Technologies]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/05/2011 - 22:39:54 - [3511045] ----D- C:\Program Files\7-Zip
O43 - CFD: 02/04/2011 - 07:53:14 - [581306] ----D- C:\Program Files\a-squared Free
O43 - CFD: 26/09/2011 - 15:14:06 - [1573736] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 16/06/2011 - 21:11:10 - [375155616] ----D- C:\Program Files\Adobe
O43 - CFD: 02/04/2011 - 07:53:48 - [4814870] ----D- C:\Program Files\AIDA32 - Personal System Information
O43 - CFD: 02/04/2011 - 07:53:48 - [429996160] ----D- C:\Program Files\Alwil Software
O43 - CFD: 02/04/2011 - 07:54:00 - [57170238] ----D- C:\Program Files\aMSN
O43 - CFD: 02/04/2011 - 07:54:14 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 05/05/2011 - 23:43:20 - [370390] ----D- C:\Program Files\Argente - Registry Cleaner
O43 - CFD: 02/04/2011 - 07:54:16 - [3843847] ----D- C:\Program Files\Argente - StartUp Manager
O43 - CFD: 02/04/2011 - 07:54:18 - [6509627] ----D- C:\Program Files\Argente Software
O43 - CFD: 09/08/2011 - 14:53:18 - [20020987] ----D- C:\Program Files\Argente Utilities
O43 - CFD: 03/09/2011 - 06:10:30 - [4116648] ----D- C:\Program Files\Arovax AntiSpyware
O43 - CFD: 02/04/2011 - 07:54:22 - [7371] ----D- C:\Program Files\Astase
O43 - CFD: 28/02/2006 - 06:15:20 - [16324751] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 02/04/2011 - 07:54:22 - [4449275] ----D- C:\Program Files\Auslogics
O43 - CFD: 02/04/2011 - 07:54:24 - [13123840] ----D- C:\Program Files\Avery Dennison
O43 - CFD: 20/05/2011 - 13:40:18 - [152918186] ----D- C:\Program Files\Avira
O43 - CFD: 02/04/2011 - 07:54:34 - [3005440] ----D- C:\Program Files\AVS4YOU
O43 - CFD: 01/08/2011 - 01:00:38 - [8084874] ----D- C:\Program Files\BleachBit
O43 - CFD: 25/05/2011 - 11:57:42 - [627515] ----D- C:\Program Files\Bonjour
O43 - CFD: 22/05/2011 - 12:45:38 - [306793123] ----D- C:\Program Files\Canon
O43 - CFD: 05/11/2009 - 20:14:10 - [28014124] ----D- C:\Program Files\CanonBJ
O43 - CFD: 02/04/2011 - 07:54:46 - [2937560] ----D- C:\Program Files\CCleaner
O43 - CFD: 25/07/2011 - 20:47:02 - [17392513] ----D- C:\Program Files\CDBurnerXP
O43 - CFD: 02/04/2011 - 07:54:48 - [208244] ----D- C:\Program Files\Change Extension
O43 - CFD: 02/04/2011 - 07:54:48 - [571169] ----D- C:\Program Files\CleanUp!
O43 - CFD: 02/04/2011 - 07:54:48 - [366850] ----D- C:\Program Files\ClearProg
O43 - CFD: 02/04/2011 - 07:54:48 - [739432] ----D- C:\Program Files\Cobian Backup 8
O43 - CFD: 20/10/2005 - 21:06:30 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 02/04/2011 - 07:54:48 - [3895856] ----D- C:\Program Files\Defraggler
O43 - CFD: 02/04/2011 - 07:54:50 - [4504800] ----D- C:\Program Files\DIFX
O43 - CFD: 02/04/2011 - 07:54:50 - [170277] ----D- C:\Program Files\Digital Camera
O43 - CFD: 02/04/2011 - 07:54:50 - [3967] ----D- C:\Program Files\dl
O43 - CFD: 02/04/2011 - 07:54:50 - [254204] ----D- C:\Program Files\Dnote Software
O43 - CFD: 02/04/2011 - 07:54:50 - [7417163] ----D- C:\Program Files\Emsisoft Anti-Malware
O43 - CFD: 02/04/2011 - 07:54:52 - [106658300] ----D- C:\Program Files\Enjoy 5e
O43 - CFD: 02/04/2011 - 07:54:52 - [4467372] ----D- C:\Program Files\EPSON
O43 - CFD: 26/09/2011 - 03:03:02 - [41] ----D- C:\Program Files\ewido anti-spyware 4.0
O43 - CFD: 12/07/2011 - 00:22:20 - [3187328] ----D- C:\Program Files\FCleaner
O43 - CFD: 03/09/2011 - 06:17:10 - [1056413993] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 14/05/2011 - 10:31:22 - [5944320] ----D- C:\Program Files\Free Audio Pack
O43 - CFD: 02/04/2011 - 07:56:14 - [401140] ----D- C:\Program Files\Free Window Registry Repair
O43 - CFD: 02/04/2011 - 07:56:14 - [5101826] ----D- C:\Program Files\Gamenext
O43 - CFD: 02/04/2011 - 07:56:14 - [0] ----D- C:\Program Files\GeCAD
O43 - CFD: 02/04/2011 - 07:56:14 - [113823568] ----D- C:\Program Files\GIMP-2.0
O43 - CFD: 04/05/2011 - 21:50:08 - [25915219] ----D- C:\Program Files\Glary Utilities
O43 - CFD: 28/02/2006 - 06:48:06 - [439280423] ----D- C:\Program Files\Google
O43 - CFD: 24/09/2011 - 00:19:24 - [3748052] ----D- C:\Program Files\Grisoft
O43 - CFD: 28/02/2006 - 06:58:26 - [20179907] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 28/02/2006 - 06:34:40 - [684705699] ----D- C:\Program Files\HP
O43 - CFD: 02/08/2011 - 13:38:00 - [11011397] ----D- C:\Program Files\INFORAD
O43 - CFD: 02/08/2011 - 13:37:54 - [545446] ----D- C:\Program Files\INFORAD_DRIVERS
O43 - CFD: 25/07/2011 - 22:35:48 - [88879844] ----D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 24/08/2011 - 14:54:38 - [8190224] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 02/04/2011 - 07:58:06 - [258549] ----D- C:\Program Files\Internet Explorer Cleaner
O43 - CFD: 06/05/2011 - 22:11:32 - [16255021] ----D- C:\Program Files\IObit
O43 - CFD: 22/04/2011 - 20:25:52 - [1856627] ----D- C:\Program Files\iPod
O43 - CFD: 25/05/2011 - 12:01:46 - [163693547] ----D- C:\Program Files\iTunes
O43 - CFD: 07/07/2011 - 06:38:06 - [475343508] ----D- C:\Program Files\Java
O43 - CFD: 17/05/2011 - 22:56:24 - [1387926] ----D- C:\Program Files\JkDefrag
O43 - CFD: 22/04/2011 - 23:08:54 - [2826689] ----D- C:\Program Files\jv16 PowerTools
O43 - CFD: 01/05/2011 - 19:11:52 - [702182] ----D- C:\Program Files\Lavasoft
O43 - CFD: 02/04/2011 - 07:58:44 - [220160] ----D- C:\Program Files\LimeWire
O43 - CFD: 02/04/2011 - 07:58:44 - [7551083] ----D- C:\Program Files\LizardTech
O43 - CFD: 02/04/2011 - 07:58:46 - [1109] ----D- C:\Program Files\ma-config.com
O43 - CFD: 24/09/2011 - 01:17:20 - [7033431] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 02/04/2011 - 07:58:46 - [221184] ----D- C:\Program Files\MarkAny
O43 - CFD: 02/04/2011 - 07:58:46 - [221184] ----D- C:\Program Files\MarkAnyContentSAFER
O43 - CFD: 02/04/2011 - 07:58:46 - [1376256] ----D- C:\Program Files\Mase
O43 - CFD: 16/06/2011 - 20:56:34 - [9454922] ----D- C:\Program Files\McAfee Security Scan
O43 - CFD: 02/04/2011 - 07:58:48 - [1675947] ----D- C:\Program Files\Microsoft
O43 - CFD: 02/04/2011 - 07:58:48 - [13647313] ----D- C:\Program Files\Microsoft ActiveSync
O43 - CFD: 02/04/2011 - 07:58:52 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 22/05/2011 - 12:05:10 - [207010] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 22/05/2011 - 12:15:56 - [408361573] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 02/04/2011 - 07:59:12 - [144263738] ----D- C:\Program Files\Microsoft Picture It! 2002
O43 - CFD: 02/04/2011 - 07:59:16 - [15462931] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 02/04/2011 - 07:59:20 - [20249] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 02/04/2011 - 07:59:20 - [5897045] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 28/02/2006 - 06:36:44 - [164429145] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 02/04/2011 - 07:59:26 - [989062] ----D- C:\Program Files\Microsoft Works Suite 2002
O43 - CFD: 25/07/2011 - 20:26:04 - [15715] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 02/04/2011 - 07:59:26 - [149587] ----D- C:\Program Files\Motherboard Monitor 5
O43 - CFD: 24/05/2011 - 13:10:28 - [17088218] ----D- C:\Program Files\Movie Maker
O43 - CFD: 15/05/2011 - 15:36:30 - [30522380] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 02/04/2011 - 07:59:32 - [33623989] ----D- C:\Program Files\Mozilla Thunderbird
O43 - CFD: 02/04/2011 - 07:59:34 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 02/04/2011 - 07:59:34 - [67836870] ----D- C:\Program Files\MSECache
O43 - CFD: 27/10/2005 - 00:36:22 - [21471559] ----D- C:\Program Files\MSN
O43 - CFD: 27/10/2005 - 00:36:32 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 02/04/2011 - 07:59:36 - [11804] ----D- C:\Program Files\MSSOAP
O43 - CFD: 02/04/2011 - 07:59:36 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 22/05/2011 - 12:22:46 - [6849] ----D- C:\Program Files\MSXML 6.0
O43 - CFD: 28/02/2006 - 06:38:18 - [73033453] ----D- C:\Program Files\muvee Technologies
O43 - CFD: 23/05/2011 - 16:46:06 - [10793491] ----D- C:\Program Files\NetMeeting
O43 - CFD: 02/04/2011 - 07:59:42 - [42] ----D- C:\Program Files\Odebit Multimédia
O43 - CFD: 27/10/2005 - 00:36:44 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 02/04/2011 - 07:59:42 - [387537] ----D- C:\Program Files\OpenOffice.org 2.4
O43 - CFD: 02/04/2011 - 07:59:44 - [461811592] ----D- C:\Program Files\Orange
O43 - CFD: 24/05/2011 - 13:08:32 - [11879614] ----D- C:\Program Files\Outlook Express
O43 - CFD: 15/06/2011 - 18:19:36 - [9771964] ----D- C:\Program Files\PC Connectivity Solution
O43 - CFD: 02/04/2011 - 08:00:16 - [6210904] ----D- C:\Program Files\PC Inspector File Recovery
O43 - CFD: 12/07/2011 - 22:31:24 - [55509401] ----D- C:\Program Files\PC-Doctor 5 for Windows
O43 - CFD: 02/04/2011 - 08:00:22 - [16419068] ----D- C:\Program Files\Photo Story 3 for Windows
O43 - CFD: 02/04/2011 - 08:00:24 - [617] ----D- C:\Program Files\PVAnalysis
O43 - CFD: 30/04/2011 - 22:13:20 - [3157478] ----D- C:\Program Files\Quicksys
O43 - CFD: 22/04/2011 - 20:24:40 - [76322555] ----D- C:\Program Files\QuickTime
O43 - CFD: 28/02/2006 - 06:31:40 - [42316824] ----D- C:\Program Files\Real
O43 - CFD: 02/04/2011 - 08:00:36 - [37900033] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 15/07/2011 - 19:15:14 - [20152801] ----D- C:\Program Files\Reflex TBC
O43 - CFD: 02/04/2011 - 08:00:42 - [1243816] ----D- C:\Program Files\RegCleaner
O43 - CFD: 15/06/2011 - 18:20:10 - [224240067] ----D- C:\Program Files\Samsung
O43 - CFD: 02/04/2011 - 08:01:12 - [525930] ----D- C:\Program Files\Samurize
O43 - CFD: 02/04/2011 - 08:01:12 - [60435509] ----D- C:\Program Files\Securitoo
O43 - CFD: 02/04/2011 - 08:01:14 - [9355640] ----D- C:\Program Files\Serveur Media
O43 - CFD: 04/09/2011 - 18:18:54 - [3454547] ----D- C:\Program Files\Sierra On-Line
O43 - CFD: 02/04/2011 - 08:01:20 - [12177408] ----D- C:\Program Files\SiSoftware
O43 - CFD: 22/05/2011 - 12:05:48 - [138333] ----D- C:\Program Files\Snapshot Viewer
O43 - CFD: 02/04/2011 - 08:01:20 - [671744] ----D- C:\Program Files\Snow for Windows
O43 - CFD: 28/02/2006 - 06:33:22 - [147034891] ----D- C:\Program Files\Sonic
O43 - CFD: 02/04/2011 - 08:01:30 - [90802290] ----D- C:\Program Files\Sony
O43 - CFD: 02/04/2011 - 08:01:42 - [0] ----D- C:\Program Files\Sophos
O43 - CFD: 02/04/2011 - 08:01:42 - [2789] ----D- C:\Program Files\SpeedFan
O43 - CFD: 12/05/2011 - 22:39:24 - [19016] ----D- C:\Program Files\SpywareBlaster
O43 - CFD: 02/04/2011 - 08:01:48 - [5029891] ----D- C:\Program Files\Sqirlz Water Reflections
O43 - CFD: 02/04/2011 - 08:01:48 - [42555579] ----D- C:\Program Files\The Cleaner
O43 - CFD: 02/04/2011 - 08:01:48 - [160743] ----D- C:\Program Files\The Cleaner Demo
O43 - CFD: 02/04/2011 - 08:01:48 - [16287924] ----D- C:\Program Files\ToniArts
O43 - CFD: 24/09/2011 - 18:11:10 - [1794602] ----D- C:\Program Files\Toolbar Uninstaller
O43 - CFD: 19/09/2011 - 23:28:12 - [24167989] ----D- C:\Program Files\Trend Micro
O43 - CFD: 05/09/2011 - 22:52:38 - [892864] ----D- C:\Program Files\Trojan Remover
O43 - CFD: 02/04/2011 - 08:01:48 - [1854] ----D- C:\Program Files\TuneUp Utilities 2009
O43 - CFD: 02/04/2011 - 08:01:48 - [9363895] ----D- C:\Program Files\TuneUp Utilities 2010
O43 - CFD: 23/09/2011 - 17:36:00 - [60820394] ----D- C:\Program Files\TuneUp Utilities 2011
O43 - CFD: 20/10/2005 - 21:06:02 - [0] ----D- C:\Program Files\Uninstall Information
O43 - CFD: 02/04/2011 - 08:01:48 - [523919] ----D- C:\Program Files\VideoLAN
