[Réglé] Infection Ask

[Ask to Old Man]

Bonjour à tous,
je ne suis pas un expert en informatique (ni un débutant) et depuis pas longtemps, quand je fais une analyse avec mon antivirus Bitdefender 2010, celui-ci me dit que 5 menace(s) affectant 8 objet(s) nécessite(nt) mon attention :
http://hpics.li/b4788a2

Je ne peux pas les supprimer, je peux juste les mettre en quarantaine ou les ignorer mais bon, j'aimerais réussir à les supprimer quand même pour être tranquil une bonne fois pour toute. Ces menaces n'affectent pas mon ordinateur (aucuns ralentissements, aucunes pubs etc... rien)

Auriez-vous une solution pour moi ?

[Del-crosseur]

Bonjour charles136

Télécharge ZHPDiag par Nicolas Coolman et sauvegarde-le sur le Bureau.

* Double-clique sur ZHPDiag.exe.
* clique sur le bouton Lancer le diagnostic
* Lorsque l'analyse sera terminée, un fichier au format texte s'affiche dans la zone résultat du bas.
* Clique sur le bouton Copier dans le presse papier
* Colle le résultat de l'analyse dans ta réponse en faisant un copier/coller.

-Si le rapport est trop long tu peut l'heberger >>>ici<<<

@ ++

[charles136]

Ok, merci bcp, j'essaye ça tout de suite et je te dis si ça marche

[Skynet]

Code: Tout sélectionner

Rapport de ZHPDiag v1.27.145 par Nicolas Coolman, Update du 23/12/2010
Run by Utilisateur at 24/12/2010 12:58:06
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox v3.6.13 (fr) (Defaut)

---\\ System Information
Windows 7 Home Premium Edition, 64-bit  (Build 7600)
Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (57% free)
System Restore: Inconnu (Unknown)
System drive C: has 417 GB (85%) free of 488 GB

---\\ Logged in mode
Computer Name: CHARLES-PC
User Name: Utilisateur
All Users Names: Utilisateur, HomeGroupUser$, Administrateur,
Unselected Option:  O1,O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 417 Go of 488 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Hard drive, Flash drive, Thumb drive (Free 443 Go of 443 Go)


---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified


---\\ Recherche particulière de fichiers génériques
[MD5.9AAAEC8DAC27AA17B053E6352AD233AE] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2009 07:34:59.) -- C:\Windows\Explorer.exe [2870272]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]


---\\ Processus lancés
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [248552]
[MD5.2DFCB2393528446AEB9FB861A8FC39AB] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe   [421160]
[MD5.0E20A3213ED010FC4997D1EF48082ABC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe   [912344]
[MD5.000B70598782452D2EBD26918F551041] - (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe   [92024]
[MD5.50565CDB505FA755CCC670EF55931E33] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [621568]


---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2)
M1 - SPR:Search Page Redirection - C:\Program Files (x86)\Mozilla FireFox\extensions\searchsettings@spigot.com
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.1".) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers.) -- C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- C:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll
M0 - MFSP: prefs.js [Utilisateur - y5z310fz.default] http://www.google.fr


---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\SysWOW64\ieframe.dll


---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=userinit.exe
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll"
O3 - Toolbar: Mirar - {38C0503E-33E8-4C9A-8DE0-6A975F9BAFDC} . (.Pas de propriétaire - Pas de description.) --  (.not file.)
O3 - Toolbar: FrostWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll


---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-1405248391-389377274-1367175132-1001\..\Run: [AdobeBridge] Clé orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)


---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team.)  -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\CCleaner.lnk . (.Piriform Ltd.)  -- C:\Program Files (x86)\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\Départ Ski Challenge 11 (FTV).lnk . (.Pas de propriétaire.)  -- C:\Games\Ski Challenge 11 (FTV)\Updater.exe
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\Jiwok.lnk . (.Reubro.)  -- C:\Jiwok\Jiwok.exe
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\LimeWire 4.18.8.lnk . (.Lime Wire, LLC.)  -- C:\Program Files (x86)\LimeWire\LimeWire.exe
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\Patch MsnCreative.lnk . (.Pas de propriétaire.)  -- C:\Program Files (x86)\Patch MsnCreative\Patch MsnCreative.exe
O4 - Global Startup: C:\Documents And Settings\Utilisateur\Desktop\Virtual DJ Home.lnk . (.Atomix Productions.)  -- C:\Program Files (x86)\VirtualDJ\virtualdj_home.exe
O4 - Global Startup: C:\Users\Utilisateur\Desktop\Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team.)  -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe
O4 - Global Startup: C:\Users\Utilisateur\Desktop\CCleaner.lnk . (.Piriform Ltd.)  -- C:\Program Files (x86)\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\Utilisateur\Desktop\Départ Ski Challenge 11 (FTV).lnk . (.Pas de propriétaire.)  -- C:\Games\Ski Challenge 11 (FTV)\Updater.exe
O4 - Global Startup: C:\Users\Utilisateur\Desktop\Jiwok.lnk . (.Reubro.)  -- C:\Jiwok\Jiwok.exe
O4 - Global Startup: C:\Users\Utilisateur\Desktop\LimeWire 4.18.8.lnk . (.Lime Wire, LLC.)  -- C:\Program Files (x86)\LimeWire\LimeWire.exe
O4 - Global Startup: C:\Users\Utilisateur\Desktop\Patch MsnCreative.lnk . (.Pas de propriétaire.)  -- C:\Program Files (x86)\Patch MsnCreative\Patch MsnCreative.exe
O4 - Global Startup: C:\Users\Utilisateur\Desktop\Virtual DJ Home.lnk . (.Atomix Productions.)  -- C:\Program Files (x86)\VirtualDJ\virtualdj_home.exe
O4 - Global Startup: C:\Users\Utilisateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Jiwok.lnk . (.Reubro.)  -- C:\Jiwok\Jiwok.exe
O4 - Global Startup: C:\Users\Utilisateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Utilisateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Utilisateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline


---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~3\Office12\EXCEL.exe


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~2\MICROS~3\Office12\REFBARH.ICO


---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL


---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1264245981251
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} () - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_0_1_3.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab


---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E633637-C4E4-4ABE-BC44-2E6EAFD753EF}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{5631B79D-3F52-435C-85CF-94D2B8AB440C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0E633637-C4E4-4ABE-BC44-2E6EAFD753EF}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5631B79D-3F52-435C-85CF-94D2B8AB440C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{0E633637-C4E4-4ABE-BC44-2E6EAFD753EF}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{5631B79D-3F52-435C-85CF-94D2B8AB440C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1


---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.