O43 - CFD: 02/04/2011 - 08:01:50 - [0] ----D- C:\Program Files\Webroot
O43 - CFD: 02/04/2011 - 08:01:50 - [5418300] ----D- C:\Program Files\Windows Desktop Search
O43 - CFD: 02/04/2011 - 08:01:50 - [145859952] ----D- C:\Program Files\Windows Live
O43 - CFD: 02/04/2011 - 08:02:08 - [43306481] ----D- C:\Program Files\Windows Live Safety Center
O43 - CFD: 21/04/2011 - 23:49:14 - [0] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 02/04/2011 - 08:02:08 - [3581070] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 23/05/2011 - 16:46:04 - [10499049] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 23/05/2011 - 16:46:04 - [4879615] ----D- C:\Program Files\Windows NT
O43 - CFD: 20/10/2005 - 21:05:52 - [0] ----D- C:\Program Files\WindowsUpdate
O43 - CFD: 17/09/2011 - 07:47:48 - [3665676] ----D- C:\Program Files\Wise Disk Cleaner
O43 - CFD: 21/05/2011 - 10:58:42 - [8765772] ----D- C:\Program Files\Wise Registry Cleaner
O43 - CFD: 02/04/2011 - 08:02:12 - [7381240] ----D- C:\Program Files\XeroBank
O43 - CFD: 27/10/2005 - 00:37:08 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 02/04/2011 - 08:02:12 - [59168733] ----D- C:\Program Files\Xilisoft
O43 - CFD: 02/04/2011 - 08:02:12 - [270638] ----D- C:\Program Files\Zeb-Utility
O43 - CFD: 26/09/2011 - 23:08:00 - [6400577] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 02/04/2011 - 08:02:12 - [4324272] ----D- C:\Program Files\ZNsoft Corporation
O43 - CFD: 16/06/2011 - 21:11:10 - [56426726] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 02/04/2011 - 07:54:56 - [823296] ----D- C:\Program Files\Fichiers Communs\AOL
O43 - CFD: 02/04/2011 - 07:54:56 - [125731108] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 02/04/2011 - 07:55:22 - [560] ----D- C:\Program Files\Fichiers Communs\CANON
O43 - CFD: 02/04/2011 - 07:55:22 - [731648] ----D- C:\Program Files\Fichiers Communs\Designer
O43 - CFD: 02/04/2011 - 07:55:22 - [16635507] ----D- C:\Program Files\Fichiers Communs\France Telecom
O43 - CFD: 28/02/2006 - 06:19:44 - [272917] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD: 28/02/2006 - 06:25:08 - [3830214] ----D- C:\Program Files\Fichiers Communs\HP
O43 - CFD: 28/02/2006 - 06:45:06 - [12827516] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 28/02/2006 - 06:05:54 - [78480491] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 28/02/2006 - 06:34:06 - [4775677] ---AD- C:\Program Files\Fichiers Communs\LightScribe
O43 - CFD: 22/05/2011 - 12:05:10 - [295321502] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 27/10/2005 - 00:35:44 - [991744] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 28/02/2006 - 06:38:18 - [30681599] ----D- C:\Program Files\Fichiers Communs\muvee Technologies
O43 - CFD: 02/04/2011 - 07:56:04 - [354896] ----D- C:\Program Files\Fichiers Communs\Oberon Media
O43 - CFD: 27/10/2005 - 00:35:44 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 02/04/2011 - 07:56:04 - [11322550] ----D- C:\Program Files\Fichiers Communs\PC SOFT
O43 - CFD: 28/02/2006 - 06:31:46 - [20379848] ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD: 02/04/2011 - 07:56:06 - [20480] ----D- C:\Program Files\Fichiers Communs\ROUTE 66
O43 - CFD: 27/10/2005 - 00:35:46 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 28/02/2006 - 06:32:40 - [15627394] ----D- C:\Program Files\Fichiers Communs\Sonic Shared
O43 - CFD: 27/10/2005 - 00:35:46 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 28/02/2006 - 06:32:48 - [475136] ----D- C:\Program Files\Fichiers Communs\SureThing Shared
O43 - CFD: 21/05/2011 - 22:53:14 - [2253264] ----D- C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD: 23/05/2011 - 16:46:02 - [18495459] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 02/04/2011 - 07:56:14 - [0] ----D- C:\Program Files\Fichiers Communs\Thraex Software
O43 - CFD: 28/02/2006 - 06:33:22 - [355840] ----D- C:\Program Files\Fichiers Communs\TiVo Shared
O43 - CFD: 02/04/2011 - 07:56:14 - [324535442] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 22/11/2008 - 18:36:06 - [5112143] ----D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller
O43 - CFD: 25/07/2011 - 21:04:22 - [25193472] ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard
O43 - CFD: 28/02/2006 - 06:31:48 - [352256] ----D- C:\Program Files\Fichiers Communs\xing shared
O43 - CFD: 25/07/2011 - 21:36:12 - [609973] ----D- C:\Program Files\Fichiers Communs\YDP
O43 - CFD: 20/07/2011 - 06:56:26 - [7160749] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Adobe
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\AdobeUM
O43 - CFD: 20/07/2011 - 06:56:26 - [100428459] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Apple Computer
O43 - CFD: 21/07/2011 - 23:43:42 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Auslogics
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Avira
O43 - CFD: 01/08/2011 - 00:58:04 - [882] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\BleachBit
O43 - CFD: 25/07/2011 - 20:47:12 - [1576] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Canneverbe Limited
O43 - CFD: 20/07/2011 - 06:56:26 - [18982] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Canon
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\f-secure
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\FTWeak
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\GlarySoft
O43 - CFD: 20/07/2011 - 06:56:26 - [52902] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Google
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\HPQ
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Identities
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\InstallShield
O43 - CFD: 25/07/2011 - 19:09:30 - [456] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Leadertech
O43 - CFD: 20/07/2011 - 06:56:26 - [470] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Macromedia
O43 - CFD: 20/07/2011 - 06:56:26 - [175904] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Malwarebytes
O43 - CFD: 26/08/2011 - 22:19:28 - [12021840] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Microsoft
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Microsoft Web Folders
O43 - CFD: 25/07/2011 - 20:36:30 - [240] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Nero
O43 - CFD: 20/07/2011 - 06:56:26 - [354] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\PC Suite
O43 - CFD: 20/07/2011 - 06:56:26 - [379340] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Real
O43 - CFD: 20/07/2011 - 06:56:26 - [3234903] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Samsung
O43 - CFD: 25/07/2011 - 19:09:56 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Sonic
O43 - CFD: 20/07/2011 - 06:56:26 - [25201646] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Sun
O43 - CFD: 20/07/2011 - 06:56:26 - [164575] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\TuneUp Software
O43 - CFD: 22/05/2011 - 16:22:54 - [16357552] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Adobe
O43 - CFD: 25/05/2011 - 11:58:48 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Apple
O43 - CFD: 25/05/2011 - 12:02:22 - [57562397] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Apple Computer
O43 - CFD: 24/05/2011 - 13:11:28 - [5091] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\ApplicationHistory
O43 - CFD: 23/07/2011 - 20:51:54 - [147] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Browser Guard
O43 - CFD: 15/06/2011 - 18:15:06 - [99516416] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Downloaded Installations
O43 - CFD: 29/06/2011 - 21:37:44 - [439640] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Google
O43 - CFD: 21/05/2011 - 23:21:52 - [167733374] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Identities
O43 - CFD: 08/09/2011 - 21:50:40 - [7664905] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Microsoft
O43 - CFD: 25/07/2011 - 20:39:42 - [18494] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\MicroVision Applications
O43 - CFD: 25/07/2011 - 20:38:04 - [1130008] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Nero
O43 - CFD: 25/07/2011 - 20:37:00 - [4820] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Nero_AG
O43 - CFD: 22/05/2011 - 11:07:54 - [14169] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Nexway
O43 - CFD: 16/06/2011 - 21:14:32 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Temp
O43 - CFD: 28/02/2006 - 06:05:50 - [11831808] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}
~ Scan Program Folder in 00mn 28s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.73E7321695A66574659BBC65C38C7367] - 26/09/2011 - 21:30:45 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [146797]
O44 - LFC:[MD5.40C12E5B88EBFCAB3245199BDC8A0F13] - 26/09/2011 - 15:16:39 ---A- . (...) -- C:\WINDOWS\wiadebug.log [405]
O44 - LFC:[MD5.9450DA244956293A81909542B21EF03D] - 26/09/2011 - 14:15:03 ---A- . (...) -- C:\WINDOWS\setupapi.log [936]
O44 - LFC:[MD5.E29B2926189D95B21EDF7BCDAF324D21] - 26/09/2011 - 14:14:43 ---A- . (...) -- C:\Ad-Report-SCAN[6].txt [2736]
O44 - LFC:[MD5.268630BD1E6E5BF3CAA0A55749E86A6C] - 26/09/2011 - 14:12:19 ---A- . (...) -- C:\AdwCleaner[S2].txt [1067]
O44 - LFC:[MD5.C700222436787B00069D696635CE7C44] - 26/09/2011 - 14:11:28 ---A- . (...) -- C:\AdwCleaner[S1].txt [1026]
O44 - LFC:[MD5.3132D093E627AFD1DDA552DEDF164CA0] - 26/09/2011 - 14:10:50 ---A- . (...) -- C:\AdwCleaner[R1].txt [869]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/09/2011 - 13:48:10 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.3E363076F3B7188B2CDAD798AA55E052] - 26/09/2011 - 13:47:40 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.BCA57ED8CDDF0D76E293DC0EFF93CC01] - 26/09/2011 - 13:47:27 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.91CD821A791F9AFCDBB39D510120CB83] - 26/09/2011 - 02:12:16 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [5466]
O44 - LFC:[MD5.614DAEFDCE283AD95AF4C0C702C1DF9B] - 25/09/2011 - 19:43:12 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.9F5E23AC2EE1C992D4BA1A0736E7C2B9] - 24/09/2011 - 19:48:26 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI [1063518]
O44 - LFC:[MD5.1B1B74371B314A129F96F9F083D66EBE] - 24/09/2011 - 19:48:26 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat [62578]
O44 - LFC:[MD5.68D2471B97D57C41A91D0263B0A2340F] - 24/09/2011 - 19:48:26 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat [75012]
O44 - LFC:[MD5.B187A7B5FEED64E64BD8495E2F50CF9B] - 24/09/2011 - 19:48:26 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat [423546]
O44 - LFC:[MD5.25BA7BA3E64C0A9AB1AEFDA76DB09389] - 24/09/2011 - 19:48:26 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat [490408]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/09/2011 - 19:44:56 ---A- . (...) -- C:\WINDOWS\Sti_Trace.log [0]
O44 - LFC:[MD5.7199B8154894707E07392A3C6C697CA3] - 24/09/2011 - 19:42:48 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [2852]
O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 24/09/2011 - 00:56:17 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb [16832]
O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 24/09/2011 - 00:56:17 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb [23392]
O44 - LFC:[MD5.5347DC7B975CD4235495F205510E36DB] - 24/09/2011 - 00:35:12 ---A- . (...) -- C:\index.ini [98]