---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service:  (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service:  (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service:  (LIVESRV) . (.BitDefender S.R.L. - BitDefender Update Service.) - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service:  (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service:  (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service:  (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service:  (VSSERV) . (.BitDefender S.R.L. - BitDefender Security Service.) - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe


---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) -  (.not file.)


---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\c5b8b3f5-af73-402a-9227-86d82c557066.job
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] [APT] [Adobe Reader and Acrobat Manager] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-Utilisateur-PC-Utilisateur] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
[MD5.8A62205A3C7029B42CB1F41CD3642798] [APT] [c5b8b3f5-af73-402a-9227-86d82c557066] (.Reubro.) -- C:\Jiwok\Jiwok.exe
[MD5.00000000000000000000000000000000] [APT] [Google Updater and Installer] (.Pas de propriétaire.) -- C:\Users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.)
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] [APT] [Java Update Scheduler] (.Sun Microsystems, Inc..) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
[MD5.95B44F3CCAC43A47649C1F1BC84ED517] [APT] [Scheduled Update for Ask Toolbar] (.Pas de propriétaire.) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe
[MD5.00000000000000000000000000000000] [APT] [TuneUpUtilities_Task_BkGndMaintenance] (.Pas de propriétaire.) -- C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe (.not file.)
[MD5.70B6D0C45256B688B7DBC10E922FB402] [APT] [{A609A3A9-6F4C-4DC1-8517-A1C4226E3DA0}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
[MD5.2F015EF67BAEC14EA71F8A0631CB57F0] [APT] [{A730ADCE-A296-4366-9138-AD56C4E76CAC}] (.MCCI Corporation.) -- C:\Windows\SysWOW64\Samsung_USB_Drivers\6\SS_BUninstall.exe
[MD5.00000000000000000000000000000000] [APT] [{B5CB35F4-51FD-4B76-AFB8-EE371744114B}] (.Pas de propriétaire.) -- D:\DRIVER\Setup.exe (.not file.)
[MD5.F12D4F9129EFD06A55D54D1A139D2B5C] [APT] [{FB03AF20-911A-4DB9-82B6-4FAD4258FDFA}] (.MCCI Corporation.) -- C:\Windows\SysWOW64\Samsung_USB_Drivers\6_old\SSBCUninstall.exe
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe


---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft VM - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\msjava.dll
O40 - ASIC: Macromedia Flash Player 8 - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r42.) -- C:\Windows\SysWow64\Macromed\Flash\Flash10d.ocx


---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (BdfNdisf) . (.BitDefender LLC - BitDefender Firewall NDIS6 Filter Driver.) - C:\Windows\System32\DRIVERS\BdfNdisf6.sys
O41 - Driver:  (bdfwfpf) . (.BitDefender LLC - BitDefender Firewall WFP Filter Driver.) - C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver:  (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys


---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM] -- {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {15FEDA5F-141C-4127-8D7E-B962D1742728}
O42 - Logiciel: Adobe Reader 9.4.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Age of Empires III - (.Microsoft Game Studios.) [HKLM] -- InstallShield_{485775E8-AEB8-46BD-922B-242879E03DD5}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE}
O42 - Logiciel: Audacity 1.3.12 (Unicode) - (.Audacity Team.) [HKLM] -- Audacity 1.3 Beta (Unicode)_is1
O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKCU] -- BitTorrent
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: French App Name - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: French App Name - (.Adobe Systems Incorporated.) [HKLM] -- {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
O42 - Logiciel: FrostWire 4.20.9 - (.FrostWire, LLC.) [HKLM] -- FrostWire
O42 - Logiciel: GeoGebra - (.International GeoGebra Institute.) [HKLM] -- GeoGebra
O42 - Logiciel: Java(TM) 6 Update 22 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216016FF}
O42 - Logiciel: Jiwok - (.Jiwok.) [HKLM] -- {E023BC49-A790-4CA5-90B0-B6F09D0066D5}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: LimeWire 4.18.8 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Macromedia Flash Player 8 - (.Macromedia.) [HKLM] -- ShockwaveFlash
O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM] -- Messenger Plus! Live
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft_VC80_ATL_x86 - (.Adobe.) [HKLM] -- {0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
O42 - Logiciel: Microsoft_VC80_CRT_x86 - (.Adobe.) [HKLM] -- {92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
O42 - Logiciel: Microsoft_VC80_MFCLOC_x86 - (.Adobe.) [HKLM] -- {D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
O42 - Logiciel: Microsoft_VC80_MFC_x86 - (.Adobe.) [HKLM] -- {D1A19B02-817E-4296-A45B-07853FD74D57}
O42 - Logiciel: Microsoft_VC90_ATL_x86 - (.Adobe.) [HKLM] -- {033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Adobe.) [HKLM] -- {08D2E121-7F6A-43EB-97FD-629B44903403}
O42 - Logiciel: Microsoft_VC90_MFC_x86 - (.Adobe.) [HKLM] -- {635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
O42 - Logiciel: Mirar - (.Pas de propriétaire.) [HKLM] -- {38C0503E-33E8-4C9A-8DE0-6A975F9BAFDC}
O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.13)
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo
O42 - Logiciel: Nero 8 Essentials - (.Nero AG.) [HKLM] -- {470C8EFE-AEB0-402E-B05A-91E08C201036}
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] -- {0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {AC599724-5755-48C1-ABE7-ABB857652930}
O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{210B16C0-CEBD-4DE9-B474-04A7E8735E16}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3DED0A62-44C8-4E00-A785-5212F297A9D9}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Ski Challenge 11 (FTV) - (.Pas de propriétaire.) [HKCU] -- sc11-FR_FTV_MAIN
O42 - Logiciel: Skype™ 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: SpaceQuery 1.0 build 133 - (.Pas de propriétaire.) [HKLM] -- SpaceQuery
O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM] -- {3921A67A-5AB1-4E48-9444-C71814CF3027}
O42 - Logiciel: Virtual DJ Home - Atomix Productions - (.Pas de propriétaire.) [HKLM] -- Virtual DJ Home - Atomix Productions
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: YouTube Downloader Suite V2.4.4 - (.Apowersoft.) [HKLM] -- {3FF2F54D-FA3A-406F-9F9E-6CDD95B9A1A9}_is1
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ASProtect]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\AskToolbarInfo]
[HKCU\Software\AppDataLow\Software\AskToolbar]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Ask.com]
[HKCU\Software\Audacity]
[HKCU\Software\BitDefender]
[HKCU\Software\Bugsplat]
[HKCU\Software\CPUID]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CoreAAC]
[HKCU\Software\Cygnus Solutions]
[HKCU\Software\DVD Decrypter]
[HKCU\Software\DVD Shrink]
[HKCU\Software\DVDFab]
[HKCU\Software\Digital River]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\Greentube]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IEBarProperties]
[HKCU\Software\IGA]
[HKCU\Software\IM Providers]
[HKCU\Software\Image-Line]
[HKCU\Software\ImgBurn]
[HKCU\Software\JavaSoft]
[HKCU\Software\Jiwok]
[HKCU\Software\Lavalys]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LowRegistry]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NeroDigital]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\NirSoft]
[HKCU\Software\ODBC]
[HKCU\Software\ORL]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Patchou]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Samsung]
[HKCU\Software\SecuROM]
[HKCU\Software\Serials2K]
[HKCU\Software\SimonTatham]
[HKCU\Software\Skype]
[HKCU\Software\SoftVoice]
[HKCU\Software\Softonic]
[HKCU\Software\TeamViewer]
[HKCU\Software\TuneUp]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\VirtualDJ]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\vítima]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ANI]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Alpha Networks]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Audible]
[HKLM\Software\Avnex]
[HKLM\Software\BitDefender]
[HKLM\Software\BitTorrent]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cygnus Solutions]
[HKLM\Software\D-Link]
[HKLM\Software\DIOC]
[HKLM\Software\DVD Decrypter 3.5.4.0 Fr]
[HKLM\Software\DVDFab]
[HKLM\Software\Electronic Arts]
[HKLM\Software\Florian Heidenreich]
[HKLM\Software\Google]
[HKLM\Software\Image-Line]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Jiwok]
[HKLM\Software\JreMetrics]
[HKLM\Software\Macromedia]
[HKLM\Software\MarkAny]
[HKLM\Software\McAfee.com]
[HKLM\Software\Microids]
[HKLM\Software\MidasHeurScanner]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NEOACT]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\NeroDigital]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\ORL]
[HKLM\Software\OpenCandy NSIS SDK]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Outsim]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\Patchou]