O44 - LFC:[MD5.0B74BCBC985654AEE06756A514C4078D] - 24/09/2011 - 00:15:53 ---A- . (...) -- C:\WINDOWS\win.ini [653]
O44 - LFC:[MD5.B3B2399EB541F22F34D9E42F5C388E77] - 24/09/2011 - 00:14:44 ---A- . (...) -- C:\WINDOWS\system32\HMGGT [32083968]
O44 - LFC:[MD5.EC08D1625F5C6CF2A57B79EB35186F8C] - 23/09/2011 - 23:19:24 ---A- . (.GRISOFT, s.r.o. - AVG7 Clean Driver.) -- C:\WINDOWS\system32\drivers\AvgArCln.sys [3968]
O44 - LFC:[MD5.8B821A438D061F593B563417EAD3C68C] - 20/09/2011 - 21:59:20 ---A- . (...) -- C:\TDSSKiller.2.5.23.0_20.09.2011_22.56.21_log.txt [40484]
O44 - LFC:[MD5.05E2EEC3E35CC3CCC141755596F63C0D] - 20/09/2011 - 21:55:41 ---A- . (...) -- C:\TDSSKiller.2.5.4.0_20.09.2011_22.55.37_log.txt [412]
O44 - LFC:[MD5.7311558A1B943CED90A75E0409F5C5D9] - 16/09/2011 - 20:53:57 ---A- . (...) -- C:\WINDOWS\system32\-1 [57]
O44 - LFC:[MD5.290DFA18C8662ADEBCFBD7B36CE22FE5] - 04/09/2011 - 17:18:54 ---A- . (...) -- C:\WINDOWS\SIERRA.INI [310]
O44 - LFC:[MD5.1ABABD4C9EF2BC81817B4D7D4D9AE539] - 04/09/2011 - 17:18:53 R---- . (.Cendant Software - WON DLL.) -- C:\WINDOWS\system32\SNWValid.dll [231936]
O44 - LFC:[MD5.FC2D004A73B067C2EB4AD4EA58FD3968] - 04/09/2011 - 17:18:53 R---- . (.Cendant Software - WON DLL.) -- C:\WINDOWS\system32\SierraNW.dll [1022976]
O44 - LFC:[MD5.0F78D3DAE6DEDD99AE54C9491C62ADF2] - 01/09/2011 - 17:07:55 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys [138192]
O44 - LFC:[MD5.1E4114685DE1FFA9675E09C6A1FB3F4B] - 01/09/2011 - 17:07:55 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys [66616]
O44 - LFC:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 31/08/2011 - 16:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22216]
~ Scan Files in 01mn 13s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" [Enabled] .(.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(.Hewlett-Packard Co. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" [Enabled] .(.Hewlett-Packard Co. - HP AiO Fax Manager.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" [Enabled] .(.Hewlett-Packard Co. - HP OfficeJet SendFax Interface.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(.Hewlett-Packard Co. - HP All-in-One Launcher Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" [Enabled] .(.Pas de propriétaire - hpqscnvw.) -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Hewlett-Packard - HP CUE-Scanning Flow Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" [Enabled] .(.Hewlett-Packard Co. - Version Test application.) -- C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" [Enabled] .(.Hewlett-Packard - HP ScanJet Copier Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" [Enabled] .(.Hewlett-Packard Co. - HP Fax Setup Wizard.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" [Enabled] .(.Pas de propriétaire - HpqPhUnl MFC Application.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" [Enabled] .(...) -- C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" [Enabled] .(.Hewlett-Packard Co. - Embedded Web Server Link application.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\iexplore.exe" [Disabled] .(.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" [Enabled] .(.PeeringPortal - KTF MUSIC AoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" [Enabled] .(.PeeringPortal - KTF MUSIC VoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Earth\client\googleearth.exe" [Enabled] .(.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\client\googleearth.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
~ Scan Keys in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
~ Scan CSB in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - (no data)
~ Scan IFEO in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.LEAD"="LCODCCMP.DLL" . (.LEAD Technologies, Inc. - LEAD MCMP/MJPEG Codec.) -- C:\WINDOWS\system32\LCODCCMP.DLL
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"LCODCCMP.DLL"="LEAD MCMP/MJPEG Codec (VFW)" . (.LEAD Technologies, Inc. - LEAD MCMP/MJPEG Codec.) -- C:\WINDOWS\system32\LCODCCMP.DLL
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\FTweakFCleaner [Key] . (.FTweak - FCleaner - Clean Up Your System.) -- C:\Program Files\FCleaner\FCleaner.exe
~ Scan SMSR Keys in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108355
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoCDBurning"=0
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.7F26D024355CBADB60838F53DFB171EC] - 26/09/2011 - 23:11:00 ---A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS [3644928]
O58 - SDL:[MD5.62271FF14BAA810323AC816C5D355BA9] - 26/09/2011 - 21:53:00 ---A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdK8.sys [43008]
O58 - SDL:[MD5.DE91D0D73C3E61E6826D98FAC2FAC729] - 26/09/2011 - 15:17:42 ---A- . (...) -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS [5824]
O58 - SDL:[MD5.7A6CF9F411A9C5BD5C442A1CD46AF401] - 26/09/2011 - 05:35:00 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [1313792]
O58 - SDL:[MD5.EC08D1625F5C6CF2A57B79EB35186F8C] - 26/09/2011 - 13:00:28 ---A- . (.GRISOFT, s.r.o. - AVG7 Clean Driver.) -- C:\WINDOWS\system32\drivers\AvgArCln.sys [3968]
O58 - SDL:[MD5.E8054A423E5D2BDAE6062BAB6DA159C4] - 26/09/2011 - 14:33:46 ---A- . (.GRISOFT, s.r.o. - AVG Anti-Rootkit Driver.) -- C:\WINDOWS\system32\drivers\avgarkt.sys [5632]
O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 26/09/2011 - 13:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys [45416]
O58 - SDL:[MD5.1E4114685DE1FFA9675E09C6A1FB3F4B] - 26/09/2011 - 17:07:55 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys [66616]
O58 - SDL:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 26/09/2011 - 13:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys [22360]
O58 - SDL:[MD5.0F78D3DAE6DEDD99AE54C9491C62ADF2] - 26/09/2011 - 17:07:55 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys [138192]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 26/09/2011 - 12:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 26/09/2011 - 12:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 26/09/2011 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.919DE7D76D2C0C0139E08B3E7592D62E] - 26/09/2011 - 00:46:46 ---A- . (.LT - LT Windows Modem.) -- C:\WINDOWS\system32\drivers\ltmdmnt.sys [607452]
O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 26/09/2011 - 16:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22216]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 26/09/2011 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.175CC28DCF819F78CAA3FBD44AD9E52A] - 26/09/2011 - 14:53:26 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [21632]
O58 - SDL:[MD5.263AA696D8A1D78234F17C303E89B78D] - 26/09/2011 - 03:58:31 ---A- . (.Windows (R) 2000 DDK provider - PCDR NDIS User mode I/O Driver.) -- C:\WINDOWS\system32\drivers\pcdrndisuio.sys [13440]
O58 - SDL:[MD5.390C204CED3785609AB24E9C52054A84] - 26/09/2011 - 00:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\WINDOWS\system32\drivers\PS2.sys [19072]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 26/09/2011 - 05:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.86724469CD077901706854974CD13C3E] - 26/09/2011 - 09:03:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys [20640]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 26/09/2011 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 26/09/2011 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 26/09/2011 - 22:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\drivers\RTL8139.sys [20992]
O58 - SDL:[MD5.7889E3981E0A5D347E037ABD467D53A5] - 26/09/2011 - 19:11:42 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys [78720]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 26/09/2011 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.6CE397C482BEDE91A38E56A8C4A0DC6D] - 26/09/2011 - 14:08:56 ---A- . (.Prolific Technology Inc. - USB-to-Serial Cable Driver.) -- C:\WINDOWS\system32\drivers\ser2pl.sys [42752]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 26/09/2011 - 13:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.EAA66218CD39F5BB1B4853A78C67C787] - 26/09/2011 - 10:01:26 ---A- . (.MCCI - SAMSUNG USB Mobile Device.) -- C:\WINDOWS\system32\drivers\ss_bbus.sys [90112]
O58 - SDL:[MD5.2DD4E8844F8F094659DD695A80FED36E] - 26/09/2011 - 03:25:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\ss_bcm.sys [12416]
O58 - SDL:[MD5.2DD4E8844F8F094659DD695A80FED36E] - 26/09/2011 - 03:25:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\ss_bcmnt.sys [12416]
O58 - SDL:[MD5.B89D62206034E5FE573C80A24DD55675] - 26/09/2011 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem Filter.) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys [14848]
O58 - SDL:[MD5.1ED0FCEA586FE2A416EE15196E5631DD] - 26/09/2011 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem.) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys [123648]
O58 - SDL:[MD5.29B73D03AE6EDABB88E50364B066A6CA] - 26/09/2011 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\WINDOWS\system32\drivers\ss_bwh.sys [12160]
O58 - SDL:[MD5.29B73D03AE6EDABB88E50364B066A6CA] - 26/09/2011 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\WINDOWS\system32\drivers\ss_bwhnt.sys [12160]
O58 - SDL:[MD5.F92254B0BCFCD10CAAC7BCCC7CB7F467] - 26/09/2011 - 12:48:56 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [7168]
O58 - SDL:[MD5.D9D5E4CA72270E9F3ECA97DA0983AB87] - 26/09/2011 - 19:40:50 ---A- . (.M-Systems - TrueFFS Port Driver.) -- C:\WINDOWS\system32\drivers\tffsport.sys [149376]
O58 - SDL:[MD5.A31246180E61140AD7FF9DD7EDF1F6A1] - 26/09/2011 - 05:09:00 ---A- . (.Trend Micro Inc. - TrendMicro Common Module NoTrap Build.) -- C:\WINDOWS\system32\drivers\tmcomm.sys [200976]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 26/09/2011 - 12:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.D4FB6ECC60A428564BA8768B0E23C0FC] - 26/09/2011 - 16:36:58 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\drivers\usbaapl.sys [41984]
O58 - SDL:[MD5.F2CE99DD9F56BAFC49234A1EFB0AFC8E] - 26/09/2011 - 03:51:19 ---A- . (...) -- C:\WINDOWS\system32\drivers\USBkey.sys [28848]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 26/09/2011 - 12:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.B72D232E46FF5EE2BD8F61498B748DF7] - 26/09/2011 - 18:44:06 ---A- . (.Liteon Technology Inc. - Driver for Liteon Wireless Network Adapter.) -- C:\WINDOWS\system32\drivers\wn5301.sys [468768]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.F70A3496973852F5CC2EB838F2E89CB2] - 26/09/2011 - 05:40:21 ---A- . (...) -- C:\WINDOWS\system32\CHODDI.SYS [13642]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.790A4CA68F44BE35967B3DF61F3E4675] - 26/09/2011 - 09:39:36 ---A- . (...) -- C:\WINDOWS\system32\FsUsbExDisk.Sys [36608]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 26/09/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 26/09/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 26/09/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 26/09/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 26/09/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 26/09/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Scan Drivers in 00mn 01s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: Ad-Remover - (.Pas de propriétaire.) [HKCU] -- Ad-Remover
O63 - Logiciel: ToolsCleaner - (.A.Rothstein & dj QUIOU.)