Suite du même rapport :

Code: Tout sélectionner

[HKLM\Software\PocketSoft]
[HKLM\Software\Policies]
[HKLM\Software\RDesc]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\ReflexiveArcade]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Samsung]
[HKLM\Software\Skype]
[HKLM\Software\Sony Creative Software]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\THe UDS]
[HKLM\Software\TeamViewer]
[HKLM\Software\Texas Instruments]
[HKLM\Software\Thomson]
[HKLM\Software\Trolltech]
[HKLM\Software\TuneUp]
[HKLM\Software\VST]
[HKLM\Software\Valve]
[HKLM\Software\VirtualDJ]
[HKLM\Software\Volatile]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Yahoo]
[HKLM\Software\mozilla.org]


---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD: 14/08/2010 - 05:52:48 ----D- C:\Program Files\Adobe
O43 - CFD: 20/01/2010 - 17:27:10 ----D- C:\Program Files\BitDefender
O43 - CFD: 12/03/2010 - 19:03:48 ----D- C:\Program Files\BitTorrent
O43 - CFD: 02/09/2010 - 20:11:04 ----D- C:\Program Files\Bonjour
O43 - CFD: 31/08/2010 - 18:40:38 ----D- C:\Program Files\Common Files
O43 - CFD: 10/07/2010 - 16:55:48 ----D- C:\Program Files\DIFX
O43 - CFD: 14/07/2009 - 16:35:28 ----D- C:\Program Files\DVD Maker
O43 - CFD: 20/01/2010 - 16:16:50 -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 24/11/2010 - 13:45:48 ----D- C:\Program Files\Internet Explorer
O43 - CFD: 14/12/2010 - 11:04:04 ----D- C:\Program Files\iPod
O43 - CFD: 14/12/2010 - 11:04:18 ----D- C:\Program Files\iTunes
O43 - CFD: 14/07/2009 - 16:35:26 ----D- C:\Program Files\Microsoft Games
O43 - CFD: 27/01/2010 - 14:04:22 ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\MSBuild
O43 - CFD: 11/03/2010 - 19:37:00 ----D- C:\Program Files\Neoact
O43 - CFD: 20/01/2010 - 17:03:34 ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 14/07/2009 - 06:09:28 --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Defender
O43 - CFD: 14/07/2009 - 16:35:28 ----D- C:\Program Files\Windows Journal
O43 - CFD: 05/12/2010 - 08:38:46 ----D- C:\Program Files\Windows Live
O43 - CFD: 16/12/2010 - 08:23:24 ----D- C:\Program Files\Windows Mail
O43 - CFD: 14/10/2010 - 17:55:08 ----D- C:\Program Files\Windows Media Player
O43 - CFD: 20/01/2010 - 16:16:50 ----D- C:\Program Files\Windows NT
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 04/08/2010 - 16:45:10 ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 25/01/2010 - 20:12:28 ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 20/01/2010 - 17:27:14 ----D- C:\Program Files\Common Files\BitDefender
O43 - CFD: 31/08/2010 - 18:40:38 ----D- C:\Program Files\Common Files\logishrd
O43 - CFD: 05/12/2010 - 08:38:38 ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Common Files\System
O43 - CFD: 08/10/2010 - 17:50:30 ----D- C:\ProgramData\Adobe
O43 - CFD: 26/01/2010 - 19:01:26 ----D- C:\ProgramData\Age of Empires 3
O43 - CFD: 25/01/2010 - 20:12:12 ----D- C:\ProgramData\Apple
O43 - CFD: 25/01/2010 - 20:13:36 ----D- C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Application Data
O43 - CFD: 06/09/2010 - 11:20:04 ----D- C:\ProgramData\AVS4YOU
O43 - CFD: 20/01/2010 - 17:33:36 ----D- C:\ProgramData\BitDefender
O43 - CFD: 20/01/2010 - 16:16:50 -SH-D- C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Documents
O43 - CFD: 02/05/2010 - 17:58:48 ----D- C:\ProgramData\DVD Shrink
O43 - CFD: 09/05/2010 - 20:01:44 ----D- C:\ProgramData\eMule
O43 - CFD: 20/01/2010 - 16:16:50 -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Favorites
O43 - CFD: 10/03/2010 - 15:02:32 ----D- C:\ProgramData\Google
O43 - CFD: 05/04/2010 - 09:53:32 ----D- C:\ProgramData\InterAction studios
O43 - CFD: 29/10/2010 - 07:09:34 ----D- C:\ProgramData\McAfee
O43 - CFD: 20/01/2010 - 16:16:50 -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 06/03/2010 - 20:30:26 ----D- C:\ProgramData\Messenger Plus!
O43 - CFD: 05/12/2010 - 08:42:08 -S--D- C:\ProgramData\Microsoft
O43 - CFD: 16/12/2010 - 08:23:18 ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 20/01/2010 - 16:16:50 -SH-D- C:\ProgramData\Modèles
O43 - CFD: 20/01/2010 - 16:56:00 ----D- C:\ProgramData\Nero
O43 - CFD: 24/12/2010 - 09:33:50 ----D- C:\ProgramData\NVIDIA
O43 - CFD: 10/07/2010 - 17:32:22 ----D- C:\ProgramData\PC Suite
O43 - CFD: 04/08/2010 - 19:27:06 ----D- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 30/08/2010 - 19:26:34 ----D- C:\ProgramData\Skype
O43 - CFD: 17/11/2010 - 14:34:06 ----D- C:\ProgramData\SpaceQuery
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 10/04/2010 - 16:39:36 ----D- C:\ProgramData\Sun
O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Templates
O43 - CFD: 25/09/2010 - 17:50:06 ----D- C:\ProgramData\TuneUp Software
O43 - CFD: 16/02/2010 - 20:56:16 ----D- C:\ProgramData\WinZip
O43 - CFD: 29/05/2010 - 13:00:50 ----D- C:\ProgramData\Zylom
O43 - CFD: 04/08/2010 - 16:45:10 ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 25/01/2010 - 20:12:28 ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 20/01/2010 - 17:27:14 ----D- C:\Program Files\Common Files\BitDefender
O43 - CFD: 31/08/2010 - 18:40:38 ----D- C:\Program Files\Common Files\logishrd
O43 - CFD: 05/12/2010 - 08:38:38 ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Common Files\System
O43 - CFD: 11/11/2010 - 09:41:02 ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 04/08/2010 - 16:42:32 ----D- C:\Program Files (x86)\Adobe Media Player
O43 - CFD: 20/01/2010 - 16:24:06 ----D- C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 05/11/2010 - 22:40:10 ----D- C:\Program Files (x86)\Apowersoft
O43 - CFD: 02/09/2010 - 20:11:38 ----D- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 19/12/2010 - 08:45:06 ----D- C:\Program Files (x86)\Ask.com
O43 - CFD: 19/12/2010 - 09:15:56 ----D- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
O43 - CFD: 05/09/2010 - 07:52:40 ----D- C:\Program Files (x86)\BitTorrent
O43 - CFD: 02/09/2010 - 20:11:04 ----D- C:\Program Files (x86)\Bonjour
O43 - CFD: 14/12/2010 - 11:03:30 ----D- C:\Program Files (x86)\CCleaner
O43 - CFD: 14/12/2010 - 13:44:00 ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 29/01/2010 - 12:54:30 ----D- C:\Program Files (x86)\Conduit
O43 - CFD: 19/12/2010 - 08:45:42 ----D- C:\Program Files (x86)\FrostWire
O43 - CFD: 27/10/2010 - 08:17:00 ----D- C:\Program Files (x86)\GeoGebra
O43 - CFD: 11/11/2010 - 12:12:56 --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 20/01/2010 - 16:49:52 ----D- C:\Program Files (x86)\Intel
O43 - CFD: 24/11/2010 - 13:45:48 ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 25/09/2010 - 07:40:22 ----D- C:\Program Files (x86)\IObit
O43 - CFD: 14/12/2010 - 11:04:18 ----D- C:\Program Files (x86)\iTunes
O43 - CFD: 05/11/2010 - 22:39:10 ----D- C:\Program Files (x86)\IVCsoft
O43 - CFD: 25/10/2010 - 09:09:20 ----D- C:\Program Files (x86)\Java