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 22/05/2011 - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur(AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE
O64 - Services: CurCS - 01/09/2011 - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard(AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE
O64 - Services: CurCS - 18/01/2007 - C:\WINDOWS\system32\DRIVERS\AvgArCln.sys - Avg Anti-Rootkit Clean Driver(AvgArCln) .(.GRISOFT, s.r.o. - AVG7 Clean Driver.) - LEGACY_AVGARCLN
O64 - Services: CurCS - 17/06/2010 - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio(avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO
O64 - Services: CurCS - 01/09/2011 - C:\WINDOWS\system32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 01/09/2011 - C:\WINDOWS\system32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - 05/08/2004 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 31/03/2009 - C:\WINDOWS\system32\FsUsbExDisk.sys - FsUsbExDisk (FsUsbExDisk) .(...) - LEGACY_FSUSBEXDISK
O64 - Services: CurCS - 31/03/2009 - C:\WINDOWS\system32\FsUsbExService.exe - FsUsbExService(FsUsbExService) .(.Teruten - FsUsbDevice.) - LEGACY_FSUSBEXSERVICE
O64 - Services: CurCS - 22/10/2004 - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager(IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT
O64 - Services: CurCS - 04/07/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - 19/12/2005 - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe - LightScribeService Direct Disc Labeling Service(LightScribeService) .(.Hewlett-Packard Company - Pas de description.) - LEGACY_LIGHTSCRIBESERVICE
O64 - Services: CurCS - 15/01/2010 - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe - McAfee Security Scan Component Host Service(McComponentHostService) .(.McAfee, Inc. - Component Host Service.) - LEGACY_MCCOMPONENTHOSTSERVICE
O64 - Services: CurCS - 04/03/2010 - C:\Program Files\CDBurnerXP\NMSAccessU.exe - NMSAccess (NMSAccess) .(...) - LEGACY_NMSACCESS
O64 - Services: CurCS - 07/04/2008 - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer(ServiceLayer) .(.Nokia. - ServiceLayer Module.) - LEGACY_SERVICELAYER
O64 - Services: CurCS - 17/06/2010 - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\tffsport.sys - M-Systems DiskOnChip 2000(tffsport) .(.M-Systems - TrueFFS Port Driver.) - LEGACY_TFFSPORT
O64 - Services: CurCS - ??/??/???? - C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\TrueSight.sys (.not file.) - TrueSight (TrueSight) .(...) - LEGACY_TRUESIGHT
O64 - Services: CurCS - 20/07/2011 - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe - TuneUp Utilities Service(TuneUp.UtilitiesSvc) .(.TuneUp Software - TuneUp Utilities Service.) - LEGACY_TUNEUP.UTILITIESSVC
O64 - Services: CurCS - 07/10/2010 - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys - TuneUpUtilitiesDrv(TuneUpUtilitiesDrv) .(.TuneUp Software - TuneUp Utilities Driver.) - LEGACY_TUNEUPUTILITIESDRV
~ Scan Services in 00mn 01s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} [DefaultScope] - (Bing) - http://www.bing.com
~ Scan Keys in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.37802DC23540941D3D5FFC0CFB97D9F0] [SPRF][26/09/2011] (...) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\AD-R.exe [1563105]
[MD5.1A15A7CACDEBA7A811277BC1F6A9F9F4] [SPRF][26/09/2011] (...) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\adwcleaner.exe [478536]
[MD5.6BC44F764CF8E5AD20AE21FE430F4BE3] [SPRF][23/09/2011] (...) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\avg-anti-rootkit_avg_anti-rootkit_1.1.0.42_anglais_34515.exe [423736]
[MD5.2DB68C03FD02B30BB7A9FCDA9AE32C4F] [SPRF][20/01/2011] (.France Telecom - DSLtest.) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\DSLtest2103.exe [3330048]
[MD5.458502A988973346105B0AF455CA4C70] [SPRF][25/09/2011] (...) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\RogueKiller.exe [657920]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][26/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][26/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]
[MD5.F1CD64DD3702BDCDFB0531BB21C6BEFC] [SPRF][21/06/2011] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.3 r181.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [3123872]
[MD5.6F88F1DE97B7BA6E2BE4DC29AEEACF0D] [SPRF][27/07/2004] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [323584]
~ Scan Files in 00mn 00s
---\\ Recherche détournement de DNS routeur (O89)
Serveur : livebox.home
Address: 192.168.1.1
Nom : www.l.google.com
Addresses: 74.125.39.99, 74.125.39.147, 74.125.39.104, 74.125.39.106
74.125.39.105, 74.125.39.103
Aliases: www.google.fr, www.google.com
~ Scan DNS in 00mn 02s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 26/09/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 26/09/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 26/09/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 26/09/2011 376832 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe
SR - | Auto 26/09/2011 349472 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 26/09/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SR - | Auto 26/09/2011 233472 | (FsUsbExService) . (.Teruten.) - C:\WINDOWS\system32\FsUsbExService.exe
SS - | Demand 26/09/2011 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SR - | Demand 26/09/2011 820520 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 26/09/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SR - | Auto 26/09/2011 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
SS - | Demand 26/09/2011 227232 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
SR - | Auto 71096 | (NMSAccess) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
SS - | Boot 26/09/2011 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe
SS - | Demand 26/09/2011 430592 | (ServiceLayer) . (.Nokia..) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
SR - | Auto 26/09/2011 1526592 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
~ Scan Services in 00mn 03s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by HP_Propriétaire at 26/09/2011 23:10:05
device: opened successfully
user: error reading MBR
Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ Scan MBR in 00mn 05s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by HP_Propriétaire at 26/09/2011 23:10:07
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 07s
End of the scan (1233 lines in 02mn 20s)(0)
Dernier rapport J'ai pas de problème avec windows c'est celui d'origine
Cordialement
Rapport de ZHPDiag v1.28.1354 par Nicolas Coolman, Update du 25/09/2011
Run by HP_Propriétaire at 26/09/2011 23:07:46
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
---\\ Windows Product Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ System Information
~ Processor: x86 Family 15 Model 36 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 958 MB (39% free)
System Restore: Activé (Enable)
System drive C: has 101 GB (55%) free of 181 GB
---\\ Logged in mode
~ Computer Name: NOM-EB85C523610
~ User Name: HP_Propriétaire
~ All Users Names: SUPPORT_fddfa904, SUPPORT_388945a0, HP_Propriétaire, HelpAssistant, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\
~ %Desktop% : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\
~ %Favorites% : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Favoris\
~ %LocalAppData% : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 101 Go of 181 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 6 Go)
E:\ CD-ROM drive (Free 0 Go of 0 Go)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.26/09/2011 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.26/09/2011 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.26/09/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.26/09/2011 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.26/09/2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.26/09/2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/23
~ Mes musiques (My Musics) : 1/53
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 2/44
~ Mes Documents (My Documents) : 120/16276
~ Mon Bureau (My Desktop) : 1953/3832
~ Menu demarrer (Programs) : 6/29
~ Scan Hidden Files in 00mn 10s
---\\ Processus lancés
[MD5.D21352BCAAB174948EB9672BC203BB0F] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [376832] [PID.]
[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.160]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.176]
[MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.]
[MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664] [PID.]
[MD5.F2060A34C8A75BC24A9222EB4F8C07BD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [349472] [PID.]
[MD5.D3F9205CC4CB07553F2F9472C767EA87] - (.Teruten - FsUsbDevice.) -- C:\WINDOWS\system32\FsUsbExService.Exe [233472] [PID.]
[MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]
[MD5.9696786759C4B43FA5C894747E893EA2] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [73728] [PID.]
[MD5.7AEA4DF1CA68FD45DD4BBE1F0243CE7F] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.]
[MD5.2DD856C4A4D61D682A7007505C8AD98F] - (.TuneUp Software - TuneUp Utilities Service.) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [1526592] [PID.]
[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.]
[MD5.E611C000DBFD4E250AB7806F74B895D8] - (.TuneUp Software - TuneUp Utilities.) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe [671552] [PID.2676]
[MD5.C81BE1B951C36E97D3DA90DA745DA5F7] - (.Hewlett-Packard Company - KBD EXE.) -- C:\HP\KBD\KBD.EXE [61440] [PID.1012]
[MD5.7B8875A5B04932AC73AFD8079864DB68] - (.Realtek Semiconductor Corp. - Realtek Audio - Event Monitor.) -- C:\WINDOWS\ALCXMNTR.EXE [57344] [PID.3528]
[MD5.29E8E6B337D61C931B11A90A98310626] - (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064] [PID.3672]
[MD5.C0FD8553CECDE061AD3E7C1CC80C7EDB] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160] [PID.1000]
[MD5.E51BD095B2FDF56B17EE010BB794D6ED] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820520] [PID.]
[MD5.7F7BC88C8FB6B52989E0E93084B5E678] - (.Microsoft Corporation - Windows® installer.) -- C:\WINDOWS\system32\msiexec.exe [95744] [PID.]
[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816] [PID.2732]
[MD5.D30EB2F98504F30ECAAEEF90DDC7DE98] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2122752] [PID.2260]
[MD5.AB0A7CA90D9E3D6A193905DC1715DED0] - (.Microsoft Corporation - Windows User Mode Driver Manager.) -- C:\WINDOWS\system32\wdfmgr.exe [38912] [PID.]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]
~ Scan Processes Running in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\fn2md5by.default\prefs.js
C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\fn2md5by.default\user.js (.not file.)
M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\fn2md5by.default\searchplugins\orange.xml
M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [HP_Propriétaire - fn2md5by.default] http://fr.msn.com
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\fsonlinescanner@f-secure.com] [] {PRODUCT-NAME} v1.00 (.F-Secure Corporation.)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\info@djzig.com] [] LavaFox V1 v1.1.6 (.Zigboom.)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v7.1.20110316W (.Google Inc..)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\{56e045c6-d94b-41e8-ac4c-c2ddfb0e304a}] [] Argente FR Toolbar v2.5.6.0 (.Conduit Ltd..)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}] [] AmbientFox v0.4 (.Ambientthemes.)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\{D46E8522-6E86-44b1-A622-58C0668AD78E}] [] Classic Compact v3.6.0 (.Ken Barbalace EnvironmentalChemistry.com.)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\{e001c731-5e37-4538-a5cb-8168736a2360}] [] BitDefender QuickScanner v3.6.0 (.BitDefender R&D Team.)
M2 - MFEP: prefs.js [HP_Propriétaire - fn2md5by.default\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}] [] Adobe DLM (powered by getPlus(R)) v1.6.2.63 (.NOS Microsystems Ltd..)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.3.2".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16263.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2240] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.2.2298] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1348] - (.RealNetworks, Inc. - 6.0.12.1348.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com
R0 - HKUS\S-1-5-21-3553853109-1193228773-2612436283-1008\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Barre d'outils client IE Google.) -- c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: TMIEGBHO - {F1AD4A42-BA52-47BC-89DF-3F68F24C017F} . (.Trend Micro Inc. - Pas de description.) -- C:\Program Files\Trend Micro\Browser Guard\TMAMS.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Barre d'outils client IE Google.) -- c:\program files\google\googletoolbar1.dll
O3 - Toolbar: TMBGBAR TOOLBAR - {C8137A8D-415D-450C-A1B1-D0C519D45296} . (.Trend Micro Inc. - Pas de description.) -- C:\Program Files\Trend Micro\Browser Guard\tmieg.dll
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [HPBootOp] . (.Hewlett-Packard Company - HP Boot Optimizer.) -- C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-3553853109-1193228773-2612436283-1008\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\CDBurnerXP.lnk . (.Canneverbe Limited.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\DVD Play.lnk . (.CyberLink Corp..) -- C:\Program Files\HP\DVDPlay\DVDPlay.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Lanceur de tâches Microsoft Works.lnk . (.Microsoft® Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Access.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\accicons.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Excel.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft FrontPage.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\misc.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Office PowerPoint Viewer 2003.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Outlook.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\outicon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft PhotoDraw.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office\PHOTODRW.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft PowerPoint.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\pptico.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Publisher.lnk . (...) -- C:\WINDOWS\Installer\{0004040C-78E1-11D2-B60F-006097C998E7}\pubs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Word.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\My PC Choice.lnk . (...) -- C:\hp\VINETLINK\VINETLINK.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\TuneUp Utilities 2011.lnk . (.TuneUp Software.) -- C:\Program Files\TuneUp Utilities 2011\Integrator.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Search.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Traduire à partir de l'anglais . (.Google Inc. - Barre d'outils client IE Google.) -- C:\Program Files\Google\GoogleToolbar1.dll
O8 - Extra context menu item: Pages liées . (.Google Inc. - Barre d'outils client IE Google.) -- C:\Program Files\Google\GoogleToolbar1.dll
O8 - Extra context menu item: Pages similaires . (.Google Inc. - Barre d'outils client IE Google.) -- C:\Program Files\Google\GoogleToolbar1.dll
O8 - Extra context menu item: Recherche &Google . (.Google Inc. - Barre d'outils client IE Google.) -- C:\Program Files\Google\GoogleToolbar1.dll
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google . (.Google Inc. - Barre d'outils client IE Google.) -- C:\Program Files\Google\GoogleToolbar1.dll
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} . (...) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (...) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A20EECFA-1547-4D2F-8FED-F8B04E06D21C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer = 15.243.128.51 15.243.160.51
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpDomain = rgv.hp.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{A20EECFA-1547-4D2F-8FED-F8B04E06D21C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer = 15.243.128.51 15.243.160.51
O17 - HKLM\System\CS1\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpDomain = rgv.hp.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{A20EECFA-1547-4D2F-8FED-F8B04E06D21C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer = 15.243.128.51 15.243.160.51
O17 - HKLM\System\CS2\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpDomain = rgv.hp.com
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\WINDOWS\system32\FsUsbExService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMSAccess (NMSAccess) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{248B98ED-C8E3-49EA-B73F-1D85873C51A2}.job
~ Scan Scheduled Task in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\system32\DRIVERS\AmdK8.sys
O41 - Driver: (AvgArCln) . (.GRISOFT, s.r.o. - AVG7 Clean Driver.) - C:\WINDOWS\system32\DRIVERS\AvgArCln.sys
O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver
O42 - Logiciel: AVG Anti-Rootkit Free - (.GRISOFT.) [HKLM] -- AVGantiRootkit
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader X (10.1.0) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Amélioration de nos services - (.Hewlett-Packard.) [HKLM] -- InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {853A4763-6643-4604-8D64-28BDD8925F4C}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Arovax AntiSpyware 2.1.153 - (.Arovax Software.) [HKLM] -- Arovax AntiSpyware
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: BleachBit - (.BleachBit.) [HKLM] -- BleachBit
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {C2E4B5BD-32DB-4817-A060-341AB17C3F90}
O42 - Logiciel: BugOff 1.10 - (.Soeperman Enterprises Ltd..) [HKLM] -- BugOff
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Canon MP Navigator EX 2.0 - (.Pas de propriétaire.) [HKLM] -- MP Navigator EX 2.0
O42 - Logiciel: Canon MP240 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP240_series
O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Utilities My Printer - (.Pas de propriétaire.) [HKLM] -- CanonMyPrinter
O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propriétaire.) [HKLM] -- CanonSolutionMenu
O42 - Logiciel: Enregistrement utilisateur de Canon MP240 series - (.Pas de propriétaire.) [HKLM] -- Enregistrement utilisateur de Canon MP240 series
O42 - Logiciel: FCleaner 1.3.1.621 - (.FTweak, Inc..) [HKLM] -- FCleaner_is1
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Pas de propriétaire.) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008}
O42 - Logiciel: HP Appareils photos Photosmart 5.0 - (.HP.) [HKLM] -- {C83A12B9-B31B-461A-BBD4-CE9B988094F1}
O42 - Logiciel: HP Boot Optimizer - (.Hewlett-Packard Company.) [HKLM] -- {3BA95526-6AE0-4B87-A62D-17187EF565FC}
O42 - Logiciel: HP DVD Play 1.0 - (.Pas de propriétaire.) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1}
O42 - Logiciel: HP Deskjet Printer Preload - (.Hewlett-Packard Company.) [HKLM] -- {2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
O42 - Logiciel: HP Document Viewer 5.3 - (.HP.) [HKLM] -- HP Document Viewer
O42 - Logiciel: HP Imaging Device Functions 6.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Multimedia Keyboard Software - (.Pas de propriétaire.) [HKLM] -- KBD
O42 - Logiciel: HP PSC & OfficeJet 5.3.A - (.HP.) [HKLM] -- {3E386744-10FA-44b2-98C9-DF7A270DECB3}
O42 - Logiciel: HP PSC & OfficeJet 5.3.B - (.HP.) [HKLM] -- {5B79CFD1-6845-4158-9D7D-6BE89DF2C135}
O42 - Logiciel: HP Photosmart 330,380,420,470,7800,8000,8200 Series - (.HP.) [HKLM] -- {33D6CC28-9F75-4d1b-A11D-98895B3A3729}
O42 - Logiciel: HP Photosmart Premier Software 6.0 - (.HP.) [HKLM] -- HP Photo & Imaging
O42 - Logiciel: HP Software Update - (.HEWLET~1|Hewlett-Packard.) [HKLM] -- {ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.3 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: INFORAD MANAGER 3.6 - (.Pas de propriétaire.) [HKLM] -- INFORAD MANAGER_is1
O42 - Logiciel: J2SE Runtime Environment 5.0 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150050}
O42 - Logiciel: Java(TM) 6 Update 25 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216025F0}
O42 - Logiciel: Java(TM) 6 Update 26 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216026FF}
O42 - Logiciel: Lecteur Windows Media 10 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] -- {56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft Office 2000 CD-ROM 2 - (.Microsoft Corporation.) [HKLM] -- {0004040C-78E1-11D2-B60F-006097C998E7}
O42 - Logiciel: Microsoft Office 2000 Premium - (.Microsoft Corporation.) [HKLM] -- {0000040C-78E1-11D2-B60F-006097C998E7}
O42 - Logiciel: Microsoft PhotoDraw 2000 - (.Pas de propriétaire.) [HKLM] -- Microsoft PhotoDraw 2000
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {A059DE09-1B49-4450-B340-7AE097EC3F04}
O42 - Logiciel: Module d’enregistrement 1.5.1.2 - (.YDP SA.) [HKLM] -- FlashComponents
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {AC599724-5755-48C1-ABE7-ABB857652930}
O42 - Logiciel: PC-Doctor 5 for Windows - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows
O42 - Logiciel: PS2 - (.Pas de propriétaire.) [HKLM] -- PS2
O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 6194C28A8F62DD817EA1B918E6E46E806A21B452
O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 65B6FE5418CE28F4D72543FB2D964C3CEC83F161
O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) - (.Nokia.) [HKLM] -- 3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F
O42 - Logiciel: Panneau de contrôle ATI - (.Pas de propriétaire.) [HKLM] -- {0BEDBD4E-2D34-47B5-9973-57E62B29307C}
O42 - Logiciel: Python 2.2 pywin32 extensions (build 203) - (.Pas de propriétaire.) [HKLM] -- pywin32-py2.2
O42 - Logiciel: Python 2.2.3 - (.PythonLabs at Zope Corporation.) [HKLM] -- Python 2.2.3
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: Rapid Cleaner - (.Douali Nassim.) [HKLM] -- {145DE4FE-6384-49C9-8C7F-6EA25D233254}_is1
O42 - Logiciel: RealPlayer - (.Pas de propriétaire.) [HKLM] -- RealPlayer 6.0
O42 - Logiciel: Reflex TBC - (.Pas de propriétaire.) [HKLM] -- {1B49062F-7914-4ABF-90F9-90B3FAEAFB4C}
O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Composite Device
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: SAMSUNG SYMBIAN USB Download Driver - (.SAMSUNG Electronics CO,.LTD.) [HKLM] -- {D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}
O42 - Logiciel: SAMSUNG USB Mobile Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG USB Mobile Device
O42 - Logiciel: Samsung Mobile Modem Device Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile Modem Device
O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: SamsungConnectivityCableDriver - (.Samsung.) [HKLM] -- {7E84FAC8-C518-40F9-9807-7455301D6D25}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Sierra Print Artist 4.0 (md) - (.Pas de propriétaire.) [HKLM] -- Print Artist 4.0 Gold
O42 - Logiciel: Sonic Express Labeler - (.Sonic Solutions.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
O42 - Logiciel: Sonic MyDVD Plus - (.Sonic Solutions.) [HKLM] -- {21657574-BD54-48A2-9450-EB03B2C7FC29}
O42 - Logiciel: Sonic RecordNow Audio - (.Sonic Solutions.) [HKLM] -- {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
O42 - Logiciel: Sonic RecordNow Copy - (.Sonic Solutions.) [HKLM] -- {B12665F4-4E93-4AB4-B7FC-37053B524629}
O42 - Logiciel: Sonic RecordNow Data - (.Sonic Solutions.) [HKLM] -- {075473F5-846A-448B-BCB3-104AA1760205}
O42 - Logiciel: Sonic Update Manager - (.Sonic Solutions.) [HKLM] -- {30465B6C-B53F-49A1-9EBA-A3F187AD502E}
O42 - Logiciel: Toolbar Uninstaller 1.0.0.1 - (.Decomputeur.nl.) [HKLM] -- Toolbar Uninstaller_is1
O42 - Logiciel: TuneUp Utilities 2011 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities 2011
O42 - Logiciel: Utilités Sierra - (.Pas de propriétaire.) [HKLM] -- Utilités Sierra
O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {F59A9E08-A6A4-4ACF-91F2-D0344956C30B}
O42 - Logiciel: muvee autoProducer 4.5 - (.muvee Technologies.) [HKLM] -- {E073D315-3C54-44BF-A1B2-B5583AEA618C}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\Adobe]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Auslogics]
[HKCU\Software\Avira]
[HKCU\Software\BleachBit]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\ClearProg]
[HKCU\Software\FTweak]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Leadertech]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mobileleader]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Samsung]
[HKCU\Software\Sonic]
[HKCU\Software\Sysinternals]
[HKCU\Software\TCP Optimizer]
[HKCU\Software\TrendMicro]
[HKCU\Software\TuneUp]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\stevengould.org]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Ahead]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Avance]
[HKLM\Software\Avira]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Commest]
[HKLM\Software\CyberLink]
[HKLM\Software\DEVGURU]
[HKLM\Software\Debug]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\Grisoft]
[HKLM\Software\HPQ]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\InstallShield]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LEAD Technologies, Inc.]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MarkAny]
[HKLM\Software\McAfee.com]
[HKLM\Software\MicroVision]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PC-Doctor]
[HKLM\Software\PCSuite]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Python]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RichFX]
[HKLM\Software\Samsung]
[HKLM\Software\Schlumberger]
[HKLM\Software\Sierra OnLine]
[HKLM\Software\Sonic]
[HKLM\Software\SymNRT]
[HKLM\Software\Symantec]
[HKLM\Software\TrendMicro]
[HKLM\Software\TuneUp]
[HKLM\Software\Wilson WindowWare]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\X-AVCSD]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\muvee Technologies]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/05/2011 - 22:39:54 - [3511045] ----D- C:\Program Files\7-Zip
O43 - CFD: 02/04/2011 - 07:53:14 - [581306] ----D- C:\Program Files\a-squared Free
O43 - CFD: 26/09/2011 - 15:14:06 - [1573736] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 16/06/2011 - 21:11:10 - [375155616] ----D- C:\Program Files\Adobe
O43 - CFD: 02/04/2011 - 07:53:48 - [4814870] ----D- C:\Program Files\AIDA32 - Personal System Information
O43 - CFD: 02/04/2011 - 07:53:48 - [429996160] ----D- C:\Program Files\Alwil Software
O43 - CFD: 02/04/2011 - 07:54:00 - [57170238] ----D- C:\Program Files\aMSN
O43 - CFD: 02/04/2011 - 07:54:14 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 05/05/2011 - 23:43:20 - [370390] ----D- C:\Program Files\Argente - Registry Cleaner
O43 - CFD: 02/04/2011 - 07:54:16 - [3843847] ----D- C:\Program Files\Argente - StartUp Manager
O43 - CFD: 02/04/2011 - 07:54:18 - [6509627] ----D- C:\Program Files\Argente Software
O43 - CFD: 09/08/2011 - 14:53:18 - [20020987] ----D- C:\Program Files\Argente Utilities
O43 - CFD: 03/09/2011 - 06:10:30 - [4116648] ----D- C:\Program Files\Arovax AntiSpyware
O43 - CFD: 02/04/2011 - 07:54:22 - [7371] ----D- C:\Program Files\Astase
O43 - CFD: 28/02/2006 - 06:15:20 - [16324751] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 02/04/2011 - 07:54:22 - [4449275] ----D- C:\Program Files\Auslogics
O43 - CFD: 02/04/2011 - 07:54:24 - [13123840] ----D- C:\Program Files\Avery Dennison
O43 - CFD: 20/05/2011 - 13:40:18 - [152918186] ----D- C:\Program Files\Avira
O43 - CFD: 02/04/2011 - 07:54:34 - [3005440] ----D- C:\Program Files\AVS4YOU
O43 - CFD: 01/08/2011 - 01:00:38 - [8084874] ----D- C:\Program Files\BleachBit
O43 - CFD: 25/05/2011 - 11:57:42 - [627515] ----D- C:\Program Files\Bonjour
O43 - CFD: 22/05/2011 - 12:45:38 - [306793123] ----D- C:\Program Files\Canon
O43 - CFD: 05/11/2009 - 20:14:10 - [28014124] ----D- C:\Program Files\CanonBJ
O43 - CFD: 02/04/2011 - 07:54:46 - [2937560] ----D- C:\Program Files\CCleaner
O43 - CFD: 25/07/2011 - 20:47:02 - [17392513] ----D- C:\Program Files\CDBurnerXP
O43 - CFD: 02/04/2011 - 07:54:48 - [208244] ----D- C:\Program Files\Change Extension
O43 - CFD: 02/04/2011 - 07:54:48 - [571169] ----D- C:\Program Files\CleanUp!