O43 - CFD: 20/01/2010 - 16:41:48 ----D- C:\Program Files (x86)\JRE
O43 - CFD: 30/10/2010 - 19:59:38 ----D- C:\Program Files (x86)\LimeWire
O43 - CFD: 10/07/2010 - 17:29:32 ----D- C:\Program Files (x86)\MarkAnyContentSAFER
O43 - CFD: 12/11/2010 - 18:50:58 ----D- C:\Program Files (x86)\Messenger Plus! Live
O43 - CFD: 24/01/2010 - 12:07:56 ----D- C:\Program Files (x86)\Microsoft Games
O43 - CFD: 27/01/2010 - 14:05:58 ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 24/10/2010 - 11:05:08 ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 09/02/2010 - 14:28:50 ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 25/06/2010 - 21:47:22 ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 11/12/2010 - 13:48:16 ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 20/01/2010 - 17:07:16 ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 20/01/2010 - 16:56:00 ----D- C:\Program Files (x86)\Nero
O43 - CFD: 20/01/2010 - 16:24:20 ----D- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 20/01/2010 - 16:41:48 ----D- C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 04/09/2010 - 17:41:16 ----D- C:\Program Files (x86)\Outsim
O43 - CFD: 10/03/2010 - 13:55:12 ----D- C:\Program Files (x86)\Patch MsnCreative
O43 - CFD: 13/07/2010 - 10:34:10 ----D- C:\Program Files (x86)\PC Connectivity Solution
O43 - CFD: 14/12/2010 - 10:18:40 ----D- C:\Program Files (x86)\QuickTime
O43 - CFD: 20/01/2010 - 17:03:28 ----D- C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 12/03/2010 - 19:38:12 ----D- C:\Program Files (x86)\ReflexiveArcade
O43 - CFD: 23/01/2010 - 12:13:44 ----D- C:\Program Files (x86)\ShowMyPCService
O43 - CFD: 30/08/2010 - 19:26:34 R---D- C:\Program Files (x86)\Skype
O43 - CFD: 04/09/2010 - 21:10:34 ----D- C:\Program Files (x86)\Sony
O43 - CFD: 19/11/2010 - 19:01:42 ----D- C:\Program Files (x86)\SpaceQuery
O43 - CFD: 24/10/2010 - 11:18:24 ----D- C:\Program Files (x86)\Steam
O43 - CFD: 20/01/2010 - 17:03:42 --H-D- C:\Program Files (x86)\Temp
O43 - CFD: 14/07/2009 - 05:57:08 --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 30/01/2010 - 19:09:38 ----D- C:\Program Files (x86)\VideoLAN
O43 - CFD: 21/10/2010 - 18:40:48 ----D- C:\Program Files (x86)\VirtualDJ
O43 - CFD: 04/09/2010 - 17:41:24 ----D- C:\Program Files (x86)\VstPlugins
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 05/12/2010 - 08:54:40 ----D- C:\Program Files (x86)\Windows Live
O43 - CFD: 16/12/2010 - 08:23:24 ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 14/10/2010 - 17:55:08 ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 06:32:42 ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 18/02/2010 - 17:01:44 ----D- C:\Program Files (x86)\WinRAR
O43 - CFD: 24/12/2010 - 12:58:10 ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 26/06/2010 - 20:39:52 ----D- C:\Program Files (x86)\Zylom Games
O43 - CFD: 08/10/2010 - 17:50:32 ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 13/12/2010 - 18:36:18 ----D- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 14/12/2010 - 11:04:04 ----D- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 13/10/2010 - 16:56:20 ----D- C:\Program Files (x86)\Common Files\AVSMedia
O43 - CFD: 20/01/2010 - 17:22:12 ----D- C:\Program Files (x86)\Common Files\BitDefender
O43 - CFD: 27/01/2010 - 14:05:58 ----D- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 23/01/2010 - 12:19:14 ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 07/08/2010 - 18:20:32 ----D- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 05/12/2010 - 08:38:18 ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 20/01/2010 - 16:57:40 ----D- C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 30/08/2010 - 19:26:34 ----D- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 24/01/2010 - 14:04:46 ----D- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Common Files\System
O43 - CFD: 24/01/2010 - 16:01:46 ----D- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 14/12/2010 - 13:44:00 ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.6EF88ED20C1E2AE0AA508CA4D8081DB9] - 24/12/2010 - 12:03:58 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.663396BFB3E87F83D6DF05E28771DE3C] - 24/12/2010 - 09:40:57 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0   [15024]
O44 - LFC:[MD5.663396BFB3E87F83D6DF05E28771DE3C] - 24/12/2010 - 09:40:57 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0   [15024]
O44 - LFC:[MD5.B96CC1A0DFE42102D4DF25707FEC1663] - 24/12/2010 - 09:38:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\PerfStringBackup.INI   [1549700]
O44 - LFC:[MD5.B615403C3902AF59E68DCA1A42F85E4B] - 24/12/2010 - 09:38:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc009.dat   [106190]
O44 - LFC:[MD5.0BAF4CE1B5E985DB35614A592CD191CF] - 24/12/2010 - 09:38:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc00C.dat   [130548]
O44 - LFC:[MD5.5053448D83402E79C173AE77F9B0CB78] - 24/12/2010 - 09:38:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh009.dat   [615810]
O44 - LFC:[MD5.26F048BC0840BA8318DE3BAA210F51A5] - 24/12/2010 - 09:38:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh00C.dat   [704242]
O44 - LFC:[MD5.F9A67066F0B66C5DA53B08F0F1C18E25] - 24/12/2010 - 09:33:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log   [5432]
O44 - LFC:[MD5.EDB98905A97720982611F8F4DA404973] - 23/12/2010 - 16:30:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\ashttpstats.csv   [52]
O44 - LFC:[MD5.0A0000000000000000000000D0EE1800] - 23/12/2010 - 16:30:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log   [1380437]
O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 23/12/2010 - 15:37:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\NeroDigital.ini   [69]
O44 - LFC:[MD5.CB39B4C325B38419B930E8900DE1431B] - 16/12/2010 - 13:11:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\FNTCACHE.DAT   [4881528]
O44 - LFC:[MD5.8A7A52A9024E5343C531DA37E867890E] - 16/12/2010 - 08:05:44 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll   [46080]
O44 - LFC:[MD5.8A7A52A9024E5343C531DA37E867890E] - 16/12/2010 - 08:05:44 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll   [34304]
O44 - LFC:[MD5.B2BE9288DC4C3A8532FACCAB7191F71A] - 16/12/2010 - 08:05:44 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll   [367104]
O44 - LFC:[MD5.B2BE9288DC4C3A8532FACCAB7191F71A] - 16/12/2010 - 08:05:44 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll   [294400]
O44 - LFC:[MD5.1F42891D8FCB0D185C6E0BC3420566AB] - 14/12/2010 - 11:07:03 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log   [1716]
O44 - LFC:[MD5.0E84CDEDE5D3CD467F757ECEF9A3F90C] - 08/12/2010 - 14:37:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\lvcoinst.log   [16251]
O44 - LFC:[MD5.081BB32200841F4FCC2A6DE37E36150E] - 27/11/2010 - 09:28:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\bdlog.txt   [198166]