O43 - CFD: 02/04/2011 - 07:54:48 - [366850] ----D- C:\Program Files\ClearProg
O43 - CFD: 02/04/2011 - 07:54:48 - [739432] ----D- C:\Program Files\Cobian Backup 8
O43 - CFD: 20/10/2005 - 21:06:30 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 02/04/2011 - 07:54:48 - [3895856] ----D- C:\Program Files\Defraggler
O43 - CFD: 02/04/2011 - 07:54:50 - [4504800] ----D- C:\Program Files\DIFX
O43 - CFD: 02/04/2011 - 07:54:50 - [170277] ----D- C:\Program Files\Digital Camera
O43 - CFD: 02/04/2011 - 07:54:50 - [3967] ----D- C:\Program Files\dl
O43 - CFD: 02/04/2011 - 07:54:50 - [254204] ----D- C:\Program Files\Dnote Software
O43 - CFD: 02/04/2011 - 07:54:50 - [7417163] ----D- C:\Program Files\Emsisoft Anti-Malware
O43 - CFD: 02/04/2011 - 07:54:52 - [106658300] ----D- C:\Program Files\Enjoy 5e
O43 - CFD: 02/04/2011 - 07:54:52 - [4467372] ----D- C:\Program Files\EPSON
O43 - CFD: 26/09/2011 - 03:03:02 - [41] ----D- C:\Program Files\ewido anti-spyware 4.0
O43 - CFD: 12/07/2011 - 00:22:20 - [3187328] ----D- C:\Program Files\FCleaner
O43 - CFD: 03/09/2011 - 06:17:10 - [1056413993] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 14/05/2011 - 10:31:22 - [5944320] ----D- C:\Program Files\Free Audio Pack
O43 - CFD: 02/04/2011 - 07:56:14 - [401140] ----D- C:\Program Files\Free Window Registry Repair
O43 - CFD: 02/04/2011 - 07:56:14 - [5101826] ----D- C:\Program Files\Gamenext
O43 - CFD: 02/04/2011 - 07:56:14 - [0] ----D- C:\Program Files\GeCAD
O43 - CFD: 02/04/2011 - 07:56:14 - [113823568] ----D- C:\Program Files\GIMP-2.0
O43 - CFD: 04/05/2011 - 21:50:08 - [25915219] ----D- C:\Program Files\Glary Utilities
O43 - CFD: 28/02/2006 - 06:48:06 - [439280423] ----D- C:\Program Files\Google
O43 - CFD: 24/09/2011 - 00:19:24 - [3748052] ----D- C:\Program Files\Grisoft
O43 - CFD: 28/02/2006 - 06:58:26 - [20179907] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 28/02/2006 - 06:34:40 - [684705699] ----D- C:\Program Files\HP
O43 - CFD: 02/08/2011 - 13:38:00 - [11011397] ----D- C:\Program Files\INFORAD
O43 - CFD: 02/08/2011 - 13:37:54 - [545446] ----D- C:\Program Files\INFORAD_DRIVERS
O43 - CFD: 25/07/2011 - 22:35:48 - [88879844] ----D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 24/08/2011 - 14:54:38 - [8190224] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 02/04/2011 - 07:58:06 - [258549] ----D- C:\Program Files\Internet Explorer Cleaner
O43 - CFD: 06/05/2011 - 22:11:32 - [16255021] ----D- C:\Program Files\IObit
O43 - CFD: 22/04/2011 - 20:25:52 - [1856627] ----D- C:\Program Files\iPod
O43 - CFD: 25/05/2011 - 12:01:46 - [163693547] ----D- C:\Program Files\iTunes
O43 - CFD: 07/07/2011 - 06:38:06 - [475343508] ----D- C:\Program Files\Java
O43 - CFD: 17/05/2011 - 22:56:24 - [1387926] ----D- C:\Program Files\JkDefrag
O43 - CFD: 22/04/2011 - 23:08:54 - [2826689] ----D- C:\Program Files\jv16 PowerTools
O43 - CFD: 01/05/2011 - 19:11:52 - [702182] ----D- C:\Program Files\Lavasoft
O43 - CFD: 02/04/2011 - 07:58:44 - [220160] ----D- C:\Program Files\LimeWire
O43 - CFD: 02/04/2011 - 07:58:44 - [7551083] ----D- C:\Program Files\LizardTech
O43 - CFD: 02/04/2011 - 07:58:46 - [1109] ----D- C:\Program Files\ma-config.com
O43 - CFD: 24/09/2011 - 01:17:20 - [7033431] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 02/04/2011 - 07:58:46 - [221184] ----D- C:\Program Files\MarkAny
O43 - CFD: 02/04/2011 - 07:58:46 - [221184] ----D- C:\Program Files\MarkAnyContentSAFER
O43 - CFD: 02/04/2011 - 07:58:46 - [1376256] ----D- C:\Program Files\Mase
O43 - CFD: 16/06/2011 - 20:56:34 - [9454922] ----D- C:\Program Files\McAfee Security Scan
O43 - CFD: 02/04/2011 - 07:58:48 - [1675947] ----D- C:\Program Files\Microsoft
O43 - CFD: 02/04/2011 - 07:58:48 - [13647313] ----D- C:\Program Files\Microsoft ActiveSync
O43 - CFD: 02/04/2011 - 07:58:52 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 22/05/2011 - 12:05:10 - [207010] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 22/05/2011 - 12:15:56 - [408361573] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 02/04/2011 - 07:59:12 - [144263738] ----D- C:\Program Files\Microsoft Picture It! 2002
O43 - CFD: 02/04/2011 - 07:59:16 - [15462931] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 02/04/2011 - 07:59:20 - [20249] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 02/04/2011 - 07:59:20 - [5897045] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 28/02/2006 - 06:36:44 - [164429145] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 02/04/2011 - 07:59:26 - [989062] ----D- C:\Program Files\Microsoft Works Suite 2002
O43 - CFD: 25/07/2011 - 20:26:04 - [15715] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 02/04/2011 - 07:59:26 - [149587] ----D- C:\Program Files\Motherboard Monitor 5
O43 - CFD: 24/05/2011 - 13:10:28 - [17088218] ----D- C:\Program Files\Movie Maker
O43 - CFD: 15/05/2011 - 15:36:30 - [30522380] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 02/04/2011 - 07:59:32 - [33623989] ----D- C:\Program Files\Mozilla Thunderbird
O43 - CFD: 02/04/2011 - 07:59:34 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 02/04/2011 - 07:59:34 - [67836870] ----D- C:\Program Files\MSECache
O43 - CFD: 27/10/2005 - 00:36:22 - [21471559] ----D- C:\Program Files\MSN
O43 - CFD: 27/10/2005 - 00:36:32 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 02/04/2011 - 07:59:36 - [11804] ----D- C:\Program Files\MSSOAP
O43 - CFD: 02/04/2011 - 07:59:36 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 22/05/2011 - 12:22:46 - [6849] ----D- C:\Program Files\MSXML 6.0
O43 - CFD: 28/02/2006 - 06:38:18 - [73033453] ----D- C:\Program Files\muvee Technologies
O43 - CFD: 23/05/2011 - 16:46:06 - [10793491] ----D- C:\Program Files\NetMeeting
O43 - CFD: 02/04/2011 - 07:59:42 - [42] ----D- C:\Program Files\Odebit Multimédia
O43 - CFD: 27/10/2005 - 00:36:44 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 02/04/2011 - 07:59:42 - [387537] ----D- C:\Program Files\OpenOffice.org 2.4
O43 - CFD: 02/04/2011 - 07:59:44 - [461811592] ----D- C:\Program Files\Orange
O43 - CFD: 24/05/2011 - 13:08:32 - [11879614] ----D- C:\Program Files\Outlook Express
O43 - CFD: 15/06/2011 - 18:19:36 - [9771964] ----D- C:\Program Files\PC Connectivity Solution
O43 - CFD: 02/04/2011 - 08:00:16 - [6210904] ----D- C:\Program Files\PC Inspector File Recovery
O43 - CFD: 12/07/2011 - 22:31:24 - [55509401] ----D- C:\Program Files\PC-Doctor 5 for Windows
O43 - CFD: 02/04/2011 - 08:00:22 - [16419068] ----D- C:\Program Files\Photo Story 3 for Windows
O43 - CFD: 02/04/2011 - 08:00:24 - [617] ----D- C:\Program Files\PVAnalysis
O43 - CFD: 30/04/2011 - 22:13:20 - [3157478] ----D- C:\Program Files\Quicksys
O43 - CFD: 22/04/2011 - 20:24:40 - [76322555] ----D- C:\Program Files\QuickTime
O43 - CFD: 28/02/2006 - 06:31:40 - [42316824] ----D- C:\Program Files\Real
O43 - CFD: 02/04/2011 - 08:00:36 - [37900033] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 15/07/2011 - 19:15:14 - [20152801] ----D- C:\Program Files\Reflex TBC
O43 - CFD: 02/04/2011 - 08:00:42 - [1243816] ----D- C:\Program Files\RegCleaner
O43 - CFD: 15/06/2011 - 18:20:10 - [224240067] ----D- C:\Program Files\Samsung
O43 - CFD: 02/04/2011 - 08:01:12 - [525930] ----D- C:\Program Files\Samurize
O43 - CFD: 02/04/2011 - 08:01:12 - [60435509] ----D- C:\Program Files\Securitoo
O43 - CFD: 02/04/2011 - 08:01:14 - [9355640] ----D- C:\Program Files\Serveur Media
O43 - CFD: 04/09/2011 - 18:18:54 - [3454547] ----D- C:\Program Files\Sierra On-Line
O43 - CFD: 02/04/2011 - 08:01:20 - [12177408] ----D- C:\Program Files\SiSoftware
O43 - CFD: 22/05/2011 - 12:05:48 - [138333] ----D- C:\Program Files\Snapshot Viewer
O43 - CFD: 02/04/2011 - 08:01:20 - [671744] ----D- C:\Program Files\Snow for Windows
O43 - CFD: 28/02/2006 - 06:33:22 - [147034891] ----D- C:\Program Files\Sonic
O43 - CFD: 02/04/2011 - 08:01:30 - [90802290] ----D- C:\Program Files\Sony
O43 - CFD: 02/04/2011 - 08:01:42 - [0] ----D- C:\Program Files\Sophos
O43 - CFD: 02/04/2011 - 08:01:42 - [2789] ----D- C:\Program Files\SpeedFan
O43 - CFD: 12/05/2011 - 22:39:24 - [19016] ----D- C:\Program Files\SpywareBlaster
O43 - CFD: 02/04/2011 - 08:01:48 - [5029891] ----D- C:\Program Files\Sqirlz Water Reflections
O43 - CFD: 02/04/2011 - 08:01:48 - [42555579] ----D- C:\Program Files\The Cleaner
O43 - CFD: 02/04/2011 - 08:01:48 - [160743] ----D- C:\Program Files\The Cleaner Demo
O43 - CFD: 02/04/2011 - 08:01:48 - [16287924] ----D- C:\Program Files\ToniArts
O43 - CFD: 24/09/2011 - 18:11:10 - [1794602] ----D- C:\Program Files\Toolbar Uninstaller
O43 - CFD: 19/09/2011 - 23:28:12 - [24167989] ----D- C:\Program Files\Trend Micro
O43 - CFD: 05/09/2011 - 22:52:38 - [892864] ----D- C:\Program Files\Trojan Remover
O43 - CFD: 02/04/2011 - 08:01:48 - [1854] ----D- C:\Program Files\TuneUp Utilities 2009
O43 - CFD: 02/04/2011 - 08:01:48 - [9363895] ----D- C:\Program Files\TuneUp Utilities 2010
O43 - CFD: 23/09/2011 - 17:36:00 - [60820394] ----D- C:\Program Files\TuneUp Utilities 2011
O43 - CFD: 20/10/2005 - 21:06:02 - [0] ----D- C:\Program Files\Uninstall Information
O43 - CFD: 02/04/2011 - 08:01:48 - [523919] ----D- C:\Program Files\VideoLAN
O43 - CFD: 02/04/2011 - 08:01:50 - [0] ----D- C:\Program Files\Webroot
O43 - CFD: 02/04/2011 - 08:01:50 - [5418300] ----D- C:\Program Files\Windows Desktop Search
O43 - CFD: 02/04/2011 - 08:01:50 - [145859952] ----D- C:\Program Files\Windows Live
O43 - CFD: 02/04/2011 - 08:02:08 - [43306481] ----D- C:\Program Files\Windows Live Safety Center
O43 - CFD: 21/04/2011 - 23:49:14 - [0] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 02/04/2011 - 08:02:08 - [3581070] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 23/05/2011 - 16:46:04 - [10499049] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 23/05/2011 - 16:46:04 - [4879615] ----D- C:\Program Files\Windows NT
O43 - CFD: 20/10/2005 - 21:05:52 - [0] ----D- C:\Program Files\WindowsUpdate
O43 - CFD: 17/09/2011 - 07:47:48 - [3665676] ----D- C:\Program Files\Wise Disk Cleaner
O43 - CFD: 21/05/2011 - 10:58:42 - [8765772] ----D- C:\Program Files\Wise Registry Cleaner
O43 - CFD: 02/04/2011 - 08:02:12 - [7381240] ----D- C:\Program Files\XeroBank
O43 - CFD: 27/10/2005 - 00:37:08 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 02/04/2011 - 08:02:12 - [59168733] ----D- C:\Program Files\Xilisoft
O43 - CFD: 02/04/2011 - 08:02:12 - [270638] ----D- C:\Program Files\Zeb-Utility
O43 - CFD: 26/09/2011 - 23:08:00 - [6400577] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 02/04/2011 - 08:02:12 - [4324272] ----D- C:\Program Files\ZNsoft Corporation
O43 - CFD: 16/06/2011 - 21:11:10 - [56426726] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 02/04/2011 - 07:54:56 - [823296] ----D- C:\Program Files\Fichiers Communs\AOL
O43 - CFD: 02/04/2011 - 07:54:56 - [125731108] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 02/04/2011 - 07:55:22 - [560] ----D- C:\Program Files\Fichiers Communs\CANON
O43 - CFD: 02/04/2011 - 07:55:22 - [731648] ----D- C:\Program Files\Fichiers Communs\Designer
O43 - CFD: 02/04/2011 - 07:55:22 - [16635507] ----D- C:\Program Files\Fichiers Communs\France Telecom
O43 - CFD: 28/02/2006 - 06:19:44 - [272917] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD: 28/02/2006 - 06:25:08 - [3830214] ----D- C:\Program Files\Fichiers Communs\HP
O43 - CFD: 28/02/2006 - 06:45:06 - [12827516] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 28/02/2006 - 06:05:54 - [78480491] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 28/02/2006 - 06:34:06 - [4775677] ---AD- C:\Program Files\Fichiers Communs\LightScribe
O43 - CFD: 22/05/2011 - 12:05:10 - [295321502] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 27/10/2005 - 00:35:44 - [991744] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 28/02/2006 - 06:38:18 - [30681599] ----D- C:\Program Files\Fichiers Communs\muvee Technologies
O43 - CFD: 02/04/2011 - 07:56:04 - [354896] ----D- C:\Program Files\Fichiers Communs\Oberon Media
O43 - CFD: 27/10/2005 - 00:35:44 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 02/04/2011 - 07:56:04 - [11322550] ----D- C:\Program Files\Fichiers Communs\PC SOFT
O43 - CFD: 28/02/2006 - 06:31:46 - [20379848] ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD: 02/04/2011 - 07:56:06 - [20480] ----D- C:\Program Files\Fichiers Communs\ROUTE 66
O43 - CFD: 27/10/2005 - 00:35:46 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 28/02/2006 - 06:32:40 - [15627394] ----D- C:\Program Files\Fichiers Communs\Sonic Shared
O43 - CFD: 27/10/2005 - 00:35:46 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 28/02/2006 - 06:32:48 - [475136] ----D- C:\Program Files\Fichiers Communs\SureThing Shared
O43 - CFD: 21/05/2011 - 22:53:14 - [2253264] ----D- C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD: 23/05/2011 - 16:46:02 - [18495459] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 02/04/2011 - 07:56:14 - [0] ----D- C:\Program Files\Fichiers Communs\Thraex Software
O43 - CFD: 28/02/2006 - 06:33:22 - [355840] ----D- C:\Program Files\Fichiers Communs\TiVo Shared
O43 - CFD: 02/04/2011 - 07:56:14 - [324535442] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 22/11/2008 - 18:36:06 - [5112143] ----D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller
O43 - CFD: 25/07/2011 - 21:04:22 - [25193472] ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard
O43 - CFD: 28/02/2006 - 06:31:48 - [352256] ----D- C:\Program Files\Fichiers Communs\xing shared
O43 - CFD: 25/07/2011 - 21:36:12 - [609973] ----D- C:\Program Files\Fichiers Communs\YDP