---\\ Export de clé d'application autorisée (ECAA) (O47)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\BitTorrent\bittorrent.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --


---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll


---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"vidc.i420"="lvcodec2.dll" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\SysWOW64\l3codeca.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.siren"="sirenacm.dll" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\Windows\SysWOW64\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio CODEC" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"sirenacm.dll"="Messenger Audio Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)


---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll


---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0


---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "AllowLegacyWebView"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "AllowUnhashedWebView"=1


---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys   [491088]
O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys   [339536]
O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys   [182864]
O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys   [15440]
O58 - SDL:[MD5.7A4B413614C055935567CF88A9734D38] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys   [106576]
O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys   [194128]
O58 - SDL:[MD5.B4AD0CACBAB298671DD6F6EF7E20679D] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys   [28752]
O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys   [87632]
O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys   [97856]
O58 - SDL:[MD5.E857EEE6B92AAA473EBB3465ADD8F7E7] - 20/06/2009 - 03:09:57 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athrx.sys   [1394688]
O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys   [270848]
O58 - SDL:[MD5.F647CDF4123B7E24E33A313E5BFFEFC1] - 10/02/2010 - 14:18:06 ---A- . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender AntiVirus Hypervisor driver.) -- C:\Windows\system32\drivers\bdhv.sys   [102720]
O58 - SDL:[MD5.25B32BD40E3D8706BB3D92681D13236B] - 22/09/2009 - 08:22:06 ---A- . (.BitDefender - FileVault Disk Driver.) -- C:\Windows\system32\drivers\BDVEDISK.sys   [103432]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys   [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys   [8704]
O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys   [286720]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys   [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys   [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys   [14720]
O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys   [468480]
O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys   [17488]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys   [530496]
O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys   [3286016]
O58 - SDL:[MD5.E403AACF8C7BB11375122D2464560311] - 18/05/2009 - 14:17:08 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys   [34152]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys   [31232]
O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 14/07/2009 - 02:47:48 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys   [77888]
O58 - SDL:[MD5.D83EFB6FD45DF9D55E9A1AFC63640D50] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys   [410688]
O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys   [44112]
O58 - SDL:[MD5.2AC603C3188C704CFCE353659AA7AD71] - 20/06/2009 - 03:09:57 ---A- . (.Atheros Communications, Inc. - Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20.) -- C:\Windows\system32\drivers\L1E62x64.sys   [54272]
O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys   [114752]
O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys   [106560]
O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys   [65600]
O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys   [115776]
O58 - SDL:[MD5.4CB64D7458ABD8396BCD389A69C8FC80] - 09/05/2007 - 20:46:36 ---A- . (.Logitech Inc. - Audio filter for Express Plus.) -- C:\Windows\system32\drivers\lv302a64.sys   [16032]
O58 - SDL:[MD5.37EA62238E17AE88E4713D9246CA1C1C] - 09/05/2007 - 20:46:48 ---A- . (.Logitech Inc. - Logitech QuickCam Driver.) -- C:\Windows\system32\drivers\LV302V64.SYS   [1127328]
O58 - SDL:[MD5.0034F69D0007D3F77F6B96FA51228E85] - 09/05/2007 - 20:50:48 ---A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\Windows\system32\drivers\LVUSBS64.sys   [50208]
O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys   [35392]
O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys   [284736]
O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys   [51264]
O58 - SDL:[MD5.17A7E888E330C7DFE59C97BE44DDCF16] - 11/08/2009 - 08:19:18 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda64v.sys   [84000]
O58 - SDL:[MD5.9F365C679A568C94ED7E0A8D92BDE7E0] - 06/08/2009 - 00:50:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 190.45.) -- C:\Windows\system32\drivers\nvlddmkm.sys   [11341216]
O58 - SDL:[MD5.3E38712941E9BB4DDBEE00AFFE3FED3D] - 14/07/2009 - 02:48:27 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys   [149056]
O58 - SDL:[MD5.477DC4D6DEB99BE37084C9AC6D013DA1] - 14/07/2009 - 02:45:45 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys   [167488]
O58 - SDL:[MD5.81B5E63131090879AD6EF9F32109B88D] - 17/09/2007 - 14:53:34 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\system32\drivers\pccsmcfdx64.sys   [29184]
O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys   [1524816]
O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys   [128592]
O58 - SDL:[MD5.D42D651676883181400E22957A7E0B1E] - 20/01/2010 - 17:01:28 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys   [1762080]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys   [23040]
O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys   [43584]
O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys   [80464]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys   [24656]
O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys   [17488]
O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys   [161872]
O58 - SDL:[MD5.392834ADB35DEB199B03AE6A6CAAB23A] - 28/01/2004 - 15:03:26 ---A- . (.Texas Instruments Incorporated - SilvrLnk.sys.) -- C:\Windows\SysWOW64\drivers\SilvrLnk.sys   [21456]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 10/07/2010 - 17:29:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysWOW64\drivers\StarOpen.sys   [5632]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 10/07/2010 - 17:29:19 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys   [16392]