O43 - CFD: 20/07/2011 - 06:56:26 - [7160749] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Adobe
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\AdobeUM
O43 - CFD: 20/07/2011 - 06:56:26 - [100428459] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Apple Computer
O43 - CFD: 21/07/2011 - 23:43:42 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Auslogics
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Avira
O43 - CFD: 01/08/2011 - 00:58:04 - [882] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\BleachBit
O43 - CFD: 25/07/2011 - 20:47:12 - [1576] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Canneverbe Limited
O43 - CFD: 20/07/2011 - 06:56:26 - [18982] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Canon
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\f-secure
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\FTWeak
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\GlarySoft
O43 - CFD: 20/07/2011 - 06:56:26 - [52902] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Google
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\HPQ
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Identities
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\InstallShield
O43 - CFD: 25/07/2011 - 19:09:30 - [456] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Leadertech
O43 - CFD: 20/07/2011 - 06:56:26 - [470] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Macromedia
O43 - CFD: 20/07/2011 - 06:56:26 - [175904] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Malwarebytes
O43 - CFD: 26/08/2011 - 22:19:28 - [12021840] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Microsoft
O43 - CFD: 20/07/2011 - 06:56:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Microsoft Web Folders
O43 - CFD: 25/07/2011 - 20:36:30 - [240] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Nero
O43 - CFD: 20/07/2011 - 06:56:26 - [354] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\PC Suite
O43 - CFD: 20/07/2011 - 06:56:26 - [379340] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Real
O43 - CFD: 20/07/2011 - 06:56:26 - [3234903] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Samsung
O43 - CFD: 25/07/2011 - 19:09:56 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Sonic
O43 - CFD: 20/07/2011 - 06:56:26 - [25201646] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\Sun
O43 - CFD: 20/07/2011 - 06:56:26 - [164575] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Application Data\TuneUp Software
O43 - CFD: 22/05/2011 - 16:22:54 - [16357552] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Adobe
O43 - CFD: 25/05/2011 - 11:58:48 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Apple
O43 - CFD: 25/05/2011 - 12:02:22 - [57562397] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Apple Computer
O43 - CFD: 24/05/2011 - 13:11:28 - [5091] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\ApplicationHistory
O43 - CFD: 23/07/2011 - 20:51:54 - [147] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Browser Guard
O43 - CFD: 15/06/2011 - 18:15:06 - [99516416] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Downloaded Installations
O43 - CFD: 29/06/2011 - 21:37:44 - [439640] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Google
O43 - CFD: 21/05/2011 - 23:21:52 - [167733374] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Identities
O43 - CFD: 08/09/2011 - 21:50:40 - [7664905] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Microsoft
O43 - CFD: 25/07/2011 - 20:39:42 - [18494] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\MicroVision Applications
O43 - CFD: 25/07/2011 - 20:38:04 - [1130008] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Nero
O43 - CFD: 25/07/2011 - 20:37:00 - [4820] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Nero_AG
O43 - CFD: 22/05/2011 - 11:07:54 - [14169] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Nexway
O43 - CFD: 16/06/2011 - 21:14:32 - [0] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\Temp
O43 - CFD: 28/02/2006 - 06:05:50 - [11831808] ----D- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}
~ Scan Program Folder in 00mn 28s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.73E7321695A66574659BBC65C38C7367] - 26/09/2011 - 21:30:45 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [146797]
O44 - LFC:[MD5.40C12E5B88EBFCAB3245199BDC8A0F13] - 26/09/2011 - 15:16:39 ---A- . (...) -- C:\WINDOWS\wiadebug.log [405]
O44 - LFC:[MD5.9450DA244956293A81909542B21EF03D] - 26/09/2011 - 14:15:03 ---A- . (...) -- C:\WINDOWS\setupapi.log [936]
O44 - LFC:[MD5.E29B2926189D95B21EDF7BCDAF324D21] - 26/09/2011 - 14:14:43 ---A- . (...) -- C:\Ad-Report-SCAN[6].txt [2736]
O44 - LFC:[MD5.268630BD1E6E5BF3CAA0A55749E86A6C] - 26/09/2011 - 14:12:19 ---A- . (...) -- C:\AdwCleaner[S2].txt [1067]
O44 - LFC:[MD5.C700222436787B00069D696635CE7C44] - 26/09/2011 - 14:11:28 ---A- . (...) -- C:\AdwCleaner[S1].txt [1026]
O44 - LFC:[MD5.3132D093E627AFD1DDA552DEDF164CA0] - 26/09/2011 - 14:10:50 ---A- . (...) -- C:\AdwCleaner[R1].txt [869]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/09/2011 - 13:48:10 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.3E363076F3B7188B2CDAD798AA55E052] - 26/09/2011 - 13:47:40 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.BCA57ED8CDDF0D76E293DC0EFF93CC01] - 26/09/2011 - 13:47:27 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.91CD821A791F9AFCDBB39D510120CB83] - 26/09/2011 - 02:12:16 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [5466]
O44 - LFC:[MD5.614DAEFDCE283AD95AF4C0C702C1DF9B] - 25/09/2011 - 19:43:12 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.9F5E23AC2EE1C992D4BA1A0736E7C2B9] - 24/09/2011 - 19:48:26 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI [1063518]
O44 - LFC:[MD5.1B1B74371B314A129F96F9F083D66EBE] - 24/09/2011 - 19:48:26 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat [62578]
O44 - LFC:[MD5.68D2471B97D57C41A91D0263B0A2340F] - 24/09/2011 - 19:48:26 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat [75012]
O44 - LFC:[MD5.B187A7B5FEED64E64BD8495E2F50CF9B] - 24/09/2011 - 19:48:26 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat [423546]
O44 - LFC:[MD5.25BA7BA3E64C0A9AB1AEFDA76DB09389] - 24/09/2011 - 19:48:26 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat [490408]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/09/2011 - 19:44:56 ---A- . (...) -- C:\WINDOWS\Sti_Trace.log [0]
O44 - LFC:[MD5.7199B8154894707E07392A3C6C697CA3] - 24/09/2011 - 19:42:48 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [2852]
O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 24/09/2011 - 00:56:17 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb [16832]
O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 24/09/2011 - 00:56:17 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb [23392]
O44 - LFC:[MD5.5347DC7B975CD4235495F205510E36DB] - 24/09/2011 - 00:35:12 ---A- . (...) -- C:\index.ini [98]
O44 - LFC:[MD5.0B74BCBC985654AEE06756A514C4078D] - 24/09/2011 - 00:15:53 ---A- . (...) -- C:\WINDOWS\win.ini [653]
O44 - LFC:[MD5.B3B2399EB541F22F34D9E42F5C388E77] - 24/09/2011 - 00:14:44 ---A- . (...) -- C:\WINDOWS\system32\HMGGT [32083968]
O44 - LFC:[MD5.EC08D1625F5C6CF2A57B79EB35186F8C] - 23/09/2011 - 23:19:24 ---A- . (.GRISOFT, s.r.o. - AVG7 Clean Driver.) -- C:\WINDOWS\system32\drivers\AvgArCln.sys [3968]
O44 - LFC:[MD5.8B821A438D061F593B563417EAD3C68C] - 20/09/2011 - 21:59:20 ---A- . (...) -- C:\TDSSKiller.2.5.23.0_20.09.2011_22.56.21_log.txt [40484]
O44 - LFC:[MD5.05E2EEC3E35CC3CCC141755596F63C0D] - 20/09/2011 - 21:55:41 ---A- . (...) -- C:\TDSSKiller.2.5.4.0_20.09.2011_22.55.37_log.txt [412]
O44 - LFC:[MD5.7311558A1B943CED90A75E0409F5C5D9] - 16/09/2011 - 20:53:57 ---A- . (...) -- C:\WINDOWS\system32\-1 [57]
O44 - LFC:[MD5.290DFA18C8662ADEBCFBD7B36CE22FE5] - 04/09/2011 - 17:18:54 ---A- . (...) -- C:\WINDOWS\SIERRA.INI [310]
O44 - LFC:[MD5.1ABABD4C9EF2BC81817B4D7D4D9AE539] - 04/09/2011 - 17:18:53 R---- . (.Cendant Software - WON DLL.) -- C:\WINDOWS\system32\SNWValid.dll [231936]
O44 - LFC:[MD5.FC2D004A73B067C2EB4AD4EA58FD3968] - 04/09/2011 - 17:18:53 R---- . (.Cendant Software - WON DLL.) -- C:\WINDOWS\system32\SierraNW.dll [1022976]
O44 - LFC:[MD5.0F78D3DAE6DEDD99AE54C9491C62ADF2] - 01/09/2011 - 17:07:55 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys [138192]
O44 - LFC:[MD5.1E4114685DE1FFA9675E09C6A1FB3F4B] - 01/09/2011 - 17:07:55 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys [66616]
O44 - LFC:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 31/08/2011 - 16:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22216]
~ Scan Files in 01mn 13s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" [Enabled] .(.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(.Hewlett-Packard Co. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" [Enabled] .(.Hewlett-Packard Co. - HP AiO Fax Manager.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" [Enabled] .(.Hewlett-Packard Co. - HP OfficeJet SendFax Interface.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(.Hewlett-Packard Co. - HP All-in-One Launcher Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" [Enabled] .(.Pas de propriétaire - hpqscnvw.) -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Hewlett-Packard - HP CUE-Scanning Flow Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" [Enabled] .(.Hewlett-Packard Co. - Version Test application.) -- C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" [Enabled] .(.Hewlett-Packard - HP ScanJet Copier Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" [Enabled] .(.Hewlett-Packard Co. - HP Fax Setup Wizard.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" [Enabled] .(.Pas de propriétaire - HpqPhUnl MFC Application.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" [Enabled] .(...) -- C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" [Enabled] .(.Hewlett-Packard Co. - Embedded Web Server Link application.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\iexplore.exe" [Disabled] .(.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" [Enabled] .(.PeeringPortal - KTF MUSIC AoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" [Enabled] .(.PeeringPortal - KTF MUSIC VoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Earth\client\googleearth.exe" [Enabled] .(.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\client\googleearth.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
~ Scan Keys in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
~ Scan CSB in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - (no data)
~ Scan IFEO in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.LEAD"="LCODCCMP.DLL" . (.LEAD Technologies, Inc. - LEAD MCMP/MJPEG Codec.) -- C:\WINDOWS\system32\LCODCCMP.DLL
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"LCODCCMP.DLL"="LEAD MCMP/MJPEG Codec (VFW)" . (.LEAD Technologies, Inc. - LEAD MCMP/MJPEG Codec.) -- C:\WINDOWS\system32\LCODCCMP.DLL
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\FTweakFCleaner [Key] . (.FTweak - FCleaner - Clean Up Your System.) -- C:\Program Files\FCleaner\FCleaner.exe
~ Scan SMSR Keys in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108355
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoCDBurning"=0
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.7F26D024355CBADB60838F53DFB171EC] - 26/09/2011 - 23:11:00 ---A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS [3644928]
O58 - SDL:[MD5.62271FF14BAA810323AC816C5D355BA9] - 26/09/2011 - 21:53:00 ---A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdK8.sys [43008]
O58 - SDL:[MD5.DE91D0D73C3E61E6826D98FAC2FAC729] - 26/09/2011 - 15:17:42 ---A- . (...) -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS [5824]
O58 - SDL:[MD5.7A6CF9F411A9C5BD5C442A1CD46AF401] - 26/09/2011 - 05:35:00 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [1313792]
O58 - SDL:[MD5.EC08D1625F5C6CF2A57B79EB35186F8C] - 26/09/2011 - 13:00:28 ---A- . (.GRISOFT, s.r.o. - AVG7 Clean Driver.) -- C:\WINDOWS\system32\drivers\AvgArCln.sys [3968]
O58 - SDL:[MD5.E8054A423E5D2BDAE6062BAB6DA159C4] - 26/09/2011 - 14:33:46 ---A- . (.GRISOFT, s.r.o. - AVG Anti-Rootkit Driver.) -- C:\WINDOWS\system32\drivers\avgarkt.sys [5632]
O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 26/09/2011 - 13:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys [45416]
O58 - SDL:[MD5.1E4114685DE1FFA9675E09C6A1FB3F4B] - 26/09/2011 - 17:07:55 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys [66616]
O58 - SDL:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 26/09/2011 - 13:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys [22360]
O58 - SDL:[MD5.0F78D3DAE6DEDD99AE54C9491C62ADF2] - 26/09/2011 - 17:07:55 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys [138192]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 26/09/2011 - 12:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 26/09/2011 - 12:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 26/09/2011 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.919DE7D76D2C0C0139E08B3E7592D62E] - 26/09/2011 - 00:46:46 ---A- . (.LT - LT Windows Modem.) -- C:\WINDOWS\system32\drivers\ltmdmnt.sys [607452]
O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 26/09/2011 - 16:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22216]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 26/09/2011 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.175CC28DCF819F78CAA3FBD44AD9E52A] - 26/09/2011 - 14:53:26 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [21632]