O58 - SDL:[MD5.5F9785E7535F8F602CB294A54962C9E7] - 07/02/2007 - 19:27:46 ---A- . (.Windows (R) Server 2003 DDK provider - SpeedFan Device Driver.) -- C:\Windows\SysWOW64\speedfan.sys   [14104]


---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1


---\\ Liste des services Legacy (LALS) (O64)
O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys (AFD)  .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\bdfm.sys - BDFM (BDFM)  .(.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Virus Control Filter Dri.) - LEGACY_BDFM
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\BdfNdisf6.sys - BitDefender Firewall NDIS 6 Filter Driver (BdfNdisf)  .(.BitDefender LLC - BitDefender Firewall NDIS6 Filter Driver.) - LEGACY_BDFNDISF
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\bdfsfltr.sys - bdfsfltr (bdfsfltr)  .(.BitDefender - BitDefender AntiVirus FS filter driver.) - LEGACY_BDFSFLTR
O64 - Services: CurCS - C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys - bdfwfpf (bdfwfpf)  .(.BitDefender LLC - BitDefender Firewall WFP Filter Driver.) - LEGACY_BDFWFPF
O64 - Services: CurCS - C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys - BDVEDISK (BDVEDISK)  .(.BitDefender - FileVault Disk Driver.) - LEGACY_BDVEDISK
O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep)  .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP
O64 - Services: CurCS - C:\Windows\system32\browser.dll (bowser)  .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs)  .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - C:\Windows\system32\clfs.sys (CLFS)  .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - C:\Windows\System32\Drivers\cng.sys - CNG (CNG)  .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC)  .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - C:\Windows\system32\drivers\discache.sys (discache)  .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl)  .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat)  .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys (FileInfo)  .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys (FltMgr)  .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec)  .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC
O64 - Services: CurCS - C:\Windows\system32\drivers\fvevol.sys (fvevol)  .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - C:\Windows\system32\drivers\http.sys (HTTP)  .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy)  .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecpkg.sys - KSecPkg (KSecPkg)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio)  .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys (luafv)  .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys (mountmgr)  .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv)  .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB
O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb10)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10
O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb20)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs)  .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msisadrv.sys - msisadrv (msisadrv)  .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - C:\Windows\system32\drivers\mup.sys (Mup)  .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\nwifi.sys - NativeWiFi Filter (NativeWifiP)  .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys (NDIS)  .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS Usermode I/O Protocol (Ndisuio)  .(.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy)  .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS)  .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - C:\Windows\system32\drivers\netbt.sys (NetBT)  .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs)  .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy)  .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs)  .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null)  .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\System32\drivers\pcw.sys - Performance Counters for Windows Driver (pcw)  .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW
O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH)  .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (Psched)  .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (rdbss)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD)  .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD)  .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP)  .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr)  .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv)  .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr)  .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR
O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv)  .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV
O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv2)  .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet)  .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg)  .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs)  .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS
O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave)  .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys (volmgrx)  .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\volsnap.sys - Volumes de stockage (volsnap)  .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\vwififlt.sys - Virtual WiFi Filter Driver (vwififlt)  .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT
O64 - Services: CurCS - C:\Windows\system32\rascfg.dll (Wanarpv6)  .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000)  .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wfplwf.sys - WFP Lightweight Filter (WfpLwf)  .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF
O64 - Services: CurCS - C:\Windows\System32\drivers\WudfPf.sys - User Mode Driver Frameworks Platform Driver (WudfPf)  .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF


---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe


---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <>[HKLM\..\Shell\open\Command] (.Pas de propriétaire - Pas de description.) -- (.Not Key.) (.not file.)