O58 - SDL:[MD5.263AA696D8A1D78234F17C303E89B78D] - 26/09/2011 - 03:58:31 ---A- . (.Windows (R) 2000 DDK provider - PCDR NDIS User mode I/O Driver.) -- C:\WINDOWS\system32\drivers\pcdrndisuio.sys [13440]
O58 - SDL:[MD5.390C204CED3785609AB24E9C52054A84] - 26/09/2011 - 00:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\WINDOWS\system32\drivers\PS2.sys [19072]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 26/09/2011 - 05:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.86724469CD077901706854974CD13C3E] - 26/09/2011 - 09:03:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys [20640]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 26/09/2011 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 26/09/2011 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 26/09/2011 - 22:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\drivers\RTL8139.sys [20992]
O58 - SDL:[MD5.7889E3981E0A5D347E037ABD467D53A5] - 26/09/2011 - 19:11:42 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys [78720]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 26/09/2011 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.6CE397C482BEDE91A38E56A8C4A0DC6D] - 26/09/2011 - 14:08:56 ---A- . (.Prolific Technology Inc. - USB-to-Serial Cable Driver.) -- C:\WINDOWS\system32\drivers\ser2pl.sys [42752]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 26/09/2011 - 13:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.EAA66218CD39F5BB1B4853A78C67C787] - 26/09/2011 - 10:01:26 ---A- . (.MCCI - SAMSUNG USB Mobile Device.) -- C:\WINDOWS\system32\drivers\ss_bbus.sys [90112]
O58 - SDL:[MD5.2DD4E8844F8F094659DD695A80FED36E] - 26/09/2011 - 03:25:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\ss_bcm.sys [12416]
O58 - SDL:[MD5.2DD4E8844F8F094659DD695A80FED36E] - 26/09/2011 - 03:25:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\ss_bcmnt.sys [12416]
O58 - SDL:[MD5.B89D62206034E5FE573C80A24DD55675] - 26/09/2011 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem Filter.) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys [14848]
O58 - SDL:[MD5.1ED0FCEA586FE2A416EE15196E5631DD] - 26/09/2011 - 03:25:16 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem.) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys [123648]
O58 - SDL:[MD5.29B73D03AE6EDABB88E50364B066A6CA] - 26/09/2011 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\WINDOWS\system32\drivers\ss_bwh.sys [12160]
O58 - SDL:[MD5.29B73D03AE6EDABB88E50364B066A6CA] - 26/09/2011 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\WINDOWS\system32\drivers\ss_bwhnt.sys [12160]
O58 - SDL:[MD5.F92254B0BCFCD10CAAC7BCCC7CB7F467] - 26/09/2011 - 12:48:56 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [7168]
O58 - SDL:[MD5.D9D5E4CA72270E9F3ECA97DA0983AB87] - 26/09/2011 - 19:40:50 ---A- . (.M-Systems - TrueFFS Port Driver.) -- C:\WINDOWS\system32\drivers\tffsport.sys [149376]
O58 - SDL:[MD5.A31246180E61140AD7FF9DD7EDF1F6A1] - 26/09/2011 - 05:09:00 ---A- . (.Trend Micro Inc. - TrendMicro Common Module NoTrap Build.) -- C:\WINDOWS\system32\drivers\tmcomm.sys [200976]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 26/09/2011 - 12:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.D4FB6ECC60A428564BA8768B0E23C0FC] - 26/09/2011 - 16:36:58 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\drivers\usbaapl.sys [41984]
O58 - SDL:[MD5.F2CE99DD9F56BAFC49234A1EFB0AFC8E] - 26/09/2011 - 03:51:19 ---A- . (...) -- C:\WINDOWS\system32\drivers\USBkey.sys [28848]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 26/09/2011 - 12:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.B72D232E46FF5EE2BD8F61498B748DF7] - 26/09/2011 - 18:44:06 ---A- . (.Liteon Technology Inc. - Driver for Liteon Wireless Network Adapter.) -- C:\WINDOWS\system32\drivers\wn5301.sys [468768]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.F70A3496973852F5CC2EB838F2E89CB2] - 26/09/2011 - 05:40:21 ---A- . (...) -- C:\WINDOWS\system32\CHODDI.SYS [13642]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.790A4CA68F44BE35967B3DF61F3E4675] - 26/09/2011 - 09:39:36 ---A- . (...) -- C:\WINDOWS\system32\FsUsbExDisk.Sys [36608]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 26/09/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 26/09/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 26/09/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 26/09/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 26/09/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 26/09/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 26/09/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Scan Drivers in 00mn 01s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: Ad-Remover - (.Pas de propriétaire.) [HKCU] -- Ad-Remover
O63 - Logiciel: ToolsCleaner - (.A.Rothstein & dj QUIOU.)
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 22/05/2011 - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur(AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE
O64 - Services: CurCS - 01/09/2011 - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard(AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE
O64 - Services: CurCS - 18/01/2007 - C:\WINDOWS\system32\DRIVERS\AvgArCln.sys - Avg Anti-Rootkit Clean Driver(AvgArCln) .(.GRISOFT, s.r.o. - AVG7 Clean Driver.) - LEGACY_AVGARCLN
O64 - Services: CurCS - 17/06/2010 - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio(avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO
O64 - Services: CurCS - 01/09/2011 - C:\WINDOWS\system32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 01/09/2011 - C:\WINDOWS\system32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - 05/08/2004 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 31/03/2009 - C:\WINDOWS\system32\FsUsbExDisk.sys - FsUsbExDisk (FsUsbExDisk) .(...) - LEGACY_FSUSBEXDISK
O64 - Services: CurCS - 31/03/2009 - C:\WINDOWS\system32\FsUsbExService.exe - FsUsbExService(FsUsbExService) .(.Teruten - FsUsbDevice.) - LEGACY_FSUSBEXSERVICE
O64 - Services: CurCS - 22/10/2004 - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager(IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT
O64 - Services: CurCS - 04/07/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - 19/12/2005 - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe - LightScribeService Direct Disc Labeling Service(LightScribeService) .(.Hewlett-Packard Company - Pas de description.) - LEGACY_LIGHTSCRIBESERVICE
O64 - Services: CurCS - 15/01/2010 - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe - McAfee Security Scan Component Host Service(McComponentHostService) .(.McAfee, Inc. - Component Host Service.) - LEGACY_MCCOMPONENTHOSTSERVICE
O64 - Services: CurCS - 04/03/2010 - C:\Program Files\CDBurnerXP\NMSAccessU.exe - NMSAccess (NMSAccess) .(...) - LEGACY_NMSACCESS
O64 - Services: CurCS - 07/04/2008 - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer(ServiceLayer) .(.Nokia. - ServiceLayer Module.) - LEGACY_SERVICELAYER
O64 - Services: CurCS - 17/06/2010 - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\tffsport.sys - M-Systems DiskOnChip 2000(tffsport) .(.M-Systems - TrueFFS Port Driver.) - LEGACY_TFFSPORT
O64 - Services: CurCS - ??/??/???? - C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\TrueSight.sys (.not file.) - TrueSight (TrueSight) .(...) - LEGACY_TRUESIGHT
O64 - Services: CurCS - 20/07/2011 - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe - TuneUp Utilities Service(TuneUp.UtilitiesSvc) .(.TuneUp Software - TuneUp Utilities Service.) - LEGACY_TUNEUP.UTILITIESSVC
O64 - Services: CurCS - 07/10/2010 - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys - TuneUpUtilitiesDrv(TuneUpUtilitiesDrv) .(.TuneUp Software - TuneUp Utilities Driver.) - LEGACY_TUNEUPUTILITIESDRV
~ Scan Services in 00mn 01s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} [DefaultScope] - (Bing) - http://www.bing.com
~ Scan Keys in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.37802DC23540941D3D5FFC0CFB97D9F0] [SPRF][26/09/2011] (...) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\AD-R.exe [1563105]
[MD5.1A15A7CACDEBA7A811277BC1F6A9F9F4] [SPRF][26/09/2011] (...) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\adwcleaner.exe [478536]
[MD5.6BC44F764CF8E5AD20AE21FE430F4BE3] [SPRF][23/09/2011] (...) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\avg-anti-rootkit_avg_anti-rootkit_1.1.0.42_anglais_34515.exe [423736]
[MD5.2DB68C03FD02B30BB7A9FCDA9AE32C4F] [SPRF][20/01/2011] (.France Telecom - DSLtest.) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\DSLtest2103.exe [3330048]
[MD5.458502A988973346105B0AF455CA4C70] [SPRF][25/09/2011] (...) -- C:\Documents and Settings\HP_Propriétaire.NOM-EB85C523610.001\Bureau\RogueKiller.exe [657920]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][26/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][26/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]
[MD5.F1CD64DD3702BDCDFB0531BB21C6BEFC] [SPRF][21/06/2011] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.3 r181.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [3123872]
[MD5.6F88F1DE97B7BA6E2BE4DC29AEEACF0D] [SPRF][27/07/2004] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [323584]
~ Scan Files in 00mn 00s
---\\ Recherche détournement de DNS routeur (O89)
Serveur : livebox.home
Address: 192.168.1.1
Nom : www.l.google.com
Addresses: 74.125.39.99, 74.125.39.147, 74.125.39.104, 74.125.39.106
74.125.39.105, 74.125.39.103
Aliases: www.google.fr, www.google.com
~ Scan DNS in 00mn 02s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 26/09/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 26/09/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 26/09/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 26/09/2011 376832 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe
SR - | Auto 26/09/2011 349472 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 26/09/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SR - | Auto 26/09/2011 233472 | (FsUsbExService) . (.Teruten.) - C:\WINDOWS\system32\FsUsbExService.exe
SS - | Demand 26/09/2011 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SR - | Demand 26/09/2011 820520 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 26/09/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SR - | Auto 26/09/2011 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
SS - | Demand 26/09/2011 227232 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
SR - | Auto 71096 | (NMSAccess) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
SS - | Boot 26/09/2011 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe
SS - | Demand 26/09/2011 430592 | (ServiceLayer) . (.Nokia..) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
SR - | Auto 26/09/2011 1526592 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
~ Scan Services in 00mn 03s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by HP_Propriétaire at 26/09/2011 23:10:05
device: opened successfully
user: error reading MBR
Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ Scan MBR in 00mn 05s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by HP_Propriétaire at 26/09/2011 23:10:07
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 07s
End of the scan (1233 lines in 02mn 20s)(0)
-
neticable - Progression vers le rang suivant:
- Messages: 8
- Age: 50
- Inscription: 25 Sep 2011 18:11
- Sexe:
Point(s) : 55- Donner
Re: Analyse roguekiller
de bleuet » 27 Sep 2011 14:01
Argente Fr Toolbar est installé. Je te conseillerais de la désinstaller.
A vérifier la mise à jour de JAVA :
Ensuite tu peux désinstaller les outils utilisés : >
Supprimer les points de restauration et créer un point sain : >
++
"L'expérience est une lanterne accrochée dans le dos et qui ne sert qu'à éclairer le chemin parcouru." Confucius
-
bleuet - Messages: 274
- Age: 51
- Inscription: 15 Oct 2010 18:59
- Sexe:
Point(s) : 1400- Donner
- Nombre de réponses utiles: 10
Re: Analyse roguekiller
de neticable » 27 Sep 2011 23:04
Bonsoir
comment désinstaller Argente Fr Toolbar et impossible de supprimer avec delfix
"error variable used without being declared"
comment désinstaller Argente Fr Toolbar et impossible de supprimer avec delfix
"error variable used without being declared"
-
neticable - Progression vers le rang suivant:
- Messages: 8
- Age: 50
- Inscription: 25 Sep 2011 18:11
- Sexe:
Point(s) : 55- Donner
Re: Analyse roguekiller
de bleuet » 28 Sep 2011 10:23
Ce lien d'installation >
http://argentefr.ourtoolbar.com/
l'installe dans les modules supplémentaires de Firefox et elle se désinstalle par ce même chemin. Pas de présence dans les programmes.
Toi, tu l'as dans les "program Files". (Par le lien ci-dessus elle ne s'installe pas en program). Tu dois pouvoir agir par les "ajout/suppression de programmes" et/ou Firefox.
Pour DelFix : Essayer avec cet outil >
Ne pas l'utiliser avant de désinstaller ArgenteFR. La même chose pour la Restauration Système, il vaut mieux te débarrasser de la toolbar avant de finaliser.
Bonne journée.@+ bleuet[28/09/2011)
"L'expérience est une lanterne accrochée dans le dos et qui ne sert qu'à éclairer le chemin parcouru." Confucius
-
bleuet - Messages: 274
- Age: 51
- Inscription: 15 Oct 2010 18:59
- Sexe:
Point(s) : 1400- Donner
- Nombre de réponses utiles: 10
15 messages
• Page 1 sur 1
Retourner vers Assistance à distance
Qui est en ligne
Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 1 invité
Qui a vu ce sujet 
Publicités par Advertisement Management