---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: prefs.js [Utilisateur - y5z310fz.default] user_pref("extensions.asktb.cbid", "FN");
O69 - SBI: prefs.js [Utilisateur - y5z310fz.default] user_pref("extensions.asktb.default-channel-url-mask", "http://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}");
O69 - SBI: prefs.js [Utilisateur - y5z310fz.default] user_pref("extensions.asktb.dtid", "TES002YYFR");
O69 - SBI: prefs.js [Utilisateur - y5z310fz.default] user_pref("extensions.asktb.fresh-install", false);
O69 - SBI: prefs.js [Utilisateur - y5z310fz.default] user_pref("extensions.asktb.l", "dis");
O69 - SBI: prefs.js [Utilisateur - y5z310fz.default] user_pref("extensions.asktb.last-config-req", "1292746095568");
O69 - SBI: prefs.js [Utilisateur - y5z310fz.default] user_pref("extensions.asktb.locale", "fr_FR");
O69 - SBI: prefs.js [Utilisateur - y5z310fz.default] user_pref("extensions.asktb.o", "14197");
O69 - SBI: prefs.js [Utilisateur - y5z310fz.default] user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
O69 - SBI: prefs.js [Utilisateur - y5z310fz.default] user_pref("extensions.asktb.qsrc", "2871");
O69 - SBI: prefs.js [Utilisateur - y5z310fz.default] user_pref("extensions.asktb.r", "3");
O69 - SBI: prefs.js [Utilisateur - y5z310fz.default] user_pref("extensions.asktb.search-suggestions-enabled", true);
O69 - SBI: prefs.js [Utilisateur - y5z310fz.default] user_pref("extensions.asktb.v", "3.8.0.99999");
O69 - SBI: SearchScopes [HKCU] {05CC4A32-2DE9-444C-B4EE-D4C6805F41FC} [DefaultScope] - (Google) - http://www.google.com/search?hl=en&q={searchTerms}
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O69 - SBI: SearchScopes [HKCU] {0C7DC3F5-531D-4A3F-B73C-340980F44FDE} - (Search) - http://www.mirarsearch.com/?q={searchTerms}&a=SEARCH
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - http://www.bing.com/search?q={searchTerms}&mkt=fr-FR&form=MIMWA5
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Messenger Plus Live Customized Web Search) - http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2124320
O69 - SBI: SearchScopes [HKCU] {CEC0E26D-3CD3-49AC-AE9F-4B2597897818} - (Yahoo! Search) - http://fr.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}


---\\ Recherche des services démarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [0]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [0]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [0]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll   [0]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [0]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [0]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [0]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [0]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [0]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [241664]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll   [0]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll   [0]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [0]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [0]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll   [0]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll   [0]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\system32\sessenv.dll   [99328]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll   [0]


---\\ Recherche particuliere à la racine de certains dossiers (SPRF) (O84)
[MD5.16E53BFC96CE14021C0E07EB1C198478] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Utilisateur\AppData\Roaming\inst.exe   [99384]
[MD5.AF7CE12C4F3DC8CB2B07685C916BBCFE] [SPRF] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Users\Utilisateur\AppData\Roaming\pcouffin.sys   [82816]


---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 16/10/2010 37664 | "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Demand 19/10/2009 278224 | "C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe (Arrakis3) . (.BitDefender S.R.L. http://www.bitdefender.c.) - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
SR - | Auto 27/07/2010 345376 | "C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Bonjour Service) . (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
SS - | Demand 04/04/2005 69632 | "C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Demand 17/11/2010 932640 | "C:\Program Files\iPod\bin\iPodService.exe (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 21/03/2010 405920 | "C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (LIVESRV) . (.BitDefender S.R.L..) - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
SR - | Auto 18/02/2008 877864 | C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
SR - | Auto 19/12/2006 81920 | C:\Windows\SysWOW64\IoctlSvc.exe (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\SysWOW64\IoctlSvc.exe
SS - | Demand 14/07/2009 20992 | C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (scan) . (.S.C. BitDefender S.R.L.) - C:\Windows\System32\svchost.exe
SS - | Demand 07/04/2008 430592 | "C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (ServiceLayer) . (.Nokia..) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
SS - | Demand 24/01/2010 326792 | C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 06/08/2009 239648 | C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SS - | Demand 19/02/2010 517096 | "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SR - | Auto 03/04/2010 2299656 | "C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe (VSSERV) . (.BitDefender S.R.L..) - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
SS - | Demand 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe


---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, http://www.gmer.net
Run by Utilisateur at 24/12/2010 12:58:29

device: opened successfully
user: error reading MBR

Disk trace:
error: Read  Descripteur non valide
kernel: error reading MBR


---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Utilisateur at 24/12/2010 12:58:29
Use the desktop link 'MBRCheck' to have full report



---\\ Infection BT - BHO/Toolbar (Possible)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: FrostWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE}
[HKCU\Software\Ask.com]
O69 - SBI: prefs.js [Utilisateur - y5z310fz.default] user_pref("extensions.asktb.default-channel-url-mask", "http://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}");



End of the scan (1041 lines in 00mn 23s)(0)

[charles136]

Voilà !
Donc je suppose que je dois attendre que tu me dises de faire qqch..?

[Del-crosseur]

re , on a du boulot

• Peux-tu stp te rendre sur le premier message que tu as poster afin de modifier le titre de ton topic (sujet).
  
• Pour cela clique sur l'icône "EDITER", tape ce nouveau titre "Infection Ask".
  
• Valide en cliquant sur "Envoyer"

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ __ _ _ _ _ _ _ _ _ _ __ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ __ _ _ _ _ _ _ _

• Télécharge AD-Remover (de C_XX) sur ton Bureau.
:!: Déconnecte toi et ferme toutes les applications en cours :!:
• Double-clique sur l'icône AD-Remover
• Au menu principal, clique sur "SCAN"
• Confirme le lancement de l'analyse et laisse l'outil travailler
• Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-Scan.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

[Skynet]

(désolé si je ne vais pas super vite...)
voilà la suite :

Code: Tout sélectionner

======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 22/12/10 à 11:40
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 13:25:40 le 24/12/2010, Mode normal

Microsoft Windows 7 Édition Familiale Premium   (X64)
Utilisateur@CHARLES-PC (System manufacturer System Product Name)
 
============== RECHERCHE ==============


Dossier trouvé: C:\Program Files (x86)\Mozilla Firefox\extensions\searchsettings@spigot.com
Dossier trouvé: C:\Program Files (x86)\Ask.com
Dossier trouvé: C:\Program Files (x86)\Conduit
Dossier trouvé: C:\Users\Utilisateur\AppData\Roaming\GabPath
Dossier trouvé: C:\ProgramData\spacequery
Dossier trouvé: C:\Program Files (x86)\spacequery

-- Fichier ouvert: C:\Users\Utilisateur\AppData\Roaming\Mozilla\FireFox\Profiles\y5z310fz.default\Prefs.js --
Ligne trouvée: user_pref("extensions.asktb.cbid", "FN");
Ligne trouvée: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&...
Ligne trouvée: user_pref("extensions.asktb.dtid", "TES002YYFR");
Ligne trouvée: user_pref("extensions.asktb.fresh-install", false);
Ligne trouvée: user_pref("extensions.asktb.l", "dis");
Ligne trouvée: user_pref("extensions.asktb.last-config-req", "1292746095568");
Ligne trouvée: user_pref("extensions.asktb.locale", "fr_FR");
Ligne trouvée: user_pref("extensions.asktb.o", "14197");
Ligne trouvée: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Ligne trouvée: user_pref("extensions.asktb.qsrc", "2871");
Ligne trouvée: user_pref("extensions.asktb.r", "3");
Ligne trouvée: user_pref("extensions.asktb.search-suggestions-enabled", true);
Ligne trouvée: user_pref("extensions.asktb.v", "3.8.0.99999");
-- Fichier Fermé --
 

Clé trouvée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Clé trouvée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Clé trouvée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Clé trouvée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Clé trouvée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{38C0503E-33E8-4C9A-8DE0-6A975F9BAFDC}
Clé trouvée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Clé trouvée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2124320
Clé trouvée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Clé trouvée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Clé trouvée: HKLM\Software\spacequery
Clé trouvée: HKCU\Software\Ask.com
Clé trouvée: HKCU\Software\IEBarProperties
Clé trouvée: HKCU\Software\AppDataLow\AskToolbarInfo
Clé trouvée: HKCU\Software\AppDataLow\Software\AskToolbar
Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
Clé trouvée: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0C7DC3F5-531D-4A3F-B73C-340980F44FDE}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0C7DC3F5-531D-4A3F-B73C-340980F44FDE}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.13 (fr)] **

-- C:\Users\Utilisateur\AppData\Roaming\Mozilla\FireFox\Profiles\y5z310fz.default\Prefs.js --
browser.startup.homepage, http://www.google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.13

========================================

** Internet Explorer Version [8.0.7600.16385] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://www.mirarsearch.com/?useie5=1&q=
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Show_ToolBar: yes
Start Page: about:blank
Use Custom Search URL: 1

[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Search bar: hxxp://www.mirarsearch.com/?useie5=1&q=
Start Page: about:blank
Use Custom Search URL: 1

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 24/12/2010 (5445 Octet(s))

Fin à: 13:26:22, 24/12/2010
 
============== E.O.F ==============

[charles136]

et pourquoi tu m'as fait changer le titre en "Infection ask" ?
Comment tu sais que c'est une infection ask ?

[Skynet]

Bonjour,

merci de lire les consignes en haut du sujet.

Cordialement.

[Del-crosseur]

Je suis surement Voyant non ?

Relance AD-REMOVER en choisissant l'option "Nettoyer"

[charles136]

Oui, je ferais attention maintenant. Je n'avais pas vu.

[charles136]

Code: Tout sélectionner

======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 22/12/10 à 11:40
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 13:41:11 le 24/12/2010, Mode normal

Microsoft Windows 7 Édition Familiale Premium   (X64)
Utilisateur@CHARLES-PC (System manufacturer System Product Name)
 
============== ACTION(S) ==============



(!) -- Fichiers temporaires supprimés.




============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.13 (fr)] **

-- C:\Users\Utilisateur\AppData\Roaming\Mozilla\FireFox\Profiles\y5z310fz.default\Prefs.js --
browser.startup.homepage, www.google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.13

========================================

** Internet Explorer Version [8.0.7600.16385] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1

[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 10 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 17 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 24/12/2010 (6151 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 24/12/2010 (2139 Octet(s))
C:\Ad-Report-SCAN[1].txt - 24/12/2010 (5574 Octet(s))

Fin à: 13:41:58, 24/12/2010
 
============== E.O.F ==============


[charles136]

Je devrais peut-être refaire une analyse pour voir s'ils sont supprimés non ?

[Del-crosseur]

Attententen

Tu ma tous mélanger la ...

Tu m'a lancer 2 fois l'option "Nettoyer" donne moi l'autre rapport ( Clean 1 )

[charles136]

Ah oui, exacte :

Code: Tout sélectionner

======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 22/12/10 à 11:40
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 13:39:01 le 24/12/2010, Mode normal

Microsoft Windows 7 Édition Familiale Premium   (X64)
Utilisateur@CHARLES-PC (System manufacturer System Product Name)
 
============== ACTION(S) ==============


Dossier supprimé: C:\Program Files (x86)\Mozilla Firefox\extensions\searchsettings@spigot.com
Dossier supprimé: C:\Program Files (x86)\Ask.com
Dossier supprimé: C:\Program Files (x86)\Conduit
Dossier supprimé: C:\Users\Utilisateur\AppData\Roaming\GabPath
Dossier supprimé: C:\ProgramData\spacequery
Dossier supprimé: C:\Program Files (x86)\spacequery

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Users\Utilisateur\AppData\Roaming\Mozilla\FireFox\Profiles\y5z310fz.default\Prefs.js --
Ligne supprimée: 
Ligne supprimée: 
Ligne supprimée: user_pref("extensions.asktb.cbid", "FN");
Ligne supprimée: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&...
Ligne supprimée: user_pref("extensions.asktb.dtid", "TES002YYFR");
Ligne supprimée: user_pref("extensions.asktb.fresh-install", false);
Ligne supprimée: user_pref("extensions.asktb.l", "dis");
Ligne supprimée: user_pref("extensions.asktb.last-config-req", "1292746095568");
Ligne supprimée: user_pref("extensions.asktb.locale", "fr_FR");
Ligne supprimée: user_pref("extensions.asktb.o", "14197");
Ligne supprimée: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Ligne supprimée: user_pref("extensions.asktb.qsrc", "2871");
Ligne supprimée: user_pref("extensions.asktb.r", "3");
Ligne supprimée: user_pref("extensions.asktb.search-suggestions-enabled", true);
Ligne supprimée: user_pref("extensions.asktb.v", "3.8.0.99999");
-- Fichier Fermé --
 

Clé supprimée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Clé supprimée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Clé supprimée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Clé supprimée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Clé supprimée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{38C0503E-33E8-4C9A-8DE0-6A975F9BAFDC}
Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2124320
Clé supprimée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Clé supprimée: HKLM\Software\spacequery
Clé supprimée: HKCU\Software\Ask.com
Clé supprimée: HKCU\Software\IEBarProperties
Clé supprimée: HKCU\Software\AppDataLow\AskToolbarInfo
Clé supprimée: HKCU\Software\AppDataLow\Software\AskToolbar
Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit
Clé supprimée: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0C7DC3F5-531D-4A3F-B73C-340980F44FDE}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0C7DC3F5-531D-4A3F-B73C-340980F44FDE}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.13 (fr)] **

-- C:\Users\Utilisateur\AppData\Roaming\Mozilla\FireFox\Profiles\y5z310fz.default\Prefs.js --
browser.startup.homepage, www.google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.13

========================================

** Internet Explorer Version [8.0.7600.16385] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1

[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 10 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 17 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 24/12/2010 (5965 Octet(s))
C:\Ad-Report-SCAN[1].txt - 24/12/2010 (5574 Octet(s))

Fin à: 13:39:44, 24/12/2010
 
============== E.O.F ==============